Add logging and fix /agents/ route error
All checks were successful
Build and Release / build (push) Successful in 35s
All checks were successful
Build and Release / build (push) Successful in 35s
This commit is contained in:
Ducky SSH User
@@ -3,6 +3,7 @@ package auth
|
||||
import (
|
||||
"crypto/rand"
|
||||
"encoding/hex"
|
||||
"log/slog"
|
||||
"net/http"
|
||||
"sync"
|
||||
"time"
|
||||
@@ -36,11 +37,13 @@ func New(username, password string) *Manager {
|
||||
// Login validates credentials and creates a session.
|
||||
func (m *Manager) Login(username, password string) (string, error) {
|
||||
if username != m.username || password != m.password {
|
||||
slog.Debug("Login failed - invalid credentials", "username", username)
|
||||
return "", ErrInvalidCredentials
|
||||
}
|
||||
|
||||
token, err := generateToken()
|
||||
if err != nil {
|
||||
slog.Error("Failed to generate session token", "error", err)
|
||||
return "", err
|
||||
}
|
||||
|
||||
@@ -52,6 +55,7 @@ func (m *Manager) Login(username, password string) (string, error) {
|
||||
ExpiresAt: time.Now().Add(m.expiryDur),
|
||||
}
|
||||
|
||||
slog.Debug("Login successful, session created", "username", username, "token", token[:8]+"...")
|
||||
return token, nil
|
||||
}
|
||||
|
||||
@@ -62,10 +66,17 @@ func (m *Manager) Validate(token string) bool {
|
||||
|
||||
session, ok := m.sessions[token]
|
||||
if !ok {
|
||||
slog.Debug("Session validation failed - token not found", "token", token[:8]+"...")
|
||||
return false
|
||||
}
|
||||
|
||||
return session.ExpiresAt.After(time.Now())
|
||||
if !session.ExpiresAt.After(time.Now()) {
|
||||
slog.Debug("Session validation failed - token expired", "token", token[:8]+"...", "expiredAt", session.ExpiresAt)
|
||||
return false
|
||||
}
|
||||
|
||||
slog.Debug("Session validation successful", "token", token[:8]+"...")
|
||||
return true
|
||||
}
|
||||
|
||||
// Logout invalidates a session.
|
||||
@@ -74,16 +85,24 @@ func (m *Manager) Logout(token string) {
|
||||
defer m.mu.Unlock()
|
||||
|
||||
delete(m.sessions, token)
|
||||
slog.Debug("Session logged out", "token", token[:8]+"...")
|
||||
}
|
||||
|
||||
// Middleware returns a Chi middleware for authentication.
|
||||
func (m *Manager) Middleware(next http.Handler) http.Handler {
|
||||
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
|
||||
cookie, err := r.Cookie("session_token")
|
||||
if err != nil || !m.Validate(cookie.Value) {
|
||||
if err != nil {
|
||||
slog.Debug("Authentication failed - no session cookie", "path", r.URL.Path, "remoteAddr", r.RemoteAddr)
|
||||
http.Redirect(w, r, "/login", http.StatusSeeOther)
|
||||
return
|
||||
}
|
||||
if !m.Validate(cookie.Value) {
|
||||
slog.Debug("Authentication failed - invalid session", "path", r.URL.Path, "remoteAddr", r.RemoteAddr)
|
||||
http.Redirect(w, r, "/login", http.StatusSeeOther)
|
||||
return
|
||||
}
|
||||
slog.Debug("Authentication successful", "path", r.URL.Path, "remoteAddr", r.RemoteAddr)
|
||||
next.ServeHTTP(w, r)
|
||||
})
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user