167 lines
5.1 KiB
Go
167 lines
5.1 KiB
Go
package web
|
|
|
|
import (
|
|
"encoding/json"
|
|
)
|
|
|
|
// dispatch routes one inbound message to its handler. The `raw` payload is
|
|
// passed through so handlers can re-parse to their own shape.
|
|
//
|
|
// Phase 3 implements: get_salt, login, get_devices, ping, disconnect.
|
|
// Phase 4/5/6 commands (connect, mouse, key, term_*, etc.) get a friendly
|
|
// "not yet implemented" reply so the browser UI doesn't hang silently.
|
|
func (h *wsHub) dispatch(c *wsClient, cmd string, raw []byte) {
|
|
switch cmd {
|
|
case "get_salt":
|
|
h.handleGetSalt(c, raw)
|
|
case "login":
|
|
h.handleLogin(c, raw)
|
|
case "get_devices":
|
|
h.handleGetDevices(c, raw)
|
|
case "ping":
|
|
// no-op heartbeat; the read itself was the keep-alive signal
|
|
case "disconnect":
|
|
c.queue([]byte(`{"cmd":"disconnect_result","ok":true}`))
|
|
|
|
// Reserved for later phases. Reply with a benign failure so the UI can
|
|
// surface a clear error instead of spinning indefinitely.
|
|
case "connect":
|
|
h.replyNotImplemented(c, "connect_result", "Screen sharing not yet implemented on Go server")
|
|
case "rdp_reset":
|
|
// silently ignored — UI uses this as a fire-and-forget
|
|
case "mouse", "key":
|
|
// silently ignored — no remote screen yet
|
|
case "term_open":
|
|
h.replyNotImplemented(c, "term_closed", "Web terminal not yet implemented on Go server")
|
|
case "term_input", "term_resize", "term_close":
|
|
// silently ignored — no terminal session
|
|
|
|
// Admin operations (Phase 7).
|
|
case "create_user":
|
|
h.replyNotImplemented(c, "create_user_result", "User management not yet implemented")
|
|
case "delete_user":
|
|
h.replyNotImplemented(c, "delete_user_result", "User management not yet implemented")
|
|
case "list_users":
|
|
h.replyNotImplemented(c, "list_users_result", "User management not yet implemented")
|
|
case "get_groups":
|
|
c.queue([]byte(`{"cmd":"groups","ok":true,"groups":[]}`))
|
|
}
|
|
}
|
|
|
|
func (h *wsHub) replyNotImplemented(c *wsClient, replyCmd, msg string) {
|
|
c.queue(mustJSON(map[string]any{
|
|
"cmd": replyCmd,
|
|
"ok": false,
|
|
"msg": msg,
|
|
}))
|
|
}
|
|
|
|
// ----- handlers ------------------------------------------------------------
|
|
|
|
func (h *wsHub) handleGetSalt(c *wsClient, raw []byte) {
|
|
var in struct {
|
|
Username string `json:"username"`
|
|
}
|
|
_ = json.Unmarshal(raw, &in)
|
|
|
|
salt, ok := h.auth.GetSalt(in.Username)
|
|
// Do not leak which usernames exist: always return ok=true with a salt.
|
|
// For unknown users hand back the empty salt (matches admin convention)
|
|
// so the timing/shape of the response is uniform.
|
|
if !ok {
|
|
salt = ""
|
|
}
|
|
c.queue(mustJSON(map[string]any{
|
|
"cmd": "salt",
|
|
"ok": true,
|
|
"salt": salt,
|
|
}))
|
|
}
|
|
|
|
func (h *wsHub) handleLogin(c *wsClient, raw []byte) {
|
|
var in struct {
|
|
Username string `json:"username"`
|
|
Response string `json:"response"`
|
|
Nonce string `json:"nonce"`
|
|
}
|
|
if err := json.Unmarshal(raw, &in); err != nil {
|
|
c.queue(mustJSON(map[string]any{"cmd": "login_result", "ok": false, "msg": "Invalid request"}))
|
|
return
|
|
}
|
|
|
|
// Bind the response to the challenge we issued at connect time so that
|
|
// replays from a different connection can't reuse a captured response.
|
|
if in.Nonce == "" || in.Nonce != c.nonce {
|
|
c.queue(mustJSON(map[string]any{"cmd": "login_result", "ok": false, "msg": "Invalid challenge"}))
|
|
return
|
|
}
|
|
|
|
token, role, err := h.auth.VerifyLogin(in.Username, in.Response, in.Nonce)
|
|
if err != nil {
|
|
// Burn the challenge on failure too — forces a new round on retry.
|
|
c.nonce = ""
|
|
c.queue(mustJSON(map[string]any{"cmd": "login_result", "ok": false, "msg": "Invalid credentials"}))
|
|
return
|
|
}
|
|
c.nonce = ""
|
|
c.token = token
|
|
c.role = role
|
|
h.log.Info("ws login: user=%s role=%s addr=%s", in.Username, role, c.addr)
|
|
|
|
c.queue(mustJSON(map[string]any{
|
|
"cmd": "login_result",
|
|
"ok": true,
|
|
"token": token,
|
|
"role": role,
|
|
}))
|
|
}
|
|
|
|
func (h *wsHub) handleGetDevices(c *wsClient, raw []byte) {
|
|
if !h.requireAuth(c, raw, "device_list") {
|
|
return
|
|
}
|
|
devices := h.devices.ListDevices()
|
|
c.queue(mustJSON(map[string]any{
|
|
"cmd": "device_list",
|
|
"ok": true,
|
|
"devices": devices,
|
|
}))
|
|
}
|
|
|
|
// requireAuth validates the token embedded in raw against the authenticator's
|
|
// session store (not against c.token). Tokens live independently of WS
|
|
// connections — the browser may reconnect after a visibility/network blip and
|
|
// resume with the same token, so we must not tie validity to one WS lifetime.
|
|
// On the first authenticated message we cache the token/role on the wsClient
|
|
// so broadcasts know to deliver to this connection.
|
|
func (h *wsHub) requireAuth(c *wsClient, raw []byte, replyCmd string) bool {
|
|
var in struct {
|
|
Token string `json:"token"`
|
|
}
|
|
_ = json.Unmarshal(raw, &in)
|
|
if in.Token == "" {
|
|
c.queue(mustJSON(map[string]any{"cmd": replyCmd, "ok": false}))
|
|
return false
|
|
}
|
|
sess, err := h.auth.ValidateToken(in.Token)
|
|
if err != nil {
|
|
c.queue(mustJSON(map[string]any{"cmd": replyCmd, "ok": false}))
|
|
return false
|
|
}
|
|
if c.token == "" {
|
|
c.token = in.Token
|
|
c.role = sess.Role
|
|
}
|
|
return true
|
|
}
|
|
|
|
func mustJSON(v any) []byte {
|
|
b, err := json.Marshal(v)
|
|
if err != nil {
|
|
// All callers pass simple map[string]any with primitive values;
|
|
// marshal can't realistically fail. If it does, return a safe fallback.
|
|
return []byte(`{"cmd":"error","msg":"internal encode error"}`)
|
|
}
|
|
return b
|
|
}
|