Merge pull request #12 from PapePathe/auth

feat: server now requires authentication
PapePathe · Apr 13, 2024 · 8821b31 · 8821b31
2 parents 56da461 + 8fbb8fd
commit 8821b31
Show file tree

Hide file tree

Showing 3 changed files with 41 additions and 23 deletions.
diff --git a/internal/commands/handler_hello.go b/internal/commands/handler_hello.go
@@ -1,10 +1,5 @@
 package commands
 
-import (
-	"log"
-	"pedis/internal/response"
-)
-
 type HelloHandler struct{}
 
 func (ch HelloHandler) Authorize(ClientRequest) error {
@@ -20,19 +15,31 @@ func (ch HelloHandler) Persistent() bool {
 }
 
 func (ch HelloHandler) Handle(r ClientRequest) {
-	hr := response.HelloResponse{
-		Server:  "redis",
-		Version: "6.2.1",
-		Mode:    "standalone",
-		Proto:   3,
-		Role:    "master",
+	data := r.DataRaw.ReadArray()
+	r.Logger.Info().Interface("Parameters", data).Msg("")
+
+	user, err := r.Store.GetUser(data[1])
+	if err != nil {
+		r.WriteError(err.Error())
+		return
+	}
+
+	if user.AnyPassword {
+		r.WriteOK()
+		return
 	}
 
-	_, err := r.Write(hr.Render())
+	if len(data) == 2 {
+		r.WriteError("Password must be supplied")
+		return
+	}
 
-	if err != nil {
-		log.Println(err)
+	if err := user.Authenticate(data[2]); err != nil {
+		r.WriteError(err.Error())
+		return
 	}
+
+	r.WriteOK()
 }
 
 func init() {

diff --git a/praft/kvstore.go b/praft/kvstore.go
@@ -37,6 +37,11 @@ type RedisCommand interface {
 	Run(commands.ClientRequest)
 }
 
+type PedisServerOpts struct {
+	DefaultUser     string
+	DefaultPassword string
+}
+
 // a key-value store backed by raft
 type PedisServer struct {
 	proposeC           chan<- string // channel for proposing updates

diff --git a/praft/kvstore_test.go b/praft/kvstore_test.go
@@ -29,14 +29,20 @@ import (
 func initClientAndServer(t *testing.T, port int) (*PedisServer, *redis.Client) {
 	storageProposeChan := make(chan storage.StorageData)
 
+	store := storage.NewSimpleStorage(storageProposeChan)
+	store.SetUser("pedis", []storage.AclRule{
+		{Type: storage.AclActivateUser},
+		{Type: storage.AclSetUserPassword, Value: "pedis"},
+	})
 	s := NewPedisServer(
 		fmt.Sprintf("127.0.0.1:%d", port),
-		storage.NewSimpleStorage(storageProposeChan),
+		store,
 	)
 
 	client := redis.NewClient(&redis.Options{
 		Addr:             fmt.Sprintf("127.0.0.1:%d", port),
-		Password:         "",
+		Username:         "pedis",
+		Password:         "pedis",
 		DB:               0,
 		DisableIndentity: true,
 	})
@@ -138,25 +144,25 @@ func TestACLCat(t *testing.T) {
 	})
 }
 
-func TestACLAuth(t *testing.T) {
+func TestHello(t *testing.T) {
 	ctx := context.Background()
 	s, client := initClientAndServer(t, 9004)
 	go s.StartPedis()
 
-	t.Run("AUTH-1", func(t *testing.T) {
+	t.Run("HELLO-1", func(t *testing.T) {
 		existingUser := "existingUser"
 		user404 := "user:404"
 
 		_, err := client.Do(ctx, "acl", "setuser", existingUser, "on", ">weak-password:").Result()
 		require.NoError(t, err)
 
-		_, err = client.Do(ctx, "auth", existingUser).Result()
+		_, err = client.Do(ctx, "hello", 3, existingUser).Result()
 		require.Error(t, err)
 
-		_, err = client.Do(ctx, "auth", existingUser, "weak-password").Result()
+		_, err = client.Do(ctx, "hello", 3, existingUser, "weak-password").Result()
 		require.NoError(t, err)
 
-		_, err = client.Do(ctx, "auth", user404, "weak-password").Result()
+		_, err = client.Do(ctx, "hello", 3, user404, "weak-password").Result()
 		require.Error(t, err)
 	})
 }
@@ -205,7 +211,7 @@ func TestACLUsers(t *testing.T) {
 		list, err := client.Do(ctx, "acl", "users").Result()
 
 		require.NoError(t, err)
-		assert.Equal(t, []interface{}{}, list)
+		assert.Equal(t, []interface{}{"pedis"}, list)
 	})
 
 	t.Run("USERS-2", func(t *testing.T) {
@@ -215,7 +221,7 @@ func TestACLUsers(t *testing.T) {
 		list, err := client.Do(ctx, "acl", "users").Result()
 
 		require.NoError(t, err)
-		assert.Equal(t, []interface{}([]interface{}{"acl-user-1", "acl-user-2"}), list)
+		assert.ElementsMatch(t, []interface{}([]interface{}{"pedis", "acl-user-1", "acl-user-2"}), list)
 
 	})
 }