diff options
| -rw-r--r-- | handlers.go | 21 | ||||
| -rw-r--r-- | meson.build | 1 | ||||
| -rw-r--r-- | token.go | 33 |
3 files changed, 55 insertions, 0 deletions
diff --git a/handlers.go b/handlers.go index 141230d..f23171f 100644 --- a/handlers.go +++ b/handlers.go @@ -13,6 +13,7 @@ var frontendEmbed embed.FS func init() { router.HandleFunc("/api/version", version) + router.HandleFunc("/api/registration", registration).Methods("POST") // frontend must come last to make sure /api takes precedence frontend, err := fs.Sub(frontendEmbed, "build/frontend/public") @@ -25,3 +26,23 @@ func init() { func version(w http.ResponseWriter, r *http.Request) { fmt.Fprint(w, versionTxt) } + +func registration(w http.ResponseWriter, r *http.Request) { + token, err := NewToken() + if err != nil { + http.Error(w, "Failed to generate token.", http.StatusInternalServerError) + return + } + + cookie := http.Cookie{ + Name: "token", + Value: token.Private(), + HttpOnly: true, + Secure: true, + SameSite: http.SameSiteStrictMode, + } + + http.SetCookie(w, &cookie) + + fmt.Fprintf(w, "%s\n", token.Public()) +} diff --git a/meson.build b/meson.build index 0bd75d3..8d35ec0 100644 --- a/meson.build +++ b/meson.build @@ -11,6 +11,7 @@ finserv_linux_amd64 = custom_target( input : [ meson.current_source_dir() / 'main.go', meson.current_source_dir() / 'handlers.go', + meson.current_source_dir() / 'token.go', ], output : 'finserv-linux-amd64', env : {'GOOS': 'linux', 'GOARCH': 'amd64'}, diff --git a/token.go b/token.go new file mode 100644 index 0000000..bfb77d2 --- /dev/null +++ b/token.go @@ -0,0 +1,33 @@ +package main + +import ( + "crypto/rand" + "crypto/sha256" + "encoding/base64" +) + +type Token struct { + secret []byte +} + +func NewToken() (Token, error) { + token := Token{} + token.secret = make([]byte, 32) + + _, err := rand.Read(token.secret) + if err != nil { + return token, err + } + + return token, nil +} + +func (t Token) Public() string { + hash := sha256.Sum256(t.secret) + + return base64.StdEncoding.EncodeToString(hash[:]) +} + +func (t Token) Private() string { + return base64.StdEncoding.EncodeToString(t.secret[:]) +} |