mirror of
https://github.com/jech/galene.git
synced 2024-11-23 00:55:58 +01:00
Store password in client structure.
No need to carry password around.
This commit is contained in:
parent
6a37033ca8
commit
6bde5f986a
5 changed files with 53 additions and 47 deletions
|
@ -1,9 +1,14 @@
|
||||||
package main
|
package main
|
||||||
|
|
||||||
|
type clientCredentials struct {
|
||||||
|
Username string `json:"username,omitempty"`
|
||||||
|
Password string `json:"password,omitempty"`
|
||||||
|
}
|
||||||
|
|
||||||
type client interface {
|
type client interface {
|
||||||
Group() *group
|
Group() *group
|
||||||
Id() string
|
Id() string
|
||||||
Username() string
|
Credentials() clientCredentials
|
||||||
pushConn(id string, conn upConnection, tracks []upTrack, label string) error
|
pushConn(id string, conn upConnection, tracks []upTrack, label string) error
|
||||||
pushClient(id, username string, add bool) error
|
pushClient(id, username string, add bool) error
|
||||||
}
|
}
|
||||||
|
|
4
disk.go
4
disk.go
|
@ -32,8 +32,8 @@ func (client *diskClient) Id() string {
|
||||||
return client.id
|
return client.id
|
||||||
}
|
}
|
||||||
|
|
||||||
func (client *diskClient) Username() string {
|
func (client *diskClient) Credentials() clientCredentials {
|
||||||
return "RECORDING"
|
return clientCredentials{"RECORDING", ""}
|
||||||
}
|
}
|
||||||
|
|
||||||
func (client *diskClient) pushClient(id, username string, add bool) error {
|
func (client *diskClient) pushClient(id, username string, add bool) error {
|
||||||
|
|
62
group.go
62
group.go
|
@ -180,13 +180,13 @@ func delGroupUnlocked(name string) bool {
|
||||||
return true
|
return true
|
||||||
}
|
}
|
||||||
|
|
||||||
func addClient(name string, c client, pass string) (*group, error) {
|
func addClient(name string, c client) (*group, error) {
|
||||||
g, err := addGroup(name, nil)
|
g, err := addGroup(name, nil)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
|
|
||||||
perms, err := getPermission(g.description, c.Username(), pass)
|
perms, err := getPermission(g.description, c.Credentials())
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
|
@ -214,13 +214,15 @@ func addClient(name string, c client, pass string) (*group, error) {
|
||||||
g.clients[c.Id()] = c
|
g.clients[c.Id()] = c
|
||||||
|
|
||||||
go func(clients []client) {
|
go func(clients []client) {
|
||||||
c.pushClient(c.Id(), c.Username(), true)
|
u := c.Credentials().Username
|
||||||
|
c.pushClient(c.Id(), u, true)
|
||||||
for _, cc := range clients {
|
for _, cc := range clients {
|
||||||
err := c.pushClient(cc.Id(), cc.Username(), true)
|
uu := cc.Credentials().Username
|
||||||
|
err := c.pushClient(cc.Id(), uu, true)
|
||||||
if err == ErrClientDead {
|
if err == ErrClientDead {
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
cc.pushClient(c.Id(), c.Username(), true)
|
cc.pushClient(c.Id(), u, true)
|
||||||
}
|
}
|
||||||
}(g.getClientsUnlocked(c))
|
}(g.getClientsUnlocked(c))
|
||||||
|
|
||||||
|
@ -240,7 +242,7 @@ func delClient(c client) {
|
||||||
|
|
||||||
go func(clients []client) {
|
go func(clients []client) {
|
||||||
for _, cc := range clients {
|
for _, cc := range clients {
|
||||||
cc.pushClient(c.Id(), c.Username(), false)
|
cc.pushClient(c.Id(), c.Credentials().Username, false)
|
||||||
}
|
}
|
||||||
}(g.getClientsUnlocked(nil))
|
}(g.getClientsUnlocked(nil))
|
||||||
}
|
}
|
||||||
|
@ -311,35 +313,31 @@ func (g *group) getChatHistory() []chatHistoryEntry {
|
||||||
return h
|
return h
|
||||||
}
|
}
|
||||||
|
|
||||||
type groupUser struct {
|
func matchUser(user clientCredentials, users []clientCredentials) (bool, bool) {
|
||||||
Username string `json:"username,omitempty"`
|
|
||||||
Password string `json:"password,omitempty"`
|
|
||||||
}
|
|
||||||
|
|
||||||
func matchUser(user, pass string, users []groupUser) (bool, bool) {
|
|
||||||
for _, u := range users {
|
for _, u := range users {
|
||||||
if u.Username == "" {
|
if u.Username == "" {
|
||||||
if u.Password == "" || u.Password == pass {
|
if u.Password == "" || u.Password == user.Password {
|
||||||
return true, true
|
return true, true
|
||||||
}
|
}
|
||||||
} else if u.Username == user {
|
} else if u.Username == user.Username {
|
||||||
return true, (u.Password == "" || u.Password == pass)
|
return true,
|
||||||
|
(u.Password == "" || u.Password == user.Password)
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
return false, false
|
return false, false
|
||||||
}
|
}
|
||||||
|
|
||||||
type groupDescription struct {
|
type groupDescription struct {
|
||||||
loadTime time.Time `json:"-"`
|
loadTime time.Time `json:"-"`
|
||||||
modTime time.Time `json:"-"`
|
modTime time.Time `json:"-"`
|
||||||
fileSize int64 `json:"-"`
|
fileSize int64 `json:"-"`
|
||||||
Public bool `json:"public,omitempty"`
|
Public bool `json:"public,omitempty"`
|
||||||
MaxClients int `json:"max-clients,omitempty"`
|
MaxClients int `json:"max-clients,omitempty"`
|
||||||
AllowAnonymous bool `json:"allow-anonymous,omitempty"`
|
AllowAnonymous bool `json:"allow-anonymous,omitempty"`
|
||||||
AllowRecording bool `json:"allow-recording,omitempty"`
|
AllowRecording bool `json:"allow-recording,omitempty"`
|
||||||
Op []groupUser `json:"op,omitempty"`
|
Op []clientCredentials `json:"op,omitempty"`
|
||||||
Presenter []groupUser `json:"presenter,omitempty"`
|
Presenter []clientCredentials `json:"presenter,omitempty"`
|
||||||
Other []groupUser `json:"other,omitempty"`
|
Other []clientCredentials `json:"other,omitempty"`
|
||||||
}
|
}
|
||||||
|
|
||||||
func descriptionChanged(name string, old *groupDescription) (bool, error) {
|
func descriptionChanged(name string, old *groupDescription) (bool, error) {
|
||||||
|
@ -384,18 +382,18 @@ func getDescription(name string) (*groupDescription, error) {
|
||||||
return &desc, nil
|
return &desc, nil
|
||||||
}
|
}
|
||||||
|
|
||||||
type userPermission struct {
|
type clientPermission struct {
|
||||||
Op bool `json:"op,omitempty"`
|
Op bool `json:"op,omitempty"`
|
||||||
Present bool `json:"present,omitempty"`
|
Present bool `json:"present,omitempty"`
|
||||||
Record bool `json:"record,omitempty"`
|
Record bool `json:"record,omitempty"`
|
||||||
}
|
}
|
||||||
|
|
||||||
func getPermission(desc *groupDescription, user, pass string) (userPermission, error) {
|
func getPermission(desc *groupDescription, creds clientCredentials) (clientPermission, error) {
|
||||||
var p userPermission
|
var p clientPermission
|
||||||
if !desc.AllowAnonymous && user == "" {
|
if !desc.AllowAnonymous && creds.Username == "" {
|
||||||
return p, userError("anonymous users not allowed in this group, please choose a username")
|
return p, userError("anonymous users not allowed in this group, please choose a username")
|
||||||
}
|
}
|
||||||
if found, good := matchUser(user, pass, desc.Op); found {
|
if found, good := matchUser(creds, desc.Op); found {
|
||||||
if good {
|
if good {
|
||||||
p.Op = true
|
p.Op = true
|
||||||
p.Present = true
|
p.Present = true
|
||||||
|
@ -406,14 +404,14 @@ func getPermission(desc *groupDescription, user, pass string) (userPermission, e
|
||||||
}
|
}
|
||||||
return p, userError("not authorised")
|
return p, userError("not authorised")
|
||||||
}
|
}
|
||||||
if found, good := matchUser(user, pass, desc.Presenter); found {
|
if found, good := matchUser(creds, desc.Presenter); found {
|
||||||
if good {
|
if good {
|
||||||
p.Present = true
|
p.Present = true
|
||||||
return p, nil
|
return p, nil
|
||||||
}
|
}
|
||||||
return p, userError("not authorised")
|
return p, userError("not authorised")
|
||||||
}
|
}
|
||||||
if found, good := matchUser(user, pass, desc.Other); found {
|
if found, good := matchUser(creds, desc.Other); found {
|
||||||
if good {
|
if good {
|
||||||
return p, nil
|
return p, nil
|
||||||
}
|
}
|
||||||
|
|
25
webclient.go
25
webclient.go
|
@ -86,8 +86,8 @@ func isWSNormalError(err error) bool {
|
||||||
type webClient struct {
|
type webClient struct {
|
||||||
group *group
|
group *group
|
||||||
id string
|
id string
|
||||||
username string
|
credentials clientCredentials
|
||||||
permissions userPermission
|
permissions clientPermission
|
||||||
requested map[string]uint32
|
requested map[string]uint32
|
||||||
done chan struct{}
|
done chan struct{}
|
||||||
writeCh chan interface{}
|
writeCh chan interface{}
|
||||||
|
@ -107,8 +107,8 @@ func (c *webClient) Id() string {
|
||||||
return c.id
|
return c.id
|
||||||
}
|
}
|
||||||
|
|
||||||
func (c *webClient) Username() string {
|
func (c *webClient) Credentials() clientCredentials {
|
||||||
return c.username
|
return c.credentials
|
||||||
}
|
}
|
||||||
|
|
||||||
func (c *webClient) pushClient(id, username string, add bool) error {
|
func (c *webClient) pushClient(id, username string, add bool) error {
|
||||||
|
@ -172,7 +172,7 @@ type clientMessage struct {
|
||||||
Id string `json:"id,omitempty"`
|
Id string `json:"id,omitempty"`
|
||||||
Username string `json:"username,omitempty"`
|
Username string `json:"username,omitempty"`
|
||||||
Password string `json:"password,omitempty"`
|
Password string `json:"password,omitempty"`
|
||||||
Permissions userPermission `json:"permissions,omitempty"`
|
Permissions clientPermission `json:"permissions,omitempty"`
|
||||||
Group string `json:"group,omitempty"`
|
Group string `json:"group,omitempty"`
|
||||||
Value string `json:"value,omitempty"`
|
Value string `json:"value,omitempty"`
|
||||||
Me bool `json:"me,omitempty"`
|
Me bool `json:"me,omitempty"`
|
||||||
|
@ -461,8 +461,8 @@ func gotOffer(c *webClient, id string, offer webrtc.SessionDescription, renegoti
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
|
|
||||||
if c.username != "" {
|
if u := c.Credentials().Username; u != "" {
|
||||||
up.label = c.username
|
up.label = u
|
||||||
}
|
}
|
||||||
err = up.pc.SetRemoteDescription(offer)
|
err = up.pc.SetRemoteDescription(offer)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
|
@ -630,8 +630,11 @@ func startClient(conn *websocket.Conn) (err error) {
|
||||||
}
|
}
|
||||||
|
|
||||||
c := &webClient{
|
c := &webClient{
|
||||||
id: m.Id,
|
id: m.Id,
|
||||||
username: m.Username,
|
credentials: clientCredentials{
|
||||||
|
m.Username,
|
||||||
|
m.Password,
|
||||||
|
},
|
||||||
actionCh: make(chan interface{}, 10),
|
actionCh: make(chan interface{}, 10),
|
||||||
done: make(chan struct{}),
|
done: make(chan struct{}),
|
||||||
}
|
}
|
||||||
|
@ -662,7 +665,7 @@ func startClient(conn *websocket.Conn) (err error) {
|
||||||
c.writerDone = make(chan struct{})
|
c.writerDone = make(chan struct{})
|
||||||
go clientWriter(conn, c.writeCh, c.writerDone)
|
go clientWriter(conn, c.writeCh, c.writerDone)
|
||||||
|
|
||||||
g, err := addClient(m.Group, c, m.Password)
|
g, err := addClient(m.Group, c)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
@ -1015,7 +1018,7 @@ func handleClientMessage(c *webClient, m clientMessage) error {
|
||||||
group: c.group,
|
group: c.group,
|
||||||
id: "recording",
|
id: "recording",
|
||||||
}
|
}
|
||||||
_, err := addClient(c.group.name, disk, "")
|
_, err := addClient(c.group.name, disk)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
disk.Close()
|
disk.Close()
|
||||||
return c.error(err)
|
return c.error(err)
|
||||||
|
|
|
@ -334,7 +334,7 @@ func checkGroupPermissions(w http.ResponseWriter, r *http.Request, group string)
|
||||||
return false
|
return false
|
||||||
}
|
}
|
||||||
|
|
||||||
p, err := getPermission(desc, user, pass)
|
p, err := getPermission(desc, clientCredentials{user, pass})
|
||||||
if err != nil || !p.Record {
|
if err != nil || !p.Record {
|
||||||
return false
|
return false
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue