initial commit

2022-09-08 09:18:04 +02:00
commit 447b2fb51d
163 changed files with 47569 additions and 0 deletions
--- a/pkg/security/crypto.go
+++ b/pkg/security/crypto.go
@ -0,0 +1,24 @@
+package security
+
+import (
+	"crypto/sha256"
+	"encoding/hex"
+	"log"
+	"os"
+)
+
+// NewSHA256 ...
+func NewSHA256(data []byte) []byte {
+	if os.Getenv("SALT") == "" {
+		log.Fatal("CRITICAL ERROR SALT was found to be empty")
+	}
+	prep := []byte(os.Getenv("SALT") + "-")
+
+	prep = append(prep, data...)
+	hash := sha256.Sum256(prep)
+	return hash[:]
+}
+
+func NewSHA256asString(data []byte) string {
+	return hex.EncodeToString(NewSHA256(data))
+}
--- a/pkg/security/security.go
+++ b/pkg/security/security.go
@ -0,0 +1,39 @@
+package security
+
+import (
+	"net/http"
+
+	"github.com/go-chi/chi/v5"
+)
+
+var sysKey = "devtoken"
+var dscSecret = "dscSec"
+var webSecret = "webSec"
+
+func SecurityRouter(r chi.Router) {
+	r.Get("/", login)
+}
+
+/* ==============================================================
+TODO rework to make use of JWT
+============================================================== */
+
+// [DEPRECATED] will be replaced with jwt
+// login takes in requered parameters from all incoming platforms and authorizes access if granted
+func login(w http.ResponseWriter, r *http.Request) {
+	loginInput := r.URL.Query()
+
+	switch loginInput.Get("platform") {
+	case "discord":
+		if loginInput.Get("s") == dscSecret {
+			w.Write([]byte(`{"type":"reply", "s":"` + sysKey + `"}`))
+		}
+	case "web":
+		if loginInput.Get("s") == webSecret {
+			w.Write([]byte(`{"type":"reply", "s":"` + sysKey + `"}`))
+		}
+	default:
+		http.Error(w, "invalid_platform", http.StatusInternalServerError)
+		return
+	}
+}