mirror of
https://github.com/steveiliop56/tinyauth.git
synced 2026-04-07 14:27:57 +00:00
7bfee6efc2
* chore(deps): bump github.com/charmbracelet/huh from 0.8.0 to 1.0.0 Bumps [github.com/charmbracelet/huh](https://github.com/charmbracelet/huh) from 0.8.0 to 1.0.0. - [Release notes](https://github.com/charmbracelet/huh/releases) - [Commits](https://github.com/charmbracelet/huh/compare/v0.8.0...v1.0.0) --- updated-dependencies: - dependency-name: github.com/charmbracelet/huh dependency-version: 1.0.0 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> * chore: breaking changes for huh form * chore: bump go version everywhere * chore: go mod tidy --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Stavros <steveiliop56@gmail.com>
118 lines
2.7 KiB
Go
118 lines
2.7 KiB
Go
package main
|
|
|
|
import (
|
|
"errors"
|
|
"fmt"
|
|
|
|
"github.com/steveiliop56/tinyauth/internal/utils"
|
|
"github.com/steveiliop56/tinyauth/internal/utils/tlog"
|
|
|
|
"charm.land/huh/v2"
|
|
"github.com/pquerna/otp/totp"
|
|
"github.com/traefik/paerser/cli"
|
|
"golang.org/x/crypto/bcrypt"
|
|
)
|
|
|
|
type VerifyUserConfig struct {
|
|
Interactive bool `description:"Validate a user interactively."`
|
|
Username string `description:"Username."`
|
|
Password string `description:"Password."`
|
|
Totp string `description:"TOTP code."`
|
|
User string `description:"Hash (username:hash:totp)."`
|
|
}
|
|
|
|
func NewVerifyUserConfig() *VerifyUserConfig {
|
|
return &VerifyUserConfig{
|
|
Interactive: false,
|
|
Username: "",
|
|
Password: "",
|
|
Totp: "",
|
|
User: "",
|
|
}
|
|
}
|
|
|
|
func verifyUserCmd() *cli.Command {
|
|
tCfg := NewVerifyUserConfig()
|
|
|
|
loaders := []cli.ResourceLoader{
|
|
&cli.FlagLoader{},
|
|
}
|
|
|
|
return &cli.Command{
|
|
Name: "verify",
|
|
Description: "Verify a user is set up correctly",
|
|
Configuration: tCfg,
|
|
Resources: loaders,
|
|
Run: func(_ []string) error {
|
|
tlog.NewSimpleLogger().Init()
|
|
|
|
if tCfg.Interactive {
|
|
form := huh.NewForm(
|
|
huh.NewGroup(
|
|
huh.NewInput().Title("User (username:hash:totp)").Value(&tCfg.User).Validate((func(s string) error {
|
|
if s == "" {
|
|
return errors.New("user cannot be empty")
|
|
}
|
|
return nil
|
|
})),
|
|
huh.NewInput().Title("Username").Value(&tCfg.Username).Validate((func(s string) error {
|
|
if s == "" {
|
|
return errors.New("username cannot be empty")
|
|
}
|
|
return nil
|
|
})),
|
|
huh.NewInput().Title("Password").Value(&tCfg.Password).Validate((func(s string) error {
|
|
if s == "" {
|
|
return errors.New("password cannot be empty")
|
|
}
|
|
return nil
|
|
})),
|
|
huh.NewInput().Title("TOTP Code (optional)").Value(&tCfg.Totp),
|
|
),
|
|
)
|
|
|
|
theme := new(themeBase)
|
|
err := form.WithTheme(theme).Run()
|
|
|
|
if err != nil {
|
|
return fmt.Errorf("failed to run interactive prompt: %w", err)
|
|
}
|
|
}
|
|
|
|
user, err := utils.ParseUser(tCfg.User)
|
|
|
|
if err != nil {
|
|
return fmt.Errorf("failed to parse user: %w", err)
|
|
}
|
|
|
|
if user.Username != tCfg.Username {
|
|
return fmt.Errorf("username is incorrect")
|
|
}
|
|
|
|
err = bcrypt.CompareHashAndPassword([]byte(user.Password), []byte(tCfg.Password))
|
|
|
|
if err != nil {
|
|
return fmt.Errorf("password is incorrect: %w", err)
|
|
}
|
|
|
|
if user.TotpSecret == "" {
|
|
if tCfg.Totp != "" {
|
|
tlog.App.Warn().Msg("User does not have TOTP secret")
|
|
}
|
|
tlog.App.Info().Msg("User verified")
|
|
return nil
|
|
}
|
|
|
|
ok := totp.Validate(tCfg.Totp, user.TotpSecret)
|
|
|
|
if !ok {
|
|
return fmt.Errorf("TOTP code incorrect")
|
|
}
|
|
|
|
tlog.App.Info().Msg("User verified")
|
|
|
|
return nil
|
|
},
|
|
}
|
|
}
|