steam 2fa for polling and security
This commit is contained in:
Fran Jurmanović
@@ -54,4 +54,9 @@ func InitializeControllers(c *dig.Container) {
|
||||
if err != nil {
|
||||
logging.Panic("unable to initialize membership controller")
|
||||
}
|
||||
|
||||
err = c.Invoke(NewSteam2FAController)
|
||||
if err != nil {
|
||||
logging.Panic("unable to initialize steam 2fa controller")
|
||||
}
|
||||
}
|
||||
|
||||
@@ -34,6 +34,7 @@ func NewMembershipController(service *service.MembershipService, auth *middlewar
|
||||
}
|
||||
|
||||
routeGroups.Auth.Post("/login", mc.Login)
|
||||
routeGroups.Auth.Post("/open-token", mc.GenerateOpenToken)
|
||||
|
||||
usersGroup := routeGroups.Membership
|
||||
usersGroup.Use(mc.auth.Authenticate)
|
||||
@@ -82,6 +83,26 @@ func (c *MembershipController) Login(ctx *fiber.Ctx) error {
|
||||
return ctx.JSON(fiber.Map{"token": token})
|
||||
}
|
||||
|
||||
// GenerateOpenToken generates an open token for a user.
|
||||
// @Summary Generate an open token
|
||||
// @Description Generate an open token for a user
|
||||
// @Tags Authentication
|
||||
// @Accept json
|
||||
// @Produce json
|
||||
// @Success 200 {object} object{token=string} "JWT token"
|
||||
// @Failure 400 {object} error_handler.ErrorResponse "Invalid request body"
|
||||
// @Failure 401 {object} error_handler.ErrorResponse "Invalid credentials"
|
||||
// @Failure 500 {object} error_handler.ErrorResponse "Internal server error"
|
||||
// @Router /auth/open-token [post]
|
||||
func (c *MembershipController) GenerateOpenToken(ctx *fiber.Ctx) error {
|
||||
token, err := c.service.GenerateOpenToken(ctx.UserContext(), ctx.Locals("userId").(string))
|
||||
if err != nil {
|
||||
return c.errorHandler.HandleAuthError(ctx, err)
|
||||
}
|
||||
|
||||
return ctx.JSON(fiber.Map{"token": token})
|
||||
}
|
||||
|
||||
// CreateUser creates a new user.
|
||||
// @Summary Create a new user
|
||||
// @Description Create a new user account with specified role
|
||||
|
||||
139
local/controller/steam_2fa.go
Normal file
139
local/controller/steam_2fa.go
Normal file
@@ -0,0 +1,139 @@
|
||||
package controller
|
||||
|
||||
import (
|
||||
"acc-server-manager/local/middleware"
|
||||
"acc-server-manager/local/model"
|
||||
"acc-server-manager/local/utl/common"
|
||||
"acc-server-manager/local/utl/error_handler"
|
||||
"acc-server-manager/local/utl/jwt"
|
||||
|
||||
"github.com/gofiber/fiber/v2"
|
||||
)
|
||||
|
||||
type Steam2FAController struct {
|
||||
tfaManager *model.Steam2FAManager
|
||||
errorHandler *error_handler.ControllerErrorHandler
|
||||
jwtHandler *jwt.OpenJWTHandler
|
||||
}
|
||||
|
||||
func NewSteam2FAController(tfaManager *model.Steam2FAManager, routeGroups *common.RouteGroups, auth *middleware.AuthMiddleware, jwtHandler *jwt.OpenJWTHandler) *Steam2FAController {
|
||||
controller := &Steam2FAController{
|
||||
tfaManager: tfaManager,
|
||||
errorHandler: error_handler.NewControllerErrorHandler(),
|
||||
jwtHandler: jwtHandler,
|
||||
}
|
||||
|
||||
steam2faRoutes := routeGroups.Steam2FA
|
||||
steam2faRoutes.Use(auth.AuthenticateOpen)
|
||||
|
||||
// Define routes
|
||||
steam2faRoutes.Get("/pending", auth.HasPermission(model.ServerView), controller.GetPendingRequests)
|
||||
steam2faRoutes.Get("/:id", auth.HasPermission(model.ServerView), controller.GetRequest)
|
||||
steam2faRoutes.Post("/:id/complete", auth.HasPermission(model.ServerUpdate), controller.CompleteRequest)
|
||||
steam2faRoutes.Post("/:id/cancel", auth.HasPermission(model.ServerUpdate), controller.CancelRequest)
|
||||
|
||||
return controller
|
||||
}
|
||||
|
||||
// GetPendingRequests gets all pending 2FA requests
|
||||
//
|
||||
// @Summary Get pending 2FA requests
|
||||
// @Description Get all pending Steam 2FA authentication requests
|
||||
// @Tags Steam 2FA
|
||||
// @Accept json
|
||||
// @Produce json
|
||||
// @Success 200 {array} model.Steam2FARequest
|
||||
// @Failure 500 {object} error_handler.ErrorResponse
|
||||
// @Router /steam2fa/pending [get]
|
||||
func (c *Steam2FAController) GetPendingRequests(ctx *fiber.Ctx) error {
|
||||
requests := c.tfaManager.GetPendingRequests()
|
||||
return ctx.JSON(requests)
|
||||
}
|
||||
|
||||
// GetRequest gets a specific 2FA request by ID
|
||||
//
|
||||
// @Summary Get 2FA request
|
||||
// @Description Get a specific Steam 2FA authentication request by ID
|
||||
// @Tags Steam 2FA
|
||||
// @Accept json
|
||||
// @Produce json
|
||||
// @Param id path string true "2FA Request ID"
|
||||
// @Success 200 {object} model.Steam2FARequest
|
||||
// @Failure 404 {object} error_handler.ErrorResponse
|
||||
// @Failure 500 {object} error_handler.ErrorResponse
|
||||
// @Router /steam2fa/{id} [get]
|
||||
func (c *Steam2FAController) GetRequest(ctx *fiber.Ctx) error {
|
||||
id := ctx.Params("id")
|
||||
if id == "" {
|
||||
return c.errorHandler.HandleError(ctx, fiber.ErrBadRequest, fiber.StatusBadRequest)
|
||||
}
|
||||
|
||||
request, exists := c.tfaManager.GetRequest(id)
|
||||
if !exists {
|
||||
return c.errorHandler.HandleNotFoundError(ctx, "2FA request")
|
||||
}
|
||||
|
||||
return ctx.JSON(request)
|
||||
}
|
||||
|
||||
// CompleteRequest marks a 2FA request as completed
|
||||
//
|
||||
// @Summary Complete 2FA request
|
||||
// @Description Mark a Steam 2FA authentication request as completed
|
||||
// @Tags Steam 2FA
|
||||
// @Accept json
|
||||
// @Produce json
|
||||
// @Param id path string true "2FA Request ID"
|
||||
// @Success 200 {object} model.Steam2FARequest
|
||||
// @Failure 400 {object} error_handler.ErrorResponse
|
||||
// @Failure 404 {object} error_handler.ErrorResponse
|
||||
// @Failure 500 {object} error_handler.ErrorResponse
|
||||
// @Router /steam2fa/{id}/complete [post]
|
||||
func (c *Steam2FAController) CompleteRequest(ctx *fiber.Ctx) error {
|
||||
id := ctx.Params("id")
|
||||
if id == "" {
|
||||
return c.errorHandler.HandleError(ctx, fiber.ErrBadRequest, fiber.StatusBadRequest)
|
||||
}
|
||||
|
||||
if err := c.tfaManager.CompleteRequest(id); err != nil {
|
||||
return c.errorHandler.HandleError(ctx, err, fiber.StatusBadRequest)
|
||||
}
|
||||
|
||||
request, exists := c.tfaManager.GetRequest(id)
|
||||
if !exists {
|
||||
return c.errorHandler.HandleNotFoundError(ctx, "2FA request")
|
||||
}
|
||||
|
||||
return ctx.JSON(request)
|
||||
}
|
||||
|
||||
// CancelRequest cancels a 2FA request
|
||||
//
|
||||
// @Summary Cancel 2FA request
|
||||
// @Description Cancel a Steam 2FA authentication request
|
||||
// @Tags Steam 2FA
|
||||
// @Accept json
|
||||
// @Produce json
|
||||
// @Param id path string true "2FA Request ID"
|
||||
// @Success 200 {object} model.Steam2FARequest
|
||||
// @Failure 400 {object} error_handler.ErrorResponse
|
||||
// @Failure 404 {object} error_handler.ErrorResponse
|
||||
// @Failure 500 {object} error_handler.ErrorResponse
|
||||
// @Router /steam2fa/{id}/cancel [post]
|
||||
func (c *Steam2FAController) CancelRequest(ctx *fiber.Ctx) error {
|
||||
id := ctx.Params("id")
|
||||
if id == "" {
|
||||
return c.errorHandler.HandleError(ctx, fiber.ErrBadRequest, fiber.StatusBadRequest)
|
||||
}
|
||||
|
||||
if err := c.tfaManager.ErrorRequest(id, "cancelled by user"); err != nil {
|
||||
return c.errorHandler.HandleError(ctx, err, fiber.StatusBadRequest)
|
||||
}
|
||||
|
||||
request, exists := c.tfaManager.GetRequest(id)
|
||||
if !exists {
|
||||
return c.errorHandler.HandleNotFoundError(ctx, "2FA request")
|
||||
}
|
||||
|
||||
return ctx.JSON(request)
|
||||
}
|
||||
Reference in New Issue
Block a user