Use System Users for Webinterface Auth

2025-05-10 18:38:22 +00:00 · 2023-05-14 03:24:58 +02:00 · 2023-05-14 03:24:58 +02:00 · 0e5cd1d3a5
commit 0e5cd1d3a5
parent bd26cf893d
4 changed files with 13 additions and 8 deletions
--- a/internal/server/api.go
+++ b/internal/server/api.go
@ -12,7 +12,6 @@ import (
 )

 func HandleAPI(w http.ResponseWriter, r *http.Request) {
-	slog.Info("Api Handler hit")
 	_, s := session.GetSession(r)
 	if s == nil {
 		// Fallthrough after so that jsonrpc can still deliver a valid jsonrpc error
--- a/internal/server/server.go
+++ b/internal/server/server.go
@ -17,11 +17,13 @@ var server http.Server
 var mux = http.NewServeMux()
 var apiHandler *jsonrpc.Handler
 var stopCleanup chan struct{}
+var configManager *config.ConfigManager

-func StartWebserver(configManager *config.ConfigManager, _apiHandler *jsonrpc.Handler) {
+func StartWebserver(_configManager *config.ConfigManager, _apiHandler *jsonrpc.Handler) {
 	server.Addr = ":8080"
 	server.Handler = mux
 	apiHandler = _apiHandler
+	configManager = _configManager

 	// Routing
 	mux.HandleFunc("/login", HandleLogin)
--- a/internal/server/session.go
+++ b/internal/server/session.go
@ -7,6 +7,7 @@ import (
 	"time"

 	"golang.org/x/exp/slog"
+	"nfsense.net/nfsense/internal/auth"
 	"nfsense.net/nfsense/internal/session"
 )

@ -27,13 +28,16 @@ func HandleLogin(w http.ResponseWriter, r *http.Request) {
 		slog.Error("Unmarshal", err)
 		return
 	}
-	if req.Username == "admin" && req.Password == "12345" {
-		slog.Info("User Login Successfull")
-		session.GenerateSession(w, req.Username)
-		w.WriteHeader(http.StatusOK)
+	err = auth.AuthenticateUser(configManager.GetCurrentConfig(), req.Username, req.Password)
+	if err != nil {
+		slog.Error("User Login failed", "err", err, "username", req.Username)
+		w.WriteHeader(http.StatusUnauthorized)
 		return
 	}
-	w.WriteHeader(http.StatusUnauthorized)
+
+	slog.Info("User Login Successful", "username", req.Username)
+	session.GenerateSession(w, req.Username)
+	w.WriteHeader(http.StatusOK)
 }

 func HandleLogout(w http.ResponseWriter, r *http.Request) {
--- a/internal/session/session.go
+++ b/internal/session/session.go
@ -18,7 +18,7 @@ const SessionLifeTime = time.Minute * 15
 type Session struct {
 	Username string
 	Expires  time.Time
-	// TODO Add []websocket.Conn pointer to close all active websockets, alternativly do this via context cancelation
+	// TODO Add []websocket.Conn pointer to close all active websockets, alternatively do this via context cancelation
 }

 type SessionResponse struct {