scottk/databunker
1
0
Fork 0
mirror of https://github.com/optim-enterprises-bv/databunker.git synced 2025-10-31 18:07:47 +00:00
Code Issues Packages Projects Releases Wiki Activity

adding session API

Browse Source
This commit is contained in:
stremovsky
2019-12-16 19:58:09 +02:00
parent c77a67960a
commit e9693ca98f
4 changed files with 77 additions and 24 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
API.md
View File

@@ -166,7 +166,7 @@ This API is used to create new user app record and if the request is successful
| Resource / HTTP method | POST (create) | GET (read) | PUT (update) | DELETE (delete) | | Resource / HTTP method | POST (create) | GET (read) | PUT (update) | DELETE (delete) |
| ---------------------------- | ------------------ | -------------- | -------------- | --------------- | | ---------------------------- | ------------------ | -------------- | -------------- | --------------- |
| /v1/session/token/{token} | Create new session | Get sessions | Error | Error | | /v1/session/token/{token} | Create new session | Get sessions | Error | Error |
| /v1/session/session/:session | Error | Get session | Error?? | Error?? | | /v1/session/session/:session | Error | Get session | Error | Error |
@@ -409,19 +409,3 @@ Or you can provide multiple keys at once:
``` ```
bunker unlock key1 key2 key3 bunker unlock key1 key2 key3
``` ```
### View lock status
```
bunker status | jq .lock
```
Result:
```
locked
```
## Audit API

66
src/sessions_api.go
View File

@@ -35,6 +35,9 @@ func (e mainEnv) newSession(w http.ResponseWriter, r *http.Request, ps httproute
if userBson != nil { if userBson != nil {
userTOKEN = userBson["token"].(string) userTOKEN = userBson["token"].(string)
event.Record = userTOKEN event.Record = userTOKEN
} else {
returnError(w, r, "internal error", 405, nil, event)
return
} }
} }
expiration := "" expiration := ""
@@ -70,3 +73,66 @@ func (e mainEnv) newSession(w http.ResponseWriter, r *http.Request, ps httproute
fmt.Fprintf(w, `{"status":"ok","session":"%s"}`, sessionID) fmt.Fprintf(w, `{"status":"ok","session":"%s"}`, sessionID)
return return
} }
func (e mainEnv) getUserSessions(w http.ResponseWriter, r *http.Request, ps httprouter.Params) {
address := ps.ByName("address")
mode := ps.ByName("mode")
event := audit("get all user sessions", address, mode, address)
defer func() { event.submit(e.db) }()
if e.enforceAuth(w, r, event) == false {
return
}
userTOKEN := ""
if mode == "token" {
if enforceUUID(w, address, event) == false {
return
}
userBson, _ := e.db.lookupUserRecord(address)
if userBson == nil {
// if token not found, exit from here
return
}
userTOKEN = address
} else {
// TODO: decode url in code!
userBson, _ := e.db.lookupUserRecordByIndex(mode, address, e.conf)
if userBson != nil {
userTOKEN = userBson["token"].(string)
event.Record = userTOKEN
} else {
returnError(w, r, "internal error", 405, nil, event)
return
}
}
records, count, err := e.db.getUserSessionByToken(userTOKEN)
if err != nil {
returnError(w, r, "internal error", 405, err, event)
return
}
resultJSON, err := json.Marshal(records)
w.Header().Set("Content-Type", "application/json; charset=utf-8")
w.WriteHeader(200)
fmt.Fprintf(w, `{"status":"ok","count":"%d","rows":"%"}`, count, resultJSON)
return
}
func (e mainEnv) getSession(w http.ResponseWriter, r *http.Request, ps httprouter.Params) {
session := ps.ByName("session")
event := audit("get session", session, "session", session)
defer func() { event.submit(e.db) }()
if e.enforceAuth(w, r, event) == false {
return
}
record, userTOKEN, err := e.db.getUserSession(session)
if err != nil {
returnError(w, r, "internal error", 405, err, event)
return
}
event.Record = userTOKEN
w.Header().Set("Content-Type", "application/json; charset=utf-8")
w.WriteHeader(200)
fmt.Fprintf(w, `{"status":"ok","session":"%s","data":"%"}`, session, record)
return
}

15
src/sessions_db.go
View File

@@ -45,23 +45,26 @@ func (dbobj dbcon) createSessionRecord(userTOKEN string, expiration string, data
return tokenUUID, nil return tokenUUID, nil
} }
func (dbobj dbcon) getUserSession(sessionUUID string) ([]byte, error) { func (dbobj dbcon) getUserSession(sessionUUID string) ([]byte, string, error) {
record, err := dbobj.getRecord(TblName.Sessions, "session", sessionUUID) record, err := dbobj.getRecord(TblName.Sessions, "session", sessionUUID)
if record == nil || err != nil { if err != nil {
return nil, errors.New("failed to authenticate") return nil, "", err
}
if record == nil {
return nil, "", errors.New("not found")
} }
// check expiration // check expiration
now := int32(time.Now().Unix()) now := int32(time.Now().Unix())
if now > record["endtime"].(int32) { if now > record["endtime"].(int32) {
return nil, errors.New("session expired") return nil, "", errors.New("session expired")
} }
userTOKEN := record["token"].(string) userTOKEN := record["token"].(string)
encData0 := record["data"].(string) encData0 := record["data"].(string)
decrypted, err := dbobj.userDecrypt(userTOKEN, encData0) decrypted, err := dbobj.userDecrypt(userTOKEN, encData0)
if err != nil { if err != nil {
return nil, err return nil, "", err
} }
return decrypted, err return decrypted, userTOKEN, err
} }
func (dbobj dbcon) getUserSessionByToken(userTOKEN string) ([]*sessionEvent, int64, error) { func (dbobj dbcon) getUserSessionByToken(userTOKEN string) ([]*sessionEvent, int64, error) {

2
src/users_db.go
View File

@@ -386,7 +386,7 @@ func (dbobj dbcon) userEncrypt(userTOKEN string, data []byte) (string, error) {
if err != nil { if err != nil {
return "", err return "", err
} }
// encrypt meta // encrypt data
encoded, err := encrypt(dbobj.masterKey, recordKey, data) encoded, err := encrypt(dbobj.masterKey, recordKey, data)
if err != nil { if err != nil {
return "", err return "", err