mirror of
https://github.com/hay-kot/homebox.git
synced 2024-12-24 15:56:31 +00:00
36 lines
1 KiB
Go
36 lines
1 KiB
Go
package providers
|
|
|
|
import (
|
|
"errors"
|
|
"net/http"
|
|
|
|
"github.com/hay-kot/homebox/backend/internal/core/services"
|
|
"github.com/hay-kot/homebox/backend/internal/sys/config"
|
|
"github.com/hay-kot/homebox/backend/pkgs/ipcheck"
|
|
)
|
|
|
|
type ForwardAuthProvider struct {
|
|
service *services.UserService
|
|
authConfig *config.AuthConfig
|
|
}
|
|
|
|
func NewForwardAuthProvider(service *services.UserService, authConfig *config.AuthConfig) *ForwardAuthProvider {
|
|
return &ForwardAuthProvider{
|
|
service: service,
|
|
authConfig: authConfig,
|
|
}
|
|
}
|
|
|
|
func (p *ForwardAuthProvider) Name() string {
|
|
return "forwardauth"
|
|
}
|
|
|
|
func (p *ForwardAuthProvider) Authenticate(w http.ResponseWriter, r *http.Request) (services.UserAuthTokenDetail, error) {
|
|
if !ipcheck.ValidateAgainstList(r.RemoteAddr, p.authConfig.ForwardAuthAllowedIps) {
|
|
return services.UserAuthTokenDetail{}, errors.New("forward authentication denied, IP address not allowed")
|
|
}
|
|
|
|
username := r.Header.Get(p.authConfig.ForwardAuthHeader)
|
|
|
|
return p.service.PasswordlessLogin(r.Context(), username, p.authConfig.ForwardAuthAutoRegister)
|
|
}
|