servo-multitenant
/
login-backend
8
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
Browse Source

v1.0.0.2 

get connection dipindahkan ke fungsi handler
master
chandrawisesa 11 months ago
parent
ae810f964f
commit
dcac64abcd
3 changed files with 79 additions and 40 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 2
      src/appinfo/appinfo.go
  2. 67
      src/handlers/auth.go
  3. 50
      src/moffas/moffas_auth.go

2
src/appinfo/appinfo.go
Unescape View File

@ -1,7 +1,7 @@
package appinfo package appinfo
var appName string = "MOFFAS-AUTH" var appName string = "MOFFAS-AUTH"
var version string = "1.0.0.1" var version string = "1.0.0.2"
func Version() string { func Version() string {
return version return version

67
src/handlers/auth.go
Unescape View File

@ -4,6 +4,7 @@ import (
"encoding/json" "encoding/json"
"fmt" "fmt"
"io" "io"
"moffas_go/db"
"moffas_go/helper" "moffas_go/helper"
"moffas_go/logger" "moffas_go/logger"
"moffas_go/moffas" "moffas_go/moffas"
@ -27,6 +28,37 @@ func Auth(w http.ResponseWriter, r *http.Request) {
"error_code": "000000000", "error_code": "000000000",
"error_message": "", "error_message": "",
} }
// ---- GET DB CONNECTION ----
conn, err := db.GetConnection()
if err != nil {
response["error_code"] = "503001001"
response["error_message"] = "Service Unavailable. Server Busy"
res, _ = helper.JSONencode(response)
http.Error(w, res, http.StatusBadRequest)
return
} else {
defer db.ReleaseConnection()
// CHECK DB CONN PID
sql := " SELECT pg_backend_pid() pid"
type pidRes struct {
Pid int `db:"pid"`
}
pidres := pidRes{}
err = conn.Get(&pidres, sql)
if err != nil {
logger.Critical("!!! FAILED TO GET CONNECTION ID FROM DB")
response["error_code"] = "500001001"
response["error_message"] = "Internal System Error"
res, _ = helper.JSONencode(response)
http.Error(w, res, http.StatusBadRequest)
return
}
logger.Info(reference_id, "DB Connection Pid : ", pidres.Pid)
}
// ---- CHECK REQUEST METHOD ---- // ---- CHECK REQUEST METHOD ----
if r.Method == http.MethodPost { if r.Method == http.MethodPost {
// ---- VERIFY THE CONTENT IS JSON ---- // ---- VERIFY THE CONTENT IS JSON ----
@ -87,7 +119,7 @@ func Auth(w http.ResponseWriter, r *http.Request) {
} }
// ---- GENERATE CHALLENGE ---- // ---- GENERATE CHALLENGE ----
challenge, err := moffas.Generate_challenge(reference_id, req.Username, req.Half_nonce) challenge, err := moffas.Generate_challenge(reference_id, conn, req.Username, req.Half_nonce)
if err != nil { if err != nil {
// ---- ERROR QUERYING USER DATA ---- // ---- ERROR QUERYING USER DATA ----
logger.Error(reference_id, "!!! ERROR GENERATING CHALLENGE") logger.Error(reference_id, "!!! ERROR GENERATING CHALLENGE")
@ -134,6 +166,37 @@ func Verify(w http.ResponseWriter, r *http.Request) {
"error_code": "000000000", "error_code": "000000000",
"error_message": "", "error_message": "",
} }
// ---- GET DB CONNECTION ----
conn, err := db.GetConnection()
if err != nil {
response["error_code"] = "503001001"
response["error_message"] = "Service Unavailable. Server Busy"
res, _ = helper.JSONencode(response)
http.Error(w, res, http.StatusBadRequest)
return
} else {
defer db.ReleaseConnection()
// CHECK DB CONN PID
sql := " SELECT pg_backend_pid() pid"
type pidRes struct {
Pid int `db:"pid"`
}
pidres := pidRes{}
err = conn.Get(&pidres, sql)
if err != nil {
logger.Critical("!!! FAILED TO GET CONNECTION ID FROM DB")
response["error_code"] = "500001001"
response["error_message"] = "Internal System Error"
res, _ = helper.JSONencode(response)
http.Error(w, res, http.StatusBadRequest)
return
}
logger.Info(reference_id, "DB Connection Pid : ", pidres.Pid)
}
// ---- CHECK REQUEST METHOD ---- // ---- CHECK REQUEST METHOD ----
if r.Method == http.MethodPost { if r.Method == http.MethodPost {
// ---- VERIFY THE CONTENT IS JSON ---- // ---- VERIFY THE CONTENT IS JSON ----
@ -199,7 +262,7 @@ func Verify(w http.ResponseWriter, r *http.Request) {
} }
// ---- VERIFY CHALLENGE RESPONSE ---- // ---- VERIFY CHALLENGE RESPONSE ----
challenge_data, err := moffas.Verify_challenge(reference_id, req.Full_nonce, req.Client_hash, req.Next_nonce) challenge_data, err := moffas.Verify_challenge(reference_id, conn, req.Full_nonce, req.Client_hash, req.Next_nonce)
if err != nil { if err != nil {
// ---- ERROR QUERYING USER DATA ---- // ---- ERROR QUERYING USER DATA ----
logger.Error(reference_id, "!!! FAILED TO VERIFY CHALLENGE") logger.Error(reference_id, "!!! FAILED TO VERIFY CHALLENGE")

50
src/moffas/moffas_auth.go
Unescape View File

@ -3,12 +3,13 @@ package moffas
import ( import (
"encoding/json" "encoding/json"
"errors" "errors"
"moffas_go/db"
"moffas_go/helper" "moffas_go/helper"
"moffas_go/logger" "moffas_go/logger"
"strconv" "strconv"
"strings" "strings"
"time" "time"
"github.com/jmoiron/sqlx"
) )
type GeneratedChallenge struct { type GeneratedChallenge struct {
@ -28,7 +29,7 @@ type VerificationResult struct {
Organization_data map[string]interface{} Organization_data map[string]interface{}
} }
func Generate_challenge(reference_id, username string, half_nonce string) (GeneratedChallenge, error) { func Generate_challenge(reference_id string, conn *sqlx.DB, username string, half_nonce string) (GeneratedChallenge, error) {
logger.Debug(reference_id, " -- start generate_challenge") logger.Debug(reference_id, " -- start generate_challenge")
startTime := time.Now() startTime := time.Now()
defer func() { defer func() {
@ -36,13 +37,7 @@ func Generate_challenge(reference_id, username string, half_nonce string) (Gener
logger.Debug(reference_id, " -- generate_challenge done in ", dur) logger.Debug(reference_id, " -- generate_challenge done in ", dur)
}() }()
conn, err := db.GetConnection() current_time := startTime.Unix()
if err != nil {
return GeneratedChallenge{}, err
}
defer db.ReleaseConnection()
current_time := time.Now().Unix()
nonce, err := helper.GenerateRandomString(8) nonce, err := helper.GenerateRandomString(8)
if err != nil { if err != nil {
return GeneratedChallenge{}, err return GeneratedChallenge{}, err
@ -114,7 +109,7 @@ func Generate_challenge(reference_id, username string, half_nonce string) (Gener
logger.Info(reference_id, "CALCULATED CLIENT HASH : ", calculated_client_hash) logger.Info(reference_id, "CALCULATED CLIENT HASH : ", calculated_client_hash)
//----- CONTEKAN DOANG ----- //----- CONTEKAN DOANG -----
err = upsert_challenge(reference_id, full_nonce, dbresult.User_id) err = upsert_challenge(reference_id, conn, full_nonce, dbresult.User_id)
if err != nil { if err != nil {
return GeneratedChallenge{}, err return GeneratedChallenge{}, err
} }
@ -126,20 +121,14 @@ func Generate_challenge(reference_id, username string, half_nonce string) (Gener
}, nil }, nil
} }
func Verify_challenge(reference_id string, full_nonce string, client_hash string, next_nonce string) (VerificationResult, error) { func Verify_challenge(reference_id string, conn *sqlx.DB, full_nonce string, client_hash string, next_nonce string) (VerificationResult, error) {
logger.Debug(reference_id, " start verify_challenge") logger.Debug(reference_id, " -- start verify_challenge")
startTime := time.Now() startTime := time.Now()
defer func() { defer func() {
dur := time.Since(startTime) dur := time.Since(startTime)
logger.Debug(reference_id, " -- verify_challenge done in ", dur) logger.Debug(reference_id, " -- verify_challenge done in ", dur)
}() }()
conn, err := db.GetConnection()
if err != nil {
return VerificationResult{}, err
}
defer db.ReleaseConnection()
current_time := time.Now().Unix() current_time := time.Now().Unix()
nonce, err := helper.GenerateRandomString(8) nonce, err := helper.GenerateRandomString(8)
if err != nil { if err != nil {
@ -243,7 +232,7 @@ func Verify_challenge(reference_id string, full_nonce string, client_hash string
session_id, _ := helper.GenerateRandomString(16) session_id, _ := helper.GenerateRandomString(16)
logger.Info(reference_id, "SESSION ID : ", session_id) logger.Info(reference_id, "SESSION ID : ", session_id)
err = upsert_session(reference_id, session_id, dbresult.User_id, session_secret) err = upsert_session(reference_id, conn, session_id, dbresult.User_id, session_secret)
if err != nil { if err != nil {
return VerificationResult{}, err return VerificationResult{}, err
} }
@ -272,7 +261,7 @@ func Verify_challenge(reference_id string, full_nonce string, client_hash string
}, nil }, nil
} }
func upsert_challenge(reference_id, full_nonce string, user_id int64) error { func upsert_challenge(reference_id string, conn *sqlx.DB, full_nonce string, user_id int64) error {
logger.Debug(reference_id, " start upsert_challenge") logger.Debug(reference_id, " start upsert_challenge")
startTime := time.Now() startTime := time.Now()
defer func() { defer func() {
@ -280,16 +269,10 @@ func upsert_challenge(reference_id, full_nonce string, user_id int64) error {
logger.Debug(reference_id, " -- upsert_challenge done in ", dur) logger.Debug(reference_id, " -- upsert_challenge done in ", dur)
}() }()
conn, err := db.GetConnection()
if err != nil {
return err
}
defer db.ReleaseConnection()
query := "DELETE FROM servouser.challenge_response WHERE full_nonce = $1 OR user_id = $2" query := "DELETE FROM servouser.challenge_response WHERE full_nonce = $1 OR user_id = $2"
sql := strings.ReplaceAll(strings.ReplaceAll(query, "\t", " "), "\n", " ") sql := strings.ReplaceAll(strings.ReplaceAll(query, "\t", " "), "\n", " ")
logger.Debug(reference_id, "SQL : ", sql) logger.Debug(reference_id, "SQL : ", sql)
_, err = conn.Exec(query, full_nonce, user_id) _, err := conn.Exec(query, full_nonce, user_id)
if err != nil { if err != nil {
return err return err
} }
@ -306,25 +289,18 @@ func upsert_challenge(reference_id, full_nonce string, user_id int64) error {
return err return err
} }
func upsert_session(reference_id, session_id string, user_id int64, session_secret string) error { func upsert_session(reference_id string, conn *sqlx.DB, session_id string, user_id int64, session_secret string) error {
logger.Debug(reference_id, " start upsert_challenge") logger.Debug(reference_id, " -- start upsert_session.")
startTime := time.Now() startTime := time.Now()
defer func() { defer func() {
dur := time.Since(startTime) dur := time.Since(startTime)
logger.Debug(reference_id, " -- upsert_session done in ", dur) logger.Debug(reference_id, " -- upsert_session done in ", dur)
}() }()
conn, err := db.GetConnection()
if err != nil {
return err
}
defer db.ReleaseConnection()
query := "DELETE FROM servouser.session WHERE session_id = $1 OR user_id = $2" query := "DELETE FROM servouser.session WHERE session_id = $1 OR user_id = $2"
sql := strings.ReplaceAll(strings.ReplaceAll(query, "\t", " "), "\n", " ") sql := strings.ReplaceAll(strings.ReplaceAll(query, "\t", " "), "\n", " ")
logger.Debug(reference_id, "SQL : ", sql) logger.Debug(reference_id, "SQL : ", sql)
_, err = conn.Exec(query, session_id, user_id) _, err := conn.Exec(query, session_id, user_id)
if err != nil { if err != nil {
return err return err
} }

Write Preview
Loading…
Cancel
Save