MCPcopy Index your code
hub / github.com/tinode/chat / Authenticate

Method Authenticate

server/auth/code/auth_code.go:89–139  ·  view source on GitHub ↗

Authenticate checks validity of provided short code. The secret is structured as : : , "123456:email:alice@example.com".

(secret []byte, remoteAddr string)

Source from the content-addressed store, hash-verified

87// Authenticate checks validity of provided short code.
88// The secret is structured as <code>:<cred_method>:<cred_value>, "123456:email:alice@example.com".
89func (ca *authenticator) Authenticate(secret []byte, remoteAddr string) (*auth.Rec, []byte, error) {
90 parts := strings.SplitN(string(secret), ":", 2)
91 if len(parts) != 2 {
92 return nil, nil, types.ErrMalformed
93 }
94
95 code, cred := parts[0], parts[1]
96 key := sanitizeKey(realName + "_" + cred)
97
98 value, err := store.PCache.Get(key)
99 if err != nil {
100 if err == types.ErrNotFound {
101 err = types.ErrFailed
102 }
103 return nil, nil, err
104 }
105
106 // code:count:uid
107 parts = strings.Split(value, ":")
108 if len(parts) != 3 {
109 return nil, nil, types.ErrInternal
110 }
111
112 count, err := strconv.Atoi(parts[1])
113 if err != nil {
114 return nil, nil, types.ErrInternal
115 }
116
117 if count >= ca.maxRetries {
118 return nil, nil, types.ErrFailed
119 }
120
121 if parts[0] != code {
122 // Update count of attempts. If the update fails, the error is ignored.
123 store.PCache.Upsert(key, parts[0]+":"+strconv.Itoa(count+1)+":"+parts[2], false)
124 return nil, nil, types.ErrFailed
125 }
126
127 // Success. Remove no longer needed entry. The error is ignored here.
128 if err = store.PCache.Delete(key); err != nil {
129 logs.Warn.Println("code_auth: error deleting key", key, err)
130 }
131
132 return &auth.Rec{
133 Uid: types.ParseUid(parts[2]),
134 AuthLevel: auth.LevelNone,
135 Lifetime: auth.Duration(ca.lifetime),
136 Features: auth.FeatureNoLogin,
137 State: types.StateUndefined,
138 Credential: cred}, nil, nil
139}
140
141// GenSecret generates a new code.
142func (ca *authenticator) GenSecret(rec *auth.Rec) ([]byte, time.Time, error) {

Callers

nothing calls this directly

Calls 7

ParseUidFunction · 0.92
DurationTypeAlias · 0.92
sanitizeKeyFunction · 0.85
PrintlnMethod · 0.80
GetMethod · 0.65
UpsertMethod · 0.65
DeleteMethod · 0.65

Tested by

no test coverage detected