1
Fork 0
mirror of https://github.com/jech/galene.git synced 2024-11-22 16:45:58 +01:00

Store password in client structure.

No need to carry password around.
This commit is contained in:
Juliusz Chroboczek 2020-08-12 11:28:49 +02:00
parent 6a37033ca8
commit 6bde5f986a
5 changed files with 53 additions and 47 deletions

View file

@ -1,9 +1,14 @@
package main package main
type clientCredentials struct {
Username string `json:"username,omitempty"`
Password string `json:"password,omitempty"`
}
type client interface { type client interface {
Group() *group Group() *group
Id() string Id() string
Username() string Credentials() clientCredentials
pushConn(id string, conn upConnection, tracks []upTrack, label string) error pushConn(id string, conn upConnection, tracks []upTrack, label string) error
pushClient(id, username string, add bool) error pushClient(id, username string, add bool) error
} }

View file

@ -32,8 +32,8 @@ func (client *diskClient) Id() string {
return client.id return client.id
} }
func (client *diskClient) Username() string { func (client *diskClient) Credentials() clientCredentials {
return "RECORDING" return clientCredentials{"RECORDING", ""}
} }
func (client *diskClient) pushClient(id, username string, add bool) error { func (client *diskClient) pushClient(id, username string, add bool) error {

View file

@ -180,13 +180,13 @@ func delGroupUnlocked(name string) bool {
return true return true
} }
func addClient(name string, c client, pass string) (*group, error) { func addClient(name string, c client) (*group, error) {
g, err := addGroup(name, nil) g, err := addGroup(name, nil)
if err != nil { if err != nil {
return nil, err return nil, err
} }
perms, err := getPermission(g.description, c.Username(), pass) perms, err := getPermission(g.description, c.Credentials())
if err != nil { if err != nil {
return nil, err return nil, err
} }
@ -214,13 +214,15 @@ func addClient(name string, c client, pass string) (*group, error) {
g.clients[c.Id()] = c g.clients[c.Id()] = c
go func(clients []client) { go func(clients []client) {
c.pushClient(c.Id(), c.Username(), true) u := c.Credentials().Username
c.pushClient(c.Id(), u, true)
for _, cc := range clients { for _, cc := range clients {
err := c.pushClient(cc.Id(), cc.Username(), true) uu := cc.Credentials().Username
err := c.pushClient(cc.Id(), uu, true)
if err == ErrClientDead { if err == ErrClientDead {
return return
} }
cc.pushClient(c.Id(), c.Username(), true) cc.pushClient(c.Id(), u, true)
} }
}(g.getClientsUnlocked(c)) }(g.getClientsUnlocked(c))
@ -240,7 +242,7 @@ func delClient(c client) {
go func(clients []client) { go func(clients []client) {
for _, cc := range clients { for _, cc := range clients {
cc.pushClient(c.Id(), c.Username(), false) cc.pushClient(c.Id(), c.Credentials().Username, false)
} }
}(g.getClientsUnlocked(nil)) }(g.getClientsUnlocked(nil))
} }
@ -311,35 +313,31 @@ func (g *group) getChatHistory() []chatHistoryEntry {
return h return h
} }
type groupUser struct { func matchUser(user clientCredentials, users []clientCredentials) (bool, bool) {
Username string `json:"username,omitempty"`
Password string `json:"password,omitempty"`
}
func matchUser(user, pass string, users []groupUser) (bool, bool) {
for _, u := range users { for _, u := range users {
if u.Username == "" { if u.Username == "" {
if u.Password == "" || u.Password == pass { if u.Password == "" || u.Password == user.Password {
return true, true return true, true
} }
} else if u.Username == user { } else if u.Username == user.Username {
return true, (u.Password == "" || u.Password == pass) return true,
(u.Password == "" || u.Password == user.Password)
} }
} }
return false, false return false, false
} }
type groupDescription struct { type groupDescription struct {
loadTime time.Time `json:"-"` loadTime time.Time `json:"-"`
modTime time.Time `json:"-"` modTime time.Time `json:"-"`
fileSize int64 `json:"-"` fileSize int64 `json:"-"`
Public bool `json:"public,omitempty"` Public bool `json:"public,omitempty"`
MaxClients int `json:"max-clients,omitempty"` MaxClients int `json:"max-clients,omitempty"`
AllowAnonymous bool `json:"allow-anonymous,omitempty"` AllowAnonymous bool `json:"allow-anonymous,omitempty"`
AllowRecording bool `json:"allow-recording,omitempty"` AllowRecording bool `json:"allow-recording,omitempty"`
Op []groupUser `json:"op,omitempty"` Op []clientCredentials `json:"op,omitempty"`
Presenter []groupUser `json:"presenter,omitempty"` Presenter []clientCredentials `json:"presenter,omitempty"`
Other []groupUser `json:"other,omitempty"` Other []clientCredentials `json:"other,omitempty"`
} }
func descriptionChanged(name string, old *groupDescription) (bool, error) { func descriptionChanged(name string, old *groupDescription) (bool, error) {
@ -384,18 +382,18 @@ func getDescription(name string) (*groupDescription, error) {
return &desc, nil return &desc, nil
} }
type userPermission struct { type clientPermission struct {
Op bool `json:"op,omitempty"` Op bool `json:"op,omitempty"`
Present bool `json:"present,omitempty"` Present bool `json:"present,omitempty"`
Record bool `json:"record,omitempty"` Record bool `json:"record,omitempty"`
} }
func getPermission(desc *groupDescription, user, pass string) (userPermission, error) { func getPermission(desc *groupDescription, creds clientCredentials) (clientPermission, error) {
var p userPermission var p clientPermission
if !desc.AllowAnonymous && user == "" { if !desc.AllowAnonymous && creds.Username == "" {
return p, userError("anonymous users not allowed in this group, please choose a username") return p, userError("anonymous users not allowed in this group, please choose a username")
} }
if found, good := matchUser(user, pass, desc.Op); found { if found, good := matchUser(creds, desc.Op); found {
if good { if good {
p.Op = true p.Op = true
p.Present = true p.Present = true
@ -406,14 +404,14 @@ func getPermission(desc *groupDescription, user, pass string) (userPermission, e
} }
return p, userError("not authorised") return p, userError("not authorised")
} }
if found, good := matchUser(user, pass, desc.Presenter); found { if found, good := matchUser(creds, desc.Presenter); found {
if good { if good {
p.Present = true p.Present = true
return p, nil return p, nil
} }
return p, userError("not authorised") return p, userError("not authorised")
} }
if found, good := matchUser(user, pass, desc.Other); found { if found, good := matchUser(creds, desc.Other); found {
if good { if good {
return p, nil return p, nil
} }

View file

@ -86,8 +86,8 @@ func isWSNormalError(err error) bool {
type webClient struct { type webClient struct {
group *group group *group
id string id string
username string credentials clientCredentials
permissions userPermission permissions clientPermission
requested map[string]uint32 requested map[string]uint32
done chan struct{} done chan struct{}
writeCh chan interface{} writeCh chan interface{}
@ -107,8 +107,8 @@ func (c *webClient) Id() string {
return c.id return c.id
} }
func (c *webClient) Username() string { func (c *webClient) Credentials() clientCredentials {
return c.username return c.credentials
} }
func (c *webClient) pushClient(id, username string, add bool) error { func (c *webClient) pushClient(id, username string, add bool) error {
@ -172,7 +172,7 @@ type clientMessage struct {
Id string `json:"id,omitempty"` Id string `json:"id,omitempty"`
Username string `json:"username,omitempty"` Username string `json:"username,omitempty"`
Password string `json:"password,omitempty"` Password string `json:"password,omitempty"`
Permissions userPermission `json:"permissions,omitempty"` Permissions clientPermission `json:"permissions,omitempty"`
Group string `json:"group,omitempty"` Group string `json:"group,omitempty"`
Value string `json:"value,omitempty"` Value string `json:"value,omitempty"`
Me bool `json:"me,omitempty"` Me bool `json:"me,omitempty"`
@ -461,8 +461,8 @@ func gotOffer(c *webClient, id string, offer webrtc.SessionDescription, renegoti
return err return err
} }
if c.username != "" { if u := c.Credentials().Username; u != "" {
up.label = c.username up.label = u
} }
err = up.pc.SetRemoteDescription(offer) err = up.pc.SetRemoteDescription(offer)
if err != nil { if err != nil {
@ -630,8 +630,11 @@ func startClient(conn *websocket.Conn) (err error) {
} }
c := &webClient{ c := &webClient{
id: m.Id, id: m.Id,
username: m.Username, credentials: clientCredentials{
m.Username,
m.Password,
},
actionCh: make(chan interface{}, 10), actionCh: make(chan interface{}, 10),
done: make(chan struct{}), done: make(chan struct{}),
} }
@ -662,7 +665,7 @@ func startClient(conn *websocket.Conn) (err error) {
c.writerDone = make(chan struct{}) c.writerDone = make(chan struct{})
go clientWriter(conn, c.writeCh, c.writerDone) go clientWriter(conn, c.writeCh, c.writerDone)
g, err := addClient(m.Group, c, m.Password) g, err := addClient(m.Group, c)
if err != nil { if err != nil {
return return
} }
@ -1015,7 +1018,7 @@ func handleClientMessage(c *webClient, m clientMessage) error {
group: c.group, group: c.group,
id: "recording", id: "recording",
} }
_, err := addClient(c.group.name, disk, "") _, err := addClient(c.group.name, disk)
if err != nil { if err != nil {
disk.Close() disk.Close()
return c.error(err) return c.error(err)

View file

@ -334,7 +334,7 @@ func checkGroupPermissions(w http.ResponseWriter, r *http.Request, group string)
return false return false
} }
p, err := getPermission(desc, user, pass) p, err := getPermission(desc, clientCredentials{user, pass})
if err != nil || !p.Record { if err != nil || !p.Record {
return false return false
} }