func (d *Daemon) auther(r *http.Request) (store.Authenticator, error) { overlord := d.overlord state := overlord.State() state.Lock() user, err := UserFromRequest(state, r) state.Unlock() if err != nil { return nil, err } return user.Authenticator(), nil }
func loginUser(c *Command, r *http.Request) Response { var loginData struct { Username string `json:"username"` Password string `json:"password"` Otp string `json:"otp"` } decoder := json.NewDecoder(r.Body) if err := decoder.Decode(&loginData); err != nil { return BadRequest("cannot decode login data from request body: %v", err) } macaroon, err := store.RequestPackageAccessMacaroon() if err != nil { return InternalError(err.Error()) } discharge, err := store.DischargeAuthCaveat(loginData.Username, loginData.Password, macaroon, loginData.Otp) if err == store.ErrAuthenticationNeeds2fa { twofactorRequiredResponse := &resp{ Type: ResponseTypeError, Result: &errorResult{ Kind: errorKindTwoFactorRequired, Message: store.ErrAuthenticationNeeds2fa.Error(), }, Status: http.StatusUnauthorized, } return SyncResponse(twofactorRequiredResponse, nil) } if err != nil { return Unauthorized(err.Error()) } overlord := c.d.overlord state := overlord.State() state.Lock() _, err = auth.NewUser(state, loginData.Username, macaroon, []string{discharge}) state.Unlock() if err != nil { return InternalError("cannot persist authentication details: %v", err) } result := loginResponseData{ Macaroon: macaroon, Discharges: []string{discharge}, } return SyncResponse(result, nil) }