Add basic and bypass auth methods

auth/auth.go

@@ -2,13 +2,18 @@ package auth
 
 import (
 	"errors"
+	"log"
+	"strings"
 
+	"gitlab.crans.org/nounous/ghostream/auth/basic"
+	"gitlab.crans.org/nounous/ghostream/auth/bypass"
 	"gitlab.crans.org/nounous/ghostream/auth/ldap"
 )
 
 // Options holds package configuration
 type Options struct {
 	Backend string
+	Basic   basic.Options
 	LDAP    ldap.Options
 }
 
@@ -23,16 +28,23 @@ func New(cfg *Options) (Backend, error) {
 	var backend Backend
 	var err error
 
-	if cfg.Backend == "LDAP" {
-		backend, err = ldap.NewLDAP(&cfg.LDAP)
-		if err != nil {
-			return nil, err
-		}
-	} else {
+	switch strings.ToLower(cfg.Backend) {
+	case "basic":
+		backend, err = basic.New(&cfg.Basic)
+	case "bypass":
+		backend, err = bypass.New()
+	case "ldap":
+		backend, err = ldap.New(&cfg.LDAP)
+	default:
 		// Package is misconfigured
-		return nil, errors.New("Authentification backend not found")
+		backend, err = nil, errors.New("Authentification backend not found")
 	}
 
-	// Init and return backend
+	if err != nil {
+		// Backend init failed
+		return nil, err
+	}
+
+	log.Printf("%s backend successfully initialized", cfg.Backend)
 	return backend, nil
 }

auth/basic/basic.go

@@ -0,0 +1,44 @@
+package basic
+
+import (
+	"errors"
+
+	"golang.org/x/crypto/bcrypt"
+)
+
+// To generate bcrypt hashed password from Python,
+// python3 -c 'import bcrypt; print(bcrypt.hashpw(b"PASSWORD", bcrypt.gensalt(rounds=15)).decode("ascii"))'
+
+// Options holds package configuration
+type Options struct {
+	// Username: hashedPassword
+	Credentials map[string]string
+}
+
+// Basic authentification backend
+type Basic struct {
+	Cfg *Options
+}
+
+// Login hashs password and compare
+// Returns (true, nil) if success
+func (a Basic) Login(username string, password string) (bool, error) {
+	hash, ok := a.Cfg.Credentials[username]
+	if !ok {
+		return false, errors.New("User not found in credentials")
+	}
+	err := bcrypt.CompareHashAndPassword([]byte(hash), []byte(password))
+
+	// Login succeeded if no error
+	return err == nil, err
+}
+
+// Close has no connection to close
+func (a Basic) Close() {
+}
+
+// New instanciates a new Basic authentification backend
+func New(cfg *Options) (Basic, error) {
+	backend := Basic{Cfg: cfg}
+	return backend, nil
+}

auth/bypass/bypass.go

@@ -0,0 +1,21 @@
+package bypass
+
+// ByPass authentification backend
+// By pass password check, open your streaming server to everyone!
+type ByPass struct {
+}
+
+// Login always return success
+func (a ByPass) Login(username string, password string) (bool, error) {
+	return true, nil
+}
+
+// Close has no connection to close
+func (a ByPass) Close() {
+}
+
+// New instanciates a new Basic authentification backend
+func New() (ByPass, error) {
+	backend := ByPass{}
+	return backend, nil
+}

auth/ldap/ldap.go

@@ -22,12 +22,9 @@ func (a LDAP) Login(username string, password string) (bool, error) {
 	// Try to bind as user
 	bindDn := "cn=" + username + "," + a.Cfg.UserDn
 	err := a.Conn.Bind(bindDn, password)
-	if err != nil {
-		return false, err
-	}
 
-	// Login succeeded
-	return true, nil
+	// Login succeeded if no error
+	return err == nil, err
 }
 
 // Close LDAP connection
@@ -35,8 +32,8 @@ func (a LDAP) Close() {
 	a.Conn.Close()
 }
 
-// NewLDAP instanciate a new LDAP connection
-func NewLDAP(cfg *Options) (LDAP, error) {
+// New instanciates a new LDAP connection
+func New(cfg *Options) (LDAP, error) {
 	backend := LDAP{Cfg: cfg}
 
 	// Connect to LDAP server