summaryrefslogtreecommitdiff
path: root/app/controllers/register.go
blob: 8698bda5281527da46a91e4af30f9d833c8edc43 (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78

package controllers

import (
	"net/http"

	"code.crute.us/mcrute/golib/echo/session"
	"code.crute.us/mcrute/ssh-proxy/app"
	"code.crute.us/mcrute/ssh-proxy/app/models"
	"github.com/go-webauthn/webauthn/protocol"
	"github.com/go-webauthn/webauthn/webauthn"
	"github.com/labstack/echo/v4"
)

type RegisterController[T app.AppSession] struct {
	Logger       echo.Logger
	Sessions     session.Store[T]
	Users        models.UserStore
	AuthSessions models.AuthSessionStore
	Webauthn     *webauthn.WebAuthn
}

func (a *RegisterController[T]) HandleStart(c echo.Context) error {
	user, err := a.Users.Get(c.Request().Context(), c.Param("username"))
	if err != nil {
		a.Logger.Errorf("Error getting user: %s", err)
		return c.NoContent(http.StatusNotFound)
	}

	request, sessionData, err := a.Webauthn.BeginRegistration(user)
	if err != nil {
		a.Logger.Errorf("Error creating webauthn request: %s", err)
		return c.NoContent(http.StatusInternalServerError)
	}

	session := a.Sessions.Get(c)
	s := session.Self()
	s.WebauthnSession = sessionData
	a.Sessions.Update(c, session)

	return c.JSON(http.StatusOK, request)
}

func (a *RegisterController[T]) HandleFinish(c echo.Context) error {
	user, err := a.Users.Get(c.Request().Context(), c.Param("username"))
	if err != nil {
		a.Logger.Errorf("Error getting user: %s", err)
		return c.NoContent(http.StatusNotFound)
	}

	response, err := protocol.ParseCredentialCreationResponseBody(c.Request().Body)
	if err != nil {
		a.Logger.Errorf("Error parsing credential response: %s", err)
		return c.NoContent(http.StatusBadRequest)
	}

	session := a.Sessions.Get(c)
	s := session.Self()

	if s.WebauthnSession == nil {
		a.Logger.Errorf("Webauthn session is not set")
		return c.NoContent(http.StatusBadRequest)
	}

	credential, err := a.Webauthn.CreateCredential(user, *s.WebauthnSession, response)
	if err != nil {
		a.Logger.Errorf("Error creating credential: %s", err)
		return c.NoContent(http.StatusBadRequest)
	}

	user.Fido2Credentials = append(user.Fido2Credentials, *credential)

	if err := a.Users.Upsert(c.Request().Context(), user); err != nil {
		a.Logger.Errorf("Error saving user: %s", err)
		return c.NoContent(http.StatusInternalServerError)
	}

	return c.NoContent(http.StatusOK)
}
© 2015 Mike Crute