2022-07-17 18:16:00 +00:00
|
|
|
// Copyright (C) 2019-2022 Nicola Murino
|
|
|
|
//
|
|
|
|
// This program is free software: you can redistribute it and/or modify
|
|
|
|
// it under the terms of the GNU Affero General Public License as published
|
|
|
|
// by the Free Software Foundation, version 3.
|
|
|
|
//
|
|
|
|
// This program is distributed in the hope that it will be useful,
|
|
|
|
// but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
|
// GNU Affero General Public License for more details.
|
|
|
|
//
|
|
|
|
// You should have received a copy of the GNU Affero General Public License
|
|
|
|
// along with this program. If not, see <https://www.gnu.org/licenses/>.
|
|
|
|
|
2021-11-13 12:25:43 +00:00
|
|
|
package httpd
|
|
|
|
|
|
|
|
import (
|
2022-05-19 17:49:51 +00:00
|
|
|
"encoding/json"
|
2021-11-13 12:25:43 +00:00
|
|
|
"sync"
|
|
|
|
"time"
|
|
|
|
|
2022-07-24 14:18:54 +00:00
|
|
|
"github.com/drakkan/sftpgo/v2/internal/dataprovider"
|
|
|
|
"github.com/drakkan/sftpgo/v2/internal/logger"
|
|
|
|
"github.com/drakkan/sftpgo/v2/internal/util"
|
2021-11-13 12:25:43 +00:00
|
|
|
)
|
|
|
|
|
|
|
|
var (
|
|
|
|
resetCodeLifespan = 10 * time.Minute
|
2022-05-19 17:49:51 +00:00
|
|
|
resetCodesMgr resetCodeManager
|
2021-11-13 12:25:43 +00:00
|
|
|
)
|
|
|
|
|
2022-05-19 17:49:51 +00:00
|
|
|
type resetCodeManager interface {
|
|
|
|
Add(code *resetCode) error
|
|
|
|
Get(code string) (*resetCode, error)
|
|
|
|
Delete(code string) error
|
|
|
|
Cleanup()
|
2021-11-13 12:25:43 +00:00
|
|
|
}
|
|
|
|
|
2022-05-19 17:49:51 +00:00
|
|
|
func newResetCodeManager(isShared int) resetCodeManager {
|
|
|
|
if isShared == 1 {
|
|
|
|
logger.Info(logSender, "", "using provider reset code manager")
|
|
|
|
return &dbResetCodeManager{}
|
|
|
|
}
|
|
|
|
logger.Info(logSender, "", "using memory reset code manager")
|
|
|
|
return &memoryResetCodeManager{}
|
|
|
|
}
|
|
|
|
|
|
|
|
type resetCode struct {
|
|
|
|
Code string `json:"code"`
|
|
|
|
Username string `json:"username"`
|
|
|
|
IsAdmin bool `json:"is_admin"`
|
|
|
|
ExpiresAt time.Time `json:"expires_at"`
|
2021-11-13 12:25:43 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
func newResetCode(username string, isAdmin bool) *resetCode {
|
|
|
|
return &resetCode{
|
|
|
|
Code: util.GenerateUniqueID(),
|
|
|
|
Username: username,
|
|
|
|
IsAdmin: isAdmin,
|
|
|
|
ExpiresAt: time.Now().Add(resetCodeLifespan).UTC(),
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2022-05-19 17:49:51 +00:00
|
|
|
func (c *resetCode) isExpired() bool {
|
|
|
|
return c.ExpiresAt.Before(time.Now().UTC())
|
|
|
|
}
|
|
|
|
|
|
|
|
type memoryResetCodeManager struct {
|
|
|
|
resetCodes sync.Map
|
|
|
|
}
|
|
|
|
|
|
|
|
func (m *memoryResetCodeManager) Add(code *resetCode) error {
|
|
|
|
m.resetCodes.Store(code.Code, code)
|
|
|
|
return nil
|
|
|
|
}
|
|
|
|
|
|
|
|
func (m *memoryResetCodeManager) Get(code string) (*resetCode, error) {
|
|
|
|
c, ok := m.resetCodes.Load(code)
|
|
|
|
if !ok {
|
|
|
|
return nil, util.NewRecordNotFoundError("reset code not found")
|
|
|
|
}
|
|
|
|
return c.(*resetCode), nil
|
|
|
|
}
|
|
|
|
|
|
|
|
func (m *memoryResetCodeManager) Delete(code string) error {
|
|
|
|
m.resetCodes.Delete(code)
|
|
|
|
return nil
|
|
|
|
}
|
|
|
|
|
|
|
|
func (m *memoryResetCodeManager) Cleanup() {
|
|
|
|
m.resetCodes.Range(func(key, value any) bool {
|
2021-11-13 12:25:43 +00:00
|
|
|
c, ok := value.(*resetCode)
|
|
|
|
if !ok || c.isExpired() {
|
2022-05-19 17:49:51 +00:00
|
|
|
m.resetCodes.Delete(key)
|
2021-11-13 12:25:43 +00:00
|
|
|
}
|
|
|
|
return true
|
|
|
|
})
|
|
|
|
}
|
2022-05-19 17:49:51 +00:00
|
|
|
|
|
|
|
type dbResetCodeManager struct{}
|
|
|
|
|
|
|
|
func (m *dbResetCodeManager) Add(code *resetCode) error {
|
|
|
|
session := dataprovider.Session{
|
|
|
|
Key: code.Code,
|
|
|
|
Data: code,
|
|
|
|
Type: dataprovider.SessionTypeResetCode,
|
|
|
|
Timestamp: util.GetTimeAsMsSinceEpoch(code.ExpiresAt),
|
|
|
|
}
|
|
|
|
return dataprovider.AddSharedSession(session)
|
|
|
|
}
|
|
|
|
|
|
|
|
func (m *dbResetCodeManager) Get(code string) (*resetCode, error) {
|
|
|
|
session, err := dataprovider.GetSharedSession(code)
|
|
|
|
if err != nil {
|
|
|
|
return nil, err
|
|
|
|
}
|
|
|
|
if session.Timestamp < util.GetTimeAsMsSinceEpoch(time.Now()) {
|
|
|
|
// expired
|
|
|
|
return nil, util.NewRecordNotFoundError("reset code expired")
|
|
|
|
}
|
|
|
|
return m.decodeData(session.Data)
|
|
|
|
}
|
|
|
|
|
|
|
|
func (m *dbResetCodeManager) decodeData(data any) (*resetCode, error) {
|
|
|
|
if val, ok := data.([]byte); ok {
|
|
|
|
c := &resetCode{}
|
|
|
|
err := json.Unmarshal(val, c)
|
|
|
|
return c, err
|
|
|
|
}
|
|
|
|
logger.Error(logSender, "", "invalid reset code data type %T", data)
|
|
|
|
return nil, util.NewRecordNotFoundError("invalid reset code")
|
|
|
|
}
|
|
|
|
|
|
|
|
func (m *dbResetCodeManager) Delete(code string) error {
|
|
|
|
return dataprovider.DeleteSharedSession(code)
|
|
|
|
}
|
|
|
|
|
|
|
|
func (m *dbResetCodeManager) Cleanup() {
|
|
|
|
dataprovider.CleanupSharedSessions(dataprovider.SessionTypeResetCode, time.Now()) //nolint:errcheck
|
|
|
|
}
|