barbercollie/tinyauth
1
0
Fork 1
mirror of https://github.com/steveiliop56/tinyauth.git synced 2026-01-17 12:52:28 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'main' into feat/ldap-groups

Browse Source
This commit is contained in:
Stavros
2026-01-15 16:01:41 +02:00
parent 3f69509622 c0dd432029
commit 6597bea1b2
32 changed files with 522 additions and 246 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
internal/middleware/context_middleware.go
View File

@@ -8,9 +8,9 @@ import (
"github.com/steveiliop56/tinyauth/internal/config"
"github.com/steveiliop56/tinyauth/internal/service"
"github.com/steveiliop56/tinyauth/internal/utils"
"github.com/steveiliop56/tinyauth/internal/utils/tlog"
"github.com/gin-gonic/gin"
"github.com/rs/zerolog/log"
)
type ContextMiddlewareConfig struct {
@@ -40,7 +40,7 @@ func (m *ContextMiddleware) Middleware() gin.HandlerFunc {
cookie, err := m.auth.GetSessionCookie(c)
if err != nil {
log.Debug().Err(err).Msg("No valid session cookie found")
tlog.App.Debug().Err(err).Msg("No valid session cookie found")
goto basic
}
@@ -62,7 +62,7 @@ func (m *ContextMiddleware) Middleware() gin.HandlerFunc {
userSearch := m.auth.SearchUser(cookie.Username)
if userSearch.Type == "unknown" || userSearch.Type == "error" {
log.Debug().Msg("User from session cookie not found")
tlog.App.Debug().Msg("User from session cookie not found")
m.auth.DeleteSessionCookie(c)
goto basic
}
@@ -82,13 +82,13 @@ func (m *ContextMiddleware) Middleware() gin.HandlerFunc {
_, exists := m.broker.GetService(cookie.Provider)
if !exists {
log.Debug().Msg("OAuth provider from session cookie not found")
tlog.App.Debug().Msg("OAuth provider from session cookie not found")
m.auth.DeleteSessionCookie(c)
goto basic
}
if !m.auth.IsEmailWhitelisted(cookie.Email) {
log.Debug().Msg("Email from session cookie not whitelisted")
tlog.App.Debug().Msg("Email from session cookie not whitelisted")
m.auth.DeleteSessionCookie(c)
goto basic
}
@@ -113,7 +113,7 @@ func (m *ContextMiddleware) Middleware() gin.HandlerFunc {
basic := m.auth.GetBasicAuth(c)
if basic == nil {
log.Debug().Msg("No basic auth provided")
tlog.App.Debug().Msg("No basic auth provided")
c.Next()
return
}
@@ -121,7 +121,7 @@ func (m *ContextMiddleware) Middleware() gin.HandlerFunc {
locked, remaining := m.auth.IsAccountLocked(basic.Username)
if locked {
log.Debug().Msgf("Account for user %s is locked for %d seconds, denying auth", basic.Username, remaining)
tlog.App.Debug().Msgf("Account for user %s is locked for %d seconds, denying auth", basic.Username, remaining)
c.Writer.Header().Add("x-tinyauth-lock-locked", "true")
c.Writer.Header().Add("x-tinyauth-lock-reset", time.Now().Add(time.Duration(remaining)*time.Second).Format(time.RFC3339))
c.Next()
@@ -132,14 +132,14 @@ func (m *ContextMiddleware) Middleware() gin.HandlerFunc {
if userSearch.Type == "unknown" || userSearch.Type == "error" {
m.auth.RecordLoginAttempt(basic.Username, false)
log.Debug().Msg("User from basic auth not found")
tlog.App.Debug().Msg("User from basic auth not found")
c.Next()
return
}
if !m.auth.VerifyUser(userSearch, basic.Password) {
m.auth.RecordLoginAttempt(basic.Username, false)
log.Debug().Msg("Invalid password for basic auth user")
tlog.App.Debug().Msg("Invalid password for basic auth user")
c.Next()
return
}
@@ -148,7 +148,7 @@ func (m *ContextMiddleware) Middleware() gin.HandlerFunc {
switch userSearch.Type {
case "local":
log.Debug().Msg("Basic auth user is local")
tlog.App.Debug().Msg("Basic auth user is local")
user := m.auth.GetLocalUser(basic.Username)