/
login.go
92 lines (78 loc) · 2.66 KB
/
login.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
package pkg
import (
"bytes"
"encoding/json"
"fmt"
"io/ioutil"
"net/http"
"time"
"github.com/calamity-of-subterfuge/cos/pkg/utils"
"golang.org/x/net/http2"
)
type loginResult struct {
Token string `json:"token"`
ExpiresAt float64 `json:"expires_at"`
}
// AuthToken is the result of successfully logging in. It provides an arbitrary
// token and the time at which the token will stop working if the user does not
// logout sooner.
type AuthToken struct {
// Token is an arbitrary secret that is provided by the calamity of subterfuge
// website which we can pass to future requests as the bearer token. The format
// of this token, if it's formatted at all, is not guarranteed. Hence this MUST
// be treated as an opaque string.
Token string
// ExpiresAt is the time at which this AuthToken will stop working if no other
// actions are taken. Note that this is just a hint from the server; the server
// may decide to invalidate tokens at any time for any reason.
ExpiresAt time.Time
}
// Login will login to the calamity of subterfuge account with the given email,
// using the given grant and secret. Note that this is not the same technique as
// humans use during the website, although it is the same endpoint. Any number
// of grant identifier and secret pairs can be created for an account after you
// signup via the website.
func Login(email, grantIden, secret string) (*AuthToken, error) {
body := map[string]interface{}{
"email": email,
"password": secret,
"grant_iden": grantIden,
}
bodyMarshalled, err := json.Marshal(body)
if err != nil {
return nil, fmt.Errorf("failed to marshal body: %w", err)
}
client := &http.Client{
Transport: &http2.Transport{},
}
var resp *http.Response
resp, err = client.Post(
utils.API_BASE+"/api/1/auth/sessions",
"application/json",
bytes.NewBuffer(bodyMarshalled),
)
if err != nil {
return nil, fmt.Errorf("failed to POST: %w", err)
}
var respBody []byte
respBody, err = ioutil.ReadAll(resp.Body)
if err != nil {
return nil, fmt.Errorf("failed to read body: %w", err)
}
err = resp.Body.Close()
if err != nil {
return nil, fmt.Errorf("failed to close body: %w", err)
}
if resp.StatusCode != 200 {
return nil, fmt.Errorf("unexpected status code: %d (body: %s)", resp.StatusCode, string(respBody))
}
var parsedBody loginResult
err = json.Unmarshal(respBody, &parsedBody)
if err != nil {
return nil, fmt.Errorf("failed to parse response body (body: %s): %w", string(respBody), err)
}
return &AuthToken{
Token: parsedBody.Token,
ExpiresAt: utils.TimeFromUnix(parsedBody.ExpiresAt),
}, nil
}