softplayer/softplayer-backend
1
0
Fork 0
Code Issues 1 Pull Requests Actions Packages Projects Releases Activity

WIP: Something is going on

Browse Source
This commit is contained in:
Nikolai Rodionov 2024-03-21 18:39:32 +01:00
parent 58c1b91916
commit 782e762019
Signed by: allanger
GPG Key ID: 0AA46A90E25592AD
7 changed files with 98 additions and 102 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

61
api/v1/accounts.go
View File

@ -4,36 +4,30 @@ import (
"context"
"git.badhouseplants.net/softplayer/softplayer-backend/internal/controllers"
"git.badhouseplants.net/softplayer/softplayer-backend/internal/helpers/email"
"git.badhouseplants.net/softplayer/softplayer-go-proto/pkg/accounts"
// "google.golang.org/protobuf/types/known/emptypb"
ctrl "sigs.k8s.io/controller-runtime"
)
func NewAccountRPCImpl(contoller ctrl.Manager, emailConfig email.EmailConf) *AccountsServer {
func NewAccountRPCImpl(contoller ctrl.Manager, hashCost int16) *AccountsServer {
return &AccountsServer{
Controller: contoller,
EmailConfig: emailConfig,
Params: &controllers.AccountParams{
HashCost: hashCost,
},
}
}
type AccountsServer struct {
accounts.UnimplementedAccountsServer
EmailConfig email.EmailConf
Controller ctrl.Manager
Params *controllers.AccountParams
}
func (a *AccountsServer) SignUp(ctx context.Context, in *accounts.AccountWithPassword) (*accounts.AccountFullWithToken, error) {
data := controllers.AccountData{
Username: in.Data.GetName(),
Password: in.Password.GetPassword(),
Email: in.Data.GetEmail(),
}
acc := controllers.Account{
Controller: a.Controller,
Data: &data,
}
data := populateData(in.Data.GetName(), in.Password.GetPassword(), in.Data.GetEmail())
acc := populateAccount(data, a.Controller)
if err := acc.Create(ctx); err != nil {
return nil, err
}
@ -51,23 +45,18 @@ func (a *AccountsServer) SignUp(ctx context.Context, in *accounts.AccountWithPas
}
func (a *AccountsServer) SignIn(ctx context.Context, in *accounts.AccountWithPassword) (*accounts.AccountFullWithToken, error) {
data := controllers.AccountData{
Username: in.Data.GetName(),
Password: in.Password.GetPassword(),
Email: in.Data.GetEmail(),
}
acc := controllers.Account{
Controller: a.Controller,
Data: &data,
}
data := populateData(in.Data.GetName(), in.Password.GetPassword(), in.Data.GetEmail())
acc := populateAccount(data, a.Controller)
if err := acc.Login(ctx); err != nil {
return nil, err
}
return &accounts.AccountFullWithToken{
Id: &accounts.AccountId{
Id: &accounts.AccountId{
Id: acc.Data.UUID,
},
Data: &accounts.AccountData{
Data: &accounts.AccountData{
Name: acc.Data.Username,
Email: acc.Data.Email,
},
@ -75,10 +64,18 @@ func (a *AccountsServer) SignIn(ctx context.Context, in *accounts.AccountWithPas
}, nil
}
//func (a *AccountsServer) ValidateEmail(ctx context.Context, in *accounts.AccountDataWithEmailCode) (*emptypb.Empty, error) {
// data := controllers.AccountData {
// Username: in.Data.GetName(),
// Email: in.Data.GetEmail(),
// }
// acc := controllers.Account {}
//}
func populateData(username, password, email string) *controllers.AccountData {
return &controllers.AccountData{
Username: username,
Password: password,
Email: email,
}
}
func populateAccount(data *controllers.AccountData, controller ctrl.Manager) *controllers.Account {
return &controllers.Account{
Controller: controller,
Data: data,
}
}

78
internal/controllers/accounts.go
View File

@ -7,8 +7,8 @@ import (
"log"
"time"
"git.badhouseplants.net/softplayer/softplayer-backend/internal/helpers/hash"
"github.com/google/uuid"
"golang.org/x/crypto/bcrypt"
corev1 "k8s.io/api/core/v1"
rbacv1 "k8s.io/api/rbac/v1"
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
@ -20,14 +20,15 @@ import (
type Account struct {
Controller ctrl.Manager
Params AccountParams
Params AccountParams
Data *AccountData
Token string
Token string
}
type AccountParams struct {
HashCost int16
}
type AccountData struct {
Username string
Password string
@ -35,25 +36,15 @@ type AccountData struct {
UUID string
}
func HashPassword(password string) (string, error) {
bytes, err := bcrypt.GenerateFromPassword([]byte(password), 1)
return string(bytes), err
}
func CheckPasswordHash(password, hash string) bool {
err := bcrypt.CompareHashAndPassword([]byte(hash), []byte(password))
return err == nil
}
func waitUntilCreated(ctx context.Context, client client.Client ,obj client.Object, attemps int, timeout time.Duration) error {
func waitUntilCreated(ctx context.Context, client client.Client, obj client.Object, attemps int, timeout time.Duration) error {
log.Printf("Waiting %d", attemps)
if err := client.Get(ctx, types.NamespacedName{
Namespace: obj.GetNamespace(),
Name: obj.GetName(),
Name: obj.GetName(),
}, obj); err != nil {
if attemps > 0 {
time.Sleep(timeout)
waitUntilCreated(ctx, client, obj, attemps - 1, timeout)
waitUntilCreated(ctx, client, obj, attemps-1, timeout)
} else {
return err
}
@ -66,7 +57,7 @@ func (acc *Account) Create(ctx context.Context) error {
acc.Data.UUID = uuid.New().String()
log.Println(acc.Data.UUID)
passwordHash, err := HashPassword(acc.Data.Password)
passwordHash, err := hash.HashPassword(acc.Data.Password, int(acc.Params.HashCost))
if err != nil {
return nil
}
@ -81,13 +72,12 @@ func (acc *Account) Create(ctx context.Context) error {
return err
}
if err := waitUntilCreated(ctx, client, &namespace, 10, time.Millisecond * 50); err != nil {
if err := waitUntilCreated(ctx, client, &namespace, 10, time.Millisecond*50); err != nil {
return err
}
if err := client.Get(ctx, types.NamespacedName{
Name: acc.Data.UUID,
Name: acc.Data.UUID,
}, &namespace); err != nil {
if err := client.Delete(ctx, &namespace); err != nil {
return err
@ -97,14 +87,14 @@ func (acc *Account) Create(ctx context.Context) error {
// Create a secret with the account data
secret := corev1.Secret{
ObjectMeta: metav1.ObjectMeta{
Name: acc.Data.Username,
Name: acc.Data.Username,
Namespace: "softplayer-accounts",
OwnerReferences: []metav1.OwnerReference{
OwnerReferences: []metav1.OwnerReference{
metav1.OwnerReference{
APIVersion: "v1",
Kind: "Namespace",
Name: acc.Data.UUID,
UID: namespace.UID,
APIVersion: "v1",
Kind: "Namespace",
Name: acc.Data.UUID,
UID: namespace.UID,
},
},
},
@ -132,26 +122,25 @@ func (acc *Account) Create(ctx context.Context) error {
return err
}
sa := &corev1.ServiceAccount{
ObjectMeta: metav1.ObjectMeta{
Name: acc.Data.UUID,
ObjectMeta: metav1.ObjectMeta{
Name: acc.Data.UUID,
Namespace: acc.Data.UUID,
},
}
rb := &rbacv1.RoleBinding{
ObjectMeta: metav1.ObjectMeta{
Name: acc.Data.UUID,
Namespace: acc.Data.UUID,
Name: acc.Data.UUID,
Namespace: acc.Data.UUID,
},
Subjects: []rbacv1.Subject{
Subjects: []rbacv1.Subject{
rbacv1.Subject{
Kind: "ServiceAccount",
Name: acc.Data.UUID,
Namespace: acc.Data.UUID,
},
},
RoleRef: rbacv1.RoleRef{
RoleRef: rbacv1.RoleRef{
APIGroup: "rbac.authorization.k8s.io",
Kind: "Role",
Name: acc.Data.Username,
@ -175,13 +164,13 @@ func (acc *Account) Create(ctx context.Context) error {
tokenName := fmt.Sprintf("sa-%s", acc.Data.UUID)
saSec := &corev1.Secret{
ObjectMeta: metav1.ObjectMeta{
Name: tokenName,
Name: tokenName,
Namespace: acc.Data.UUID,
Annotations: map[string]string{
"kubernetes.io/service-account.name": acc.Data.UUID,
},
},
Type: "kubernetes.io/service-account-token",
Type: "kubernetes.io/service-account-token",
}
if err := client.Create(ctx, saSec); err != nil {
@ -190,7 +179,7 @@ func (acc *Account) Create(ctx context.Context) error {
}
return err
}
if err := waitUntilCreated(ctx, client, saSec, 10, time.Millisecond * 50); err != nil {
if err := waitUntilCreated(ctx, client, saSec, 10, time.Millisecond*50); err != nil {
return err
}
@ -204,7 +193,7 @@ func (acc *Account) Create(ctx context.Context) error {
return nil
}
func (acc *Account) Login (ctx context.Context) error {
func (acc *Account) Login(ctx context.Context) error {
client := acc.Controller.GetClient()
sec := &corev1.Secret{}
if err := client.Get(ctx, types.NamespacedName{
@ -213,7 +202,7 @@ func (acc *Account) Login (ctx context.Context) error {
}, sec); err != nil {
return err
}
if !CheckPasswordHash(acc.Data.Password, string(sec.Data["password"])){
if !hash.CheckPasswordHash(acc.Data.Password, string(sec.Data["password"])) {
err := errors.New("wrong password")
return err
}
@ -221,30 +210,29 @@ func (acc *Account) Login (ctx context.Context) error {
tokenName := fmt.Sprintf("sa-%s", acc.Data.UUID)
saSec := &corev1.Secret{
ObjectMeta: metav1.ObjectMeta{
Name: tokenName,
Name: tokenName,
Namespace: acc.Data.UUID,
Annotations: map[string]string{
"kubernetes.io/service-account.name": acc.Data.UUID,
},
},
Type: "kubernetes.io/service-account-token",
Type: "kubernetes.io/service-account-token",
}
var err error
acc.Token, err = acc.getToken(ctx, saSec)
if err != nil{
return err
if err != nil {
return err
}
return nil
}
func (acc *Account) getToken (ctx context.Context, saSec *corev1.Secret) (string, error) {
func (acc *Account) getToken(ctx context.Context, saSec *corev1.Secret) (string, error) {
client := acc.Controller.GetClient()
if err := client.Get(ctx, types.NamespacedName{
Namespace: acc.Data.UUID,
Name: saSec.ObjectMeta.Name,
Name: saSec.ObjectMeta.Name,
}, saSec); err != nil {
return "", err
}
return string(saSec.Data["token"]), nil
}

13
internal/controllers/email.go.tmp Normal file
View File

@ -0,0 +1,13 @@
# package controllers
import "context"
type EmailSvc struct {}
type EmailData strict {
UserID string
}
func (svc *EmailSvc) SendVerification(ctx context.Context) {
}

4
internal/helpers/email/email.go
View File

@ -5,13 +5,13 @@ import (
)
type EmailConf struct {
From string
From string
Password string
SmtpHost string
SmtpPort string
}
func (e *EmailConf) SendEmail (to string, message string )error {
func (e *EmailConf) SendEmail(to string, message string) error {
messageByte := []byte(message)
auth := smtp.PlainAuth("", e.From, e.Password, e.SmtpHost)

5
internal/helpers/hash/hash.go
View File

@ -8,7 +8,6 @@ func HashPassword(password string, cost int) (string, error) {
}
func CheckPasswordHash(password, hash string) bool {
err := bcrypt.CompareHashAndPassword([]byte(hash), []byte(password))
return err == nil
err := bcrypt.CompareHashAndPassword([]byte(hash), []byte(password))
return err == nil
}

14
internal/helpers/hash/hash_test.go
View File

@ -8,14 +8,14 @@ import (
)
func TestHashValid(t *testing.T) {
password := "qwertyu9"
hpass, err := hash.HashPassword(password, 10)
assert.NoError(t, err)
assert.True(t, hash.CheckPasswordHash(password, hpass))
password := "qwertyu9"
hpass, err := hash.HashPassword(password, 10)
assert.NoError(t, err)
assert.True(t, hash.CheckPasswordHash(password, hpass))
}
func TestHashInvalid(t *testing.T) {
password := "qwertyu9"
invhash := "qwertyu9"
assert.False(t, hash.CheckPasswordHash(password, invhash))
password := "qwertyu9"
invhash := "qwertyu9"
assert.False(t, hash.CheckPasswordHash(password, invhash))
}

19
main.go
View File

@ -16,14 +16,14 @@ import (
)
type Serve struct {
Port int16 `short:"p" env:"SOFTPLAYER_PORT" default:"8080"`
Host string `env:"SOFTPLAYER_HOST" default:"0.0.0.0"`
HashCost int16 `env:"SOFTPLAYER_HASH_COST" default:"10"`
Reflection bool `env:"SOFTPLAYER_REFLECTION" default:"false"`
SmtpHost string `env:"SOFTPLAYER_SMTP_HOST"`
SmtpPort string `env:"SOFTPLAYER_SMTP_PORT" default:"587"`
SmtpFrom string `env:"SOFTPLAYER_SMTP_FROM" default:"overlord@badhouseplants.net"`
SmtpPassword string `env:"SOFTPLAYER_SMTP_PASSWORD"`
Port int16 `short:"p" env:"SOFTPLAYER_PORT" default:"8080"`
Host string `env:"SOFTPLAYER_HOST" default:"0.0.0.0"`
HashCost int16 `env:"SOFTPLAYER_HASH_COST" default:"10"`
Reflection bool `env:"SOFTPLAYER_REFLECTION" default:"false"`
SmtpHost string `env:"SOFTPLAYER_SMTP_HOST"`
SmtpPort string `env:"SOFTPLAYER_SMTP_PORT" default:"587"`
SmtpFrom string `env:"SOFTPLAYER_SMTP_FROM" default:"overlord@badhouseplants.net"`
SmtpPassword string `env:"SOFTPLAYER_SMTP_PASSWORD"`
}
var CLI struct {
@ -42,14 +42,13 @@ func main() {
}
}
func server(params Serve) error {
controller, err := ctrl.NewManager(ctrl.GetConfigOrDie(), ctrl.Options{})
if err != nil {
return err
}
go func(){
go func() {
controller.Start(context.Background())
}()