Feature(Go): Web auth, WebSocket signaling and live device list (Phase 3)

2026-05-17 22:18:29 +02:00
parent af2aa4893f
commit b1f229706c
13 changed files with 1211 additions and 21 deletions
--- a/server/go/wsauth/wsauth.go
+++ b/server/go/wsauth/wsauth.go
@@ -0,0 +1,192 @@
+// Package wsauth provides authentication and session-token management for
+// the web service. Protocol surface (challenge nonce + SHA256-based response
+// and SHA256(password+salt) hashes) is kept compatible with the existing
+// browser front-end and users.json format. Internal token representation is
+// deliberately different from the C++ counterpart — opaque random hex strings
+// keyed into an in-memory map — to avoid leaking the proprietary token format.
+package wsauth
+
+import (
+	"crypto/rand"
+	"crypto/sha256"
+	"encoding/hex"
+	"errors"
+	"sync"
+	"time"
+)
+
+// Default knobs. Override via SetDefaults at startup if needed.
+const (
+	DefaultTokenExpire = 24 * time.Hour
+	nonceBytes         = 16 // 32 hex chars
+	tokenBytes         = 32 // 64 hex chars
+	saltBytes          = 8  // 16 hex chars
+)
+
+// ErrInvalidToken is returned when a token is unknown or expired.
+var ErrInvalidToken = errors.New("invalid or expired token")
+
+// User is the credentials record for one web account.
+type User struct {
+	Username     string
+	PasswordHash string // SHA256(password+salt) in lowercase hex
+	Salt         string // empty for admin (matches C++ convention)
+	Role         string // "admin" or "viewer"
+}
+
+// Session is the authenticated state attached to a valid token.
+type Session struct {
+	Username  string
+	Role      string
+	ExpiresAt time.Time
+}
+
+// Authenticator owns the user table and the active token map. It is safe to
+// use from multiple goroutines.
+type Authenticator struct {
+	mu          sync.RWMutex
+	users       map[string]*User    // username -> user
+	tokens      map[string]*Session // token -> session
+	tokenExpire time.Duration
+}
+
+// New returns an empty Authenticator. Call AddUser to populate.
+func New() *Authenticator {
+	return &Authenticator{
+		users:       make(map[string]*User),
+		tokens:      make(map[string]*Session),
+		tokenExpire: DefaultTokenExpire,
+	}
+}
+
+// SetTokenExpire overrides the default session lifetime.
+func (a *Authenticator) SetTokenExpire(d time.Duration) {
+	if d <= 0 {
+		return
+	}
+	a.mu.Lock()
+	a.tokenExpire = d
+	a.mu.Unlock()
+}
+
+// AddUser registers a user. PasswordHash should already be
+// SHA256(password+salt) in lowercase hex; pass empty Salt to mirror the
+// admin-style "no salt" convention used by the C++ side.
+func (a *Authenticator) AddUser(u User) {
+	if u.Username == "" {
+		return
+	}
+	a.mu.Lock()
+	a.users[u.Username] = &u
+	a.mu.Unlock()
+}
+
+// AddAdminFromPlainPassword is a convenience for the bootstrap admin: salt is
+// empty (matching the C++ admin record), hash is SHA256(password).
+func (a *Authenticator) AddAdminFromPlainPassword(username, plainPassword string) {
+	a.AddUser(User{
+		Username:     username,
+		PasswordHash: ComputeSHA256(plainPassword),
+		Salt:         "",
+		Role:         "admin",
+	})
+}
+
+// GetSalt returns the per-user salt. If the user does not exist, returns ("", false).
+// Note: the C++ admin uses an empty salt — that is still considered "found"
+// and the empty string is returned with ok=true.
+func (a *Authenticator) GetSalt(username string) (string, bool) {
+	a.mu.RLock()
+	u, ok := a.users[username]
+	a.mu.RUnlock()
+	if !ok {
+		return "", false
+	}
+	return u.Salt, true
+}
+
+// VerifyLogin checks a challenge-response login. The browser sends
+// response = SHA256(passwordHash + nonce). On success the function mints a
+// new session token, stores it, and returns (token, role, nil).
+func (a *Authenticator) VerifyLogin(username, response, nonce string) (token, role string, err error) {
+	a.mu.RLock()
+	u, ok := a.users[username]
+	expire := a.tokenExpire
+	a.mu.RUnlock()
+	if !ok {
+		return "", "", errors.New("invalid credentials")
+	}
+	expected := ComputeSHA256(u.PasswordHash + nonce)
+	if response != expected {
+		return "", "", errors.New("invalid credentials")
+	}
+
+	token, err = randomHex(tokenBytes)
+	if err != nil {
+		return "", "", err
+	}
+	a.mu.Lock()
+	a.tokens[token] = &Session{
+		Username:  username,
+		Role:      u.Role,
+		ExpiresAt: time.Now().Add(expire),
+	}
+	a.mu.Unlock()
+	return token, u.Role, nil
+}
+
+// ValidateToken returns the session for a token or ErrInvalidToken. Expired
+// tokens are removed lazily as they are looked up.
+func (a *Authenticator) ValidateToken(token string) (*Session, error) {
+	a.mu.RLock()
+	s, ok := a.tokens[token]
+	a.mu.RUnlock()
+	if !ok {
+		return nil, ErrInvalidToken
+	}
+	if time.Now().After(s.ExpiresAt) {
+		a.mu.Lock()
+		delete(a.tokens, token)
+		a.mu.Unlock()
+		return nil, ErrInvalidToken
+	}
+	return s, nil
+}
+
+// RevokeToken removes a token from the active set. No-op for unknown tokens.
+func (a *Authenticator) RevokeToken(token string) {
+	a.mu.Lock()
+	delete(a.tokens, token)
+	a.mu.Unlock()
+}
+
+// NewNonce returns a fresh challenge nonce (hex string). Each WS connection
+// should receive exactly one nonce, consumed by a single login attempt.
+func NewNonce() (string, error) {
+	return randomHex(nonceBytes)
+}
+
+// NewSalt returns a fresh per-user salt (hex string).
+func NewSalt() (string, error) {
+	return randomHex(saltBytes)
+}
+
+// ComputeSHA256 returns the lowercase-hex SHA256 of s.
+func ComputeSHA256(s string) string {
+	sum := sha256.Sum256([]byte(s))
+	return hex.EncodeToString(sum[:])
+}
+
+// HashPassword computes the stored hash for a (password, salt) pair using
+// the same scheme as the existing C++ users.json: SHA256(password + salt).
+func HashPassword(password, salt string) string {
+	return ComputeSHA256(password + salt)
+}
+
+func randomHex(n int) (string, error) {
+	b := make([]byte, n)
+	if _, err := rand.Read(b); err != nil {
+		return "", err
+	}
+	return hex.EncodeToString(b), nil
+}
--- a/server/go/wsauth/wsauth_test.go
+++ b/server/go/wsauth/wsauth_test.go
@@ -0,0 +1,116 @@
+package wsauth
+
+import (
+	"testing"
+	"time"
+)
+
+func TestSHA256Vector(t *testing.T) {
+	// Known vector — keeps us honest against accidental algorithm changes.
+	got := ComputeSHA256("abc")
+	want := "ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad"
+	if got != want {
+		t.Fatalf("SHA256(abc): got %s want %s", got, want)
+	}
+}
+
+func TestLoginRoundTripAdminEmptySalt(t *testing.T) {
+	a := New()
+	a.AddAdminFromPlainPassword("admin", "hunter2")
+
+	salt, ok := a.GetSalt("admin")
+	if !ok || salt != "" {
+		t.Fatalf("admin salt: ok=%v salt=%q", ok, salt)
+	}
+
+	// Simulate the browser: nonce = "abc123", response = SHA256(passwordHash + nonce)
+	nonce := "abc123"
+	passwordHash := ComputeSHA256("hunter2")
+	response := ComputeSHA256(passwordHash + nonce)
+
+	token, role, err := a.VerifyLogin("admin", response, nonce)
+	if err != nil {
+		t.Fatalf("VerifyLogin: %v", err)
+	}
+	if role != "admin" {
+		t.Fatalf("role: got %q want admin", role)
+	}
+	if len(token) != 2*tokenBytes {
+		t.Fatalf("token length: got %d want %d", len(token), 2*tokenBytes)
+	}
+
+	sess, err := a.ValidateToken(token)
+	if err != nil {
+		t.Fatalf("ValidateToken: %v", err)
+	}
+	if sess.Username != "admin" || sess.Role != "admin" {
+		t.Fatalf("session: %+v", sess)
+	}
+}
+
+func TestLoginRoundTripViewerWithSalt(t *testing.T) {
+	a := New()
+	salt, _ := NewSalt()
+	a.AddUser(User{
+		Username:     "alice",
+		PasswordHash: HashPassword("p@ss", salt),
+		Salt:         salt,
+		Role:         "viewer",
+	})
+
+	gotSalt, ok := a.GetSalt("alice")
+	if !ok || gotSalt != salt {
+		t.Fatalf("salt: ok=%v got=%q want=%q", ok, gotSalt, salt)
+	}
+
+	nonce, _ := NewNonce()
+	response := ComputeSHA256(HashPassword("p@ss", salt) + nonce)
+	_, role, err := a.VerifyLogin("alice", response, nonce)
+	if err != nil || role != "viewer" {
+		t.Fatalf("VerifyLogin: role=%q err=%v", role, err)
+	}
+}
+
+func TestLoginRejectsWrongResponse(t *testing.T) {
+	a := New()
+	a.AddAdminFromPlainPassword("admin", "x")
+	_, _, err := a.VerifyLogin("admin", "deadbeef", "nonce")
+	if err == nil {
+		t.Fatal("expected error for bad response")
+	}
+	_, _, err = a.VerifyLogin("ghost", "anything", "anything")
+	if err == nil {
+		t.Fatal("expected error for unknown user")
+	}
+}
+
+func TestTokenExpiry(t *testing.T) {
+	a := New()
+	a.SetTokenExpire(50 * time.Millisecond)
+	a.AddAdminFromPlainPassword("admin", "x")
+	nonce, _ := NewNonce()
+	response := ComputeSHA256(ComputeSHA256("x") + nonce)
+	token, _, err := a.VerifyLogin("admin", response, nonce)
+	if err != nil {
+		t.Fatal(err)
+	}
+	if _, err := a.ValidateToken(token); err != nil {
+		t.Fatalf("fresh token should validate: %v", err)
+	}
+	time.Sleep(80 * time.Millisecond)
+	if _, err := a.ValidateToken(token); err == nil {
+		t.Fatal("expired token should not validate")
+	}
+}
+
+func TestRevoke(t *testing.T) {
+	a := New()
+	a.AddAdminFromPlainPassword("admin", "x")
+	nonce, _ := NewNonce()
+	response := ComputeSHA256(ComputeSHA256("x") + nonce)
+	token, _, _ := a.VerifyLogin("admin", response, nonce)
+	a.RevokeToken(token)
+	if _, err := a.ValidateToken(token); err == nil {
+		t.Fatal("revoked token should not validate")
+	}
+}