diff --git a/.gitignore b/.gitignore index c2658d7..d014a71 100644 --- a/.gitignore +++ b/.gitignore @@ -1 +1,2 @@ node_modules/ +succeed/target/ diff --git a/config/sshd b/config/sshd new file mode 100644 index 0000000..8e63021 --- /dev/null +++ b/config/sshd @@ -0,0 +1,19 @@ +Port 2424 +ListenAddress auth.snoot.club +HostKey /etc/ssh/ssh_host_rsa_key +HostKey /etc/ssh/ssh_host_ecdsa_key +HostKey /etc/ssh/ssh_host_ed25519_key +LoginGraceTime 1m +PermitRootLogin no +MaxAuthTries 1 +MaxSessions 1 +PubkeyAuthentication yes +PasswordAuthentication no +ChallengeResponseAuthentication no +UsePAM no +AllowAgentForwarding no +AllowTcpForwarding no +PrintMotd no +PrintLastLog yes +PidFile /run/sshd.auth.snoot.club.pid +ForceCommand /snoots/auth/bin/succeed diff --git a/index.js b/index.js index 3517a0b..92fd902 100644 --- a/index.js +++ b/index.js @@ -1,7 +1,105 @@ let {send} = require("micro") +let execa = require("execa") +let net = require("net") +let fs = require("fs").promises +let {router, get} = require("microrouter") +let crypto = require("crypto") -function await +async function getSnoot(name) { + let {stdout: snootid} = await execa("id", ["-u", name]).catch(() => ({})) + return snootid +} + +async function authenticate(request, response, name) { + let snootid = await getSnoot(name) + + if (!snootid) { + return send(response, 401, `${name} is NOT a snoot`) + } + + return ` + +
hello, ${name}
+ +click this:
+ + + +then run this in your terminal!
+ +
+ssh ${name}@auth.snoot.club -p 2424
+
+`
+}
+
+async function listen(request, response, name) {
+ let snootid = await getSnoot(name)
+
+ if (!snootid) {
+ return send(response, 401, `${name} is NOT a snoot`)
+ }
+
+ let sockPath = `/snoots/auth/socks/${snootid}.sock`
+
+ fs.unlink(sockPath).catch(() => ({}))
+ let timeout
+ let server = net.createServer(function(client) {
+ let data = ""
+ client.on("data", d => {
+ data += d.toString()
+ })
+ client.on("end", async _ => {
+ if (data == "success") {
+ clearTimeout(timeout)
+ let token = `${name}.${crypto.randomBytes(22).toString("base64")}`
+ await fs.writeFile(`/snoots/auth/sessions/${name}`, token)
+ response.setHeader(
+ "Set-Cookie",
+ `session=${token}; Domain=snoot.club; Secure;`
+ )
+ send(response, 200, "Thanks ! Enjoy your cookie")
+ } else {
+ clearTimeout(timeout)
+ return send(response, 401, "Something naughty happened.")
+ }
+ })
+ client.on("error", () => {
+ clearTimeout(timeout)
+ return send(response, 400, "The ssh client errored out :(")
+ })
+ })
+ timeout = setTimeout(() => {
+ server.close(function() {
+ send(response, 408, "That took too long! please try again")
+ })
+ }, 60000)
+ server.listen(sockPath)
+}
+
+async function notfound(request, response) {
+ return send(
+ response,
+ 404,
+ "go to https://auth.snoot.club/start/your_snoot_name"
+ )
+}
module.exports = (request, response) => {
- send(
+ let parts = request.url.split("/").filter(Boolean)
+
+ if (parts.length == 1) {
+ let [name] = parts
+ return authenticate(request, response, name)
+ }
+
+ if (parts.length == 2 && parts[0] == "listen") {
+ let [, name] = parts
+ return listen(request, response, name)
+ }
+
+ return notfound(request, response)
}
diff --git a/jsconfig.json b/jsconfig.json
new file mode 100644
index 0000000..7bfba7b
--- /dev/null
+++ b/jsconfig.json
@@ -0,0 +1,3 @@
+{
+ "lib": "es2019"
+}
diff --git a/package-lock.json b/package-lock.json
index 72762f2..21ccb7d 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -13,8 +13,51 @@
"commander": "^2.19.0",
"execa": "^1.0.0",
"serve-handler": "^5.0.7"
+ },
+ "dependencies": {
+ "execa": {
+ "version": "1.0.0",
+ "resolved": "https://registry.npmjs.org/execa/-/execa-1.0.0.tgz",
+ "integrity": "sha512-adbxcyWV46qiHyvSp50TKt05tB4tK3HcmF7/nxfAdhnox83seTDbwnaqKO4sXRy7roHAIFqJP/Rw/AuEbX61LA==",
+ "requires": {
+ "cross-spawn": "^6.0.0",
+ "get-stream": "^4.0.0",
+ "is-stream": "^1.1.0",
+ "npm-run-path": "^2.0.0",
+ "p-finally": "^1.0.0",
+ "signal-exit": "^3.0.0",
+ "strip-eof": "^1.0.0"
+ }
+ },
+ "get-stream": {
+ "version": "4.1.0",
+ "resolved": "https://registry.npmjs.org/get-stream/-/get-stream-4.1.0.tgz",
+ "integrity": "sha512-GMat4EJ5161kIy2HevLlr4luNjBgvmj413KaQA7jt4V8B4RDsfpHk7WQ9GVqfYyyx8OS/L66Kox+rJRNklLK7w==",
+ "requires": {
+ "pump": "^3.0.0"
+ }
+ },
+ "npm-run-path": {
+ "version": "2.0.2",
+ "resolved": "https://registry.npmjs.org/npm-run-path/-/npm-run-path-2.0.2.tgz",
+ "integrity": "sha1-NakjLfo11wZ7TLLd8jV7GHFTbF8=",
+ "requires": {
+ "path-key": "^2.0.0"
+ }
+ },
+ "p-finally": {
+ "version": "1.0.0",
+ "resolved": "https://registry.npmjs.org/p-finally/-/p-finally-1.0.0.tgz",
+ "integrity": "sha1-P7z7FbiZpEEjs0ttzBi3JDNqLK4="
+ }
}
},
+ "@types/node": {
+ "version": "12.7.5",
+ "resolved": "https://registry.npmjs.org/@types/node/-/node-12.7.5.tgz",
+ "integrity": "sha512-9fq4jZVhPNW8r+UYKnxF1e2HkDWOWKM5bC2/7c9wPV835I0aOrVbS/Hw/pWPk2uKrNXQqg9Z959Kz+IYDd5p3w==",
+ "dev": true
+ },
"ansi-colors": {
"version": "4.1.1",
"resolved": "https://registry.npmjs.org/ansi-colors/-/ansi-colors-4.1.1.tgz",
@@ -90,17 +133,26 @@
}
},
"execa": {
- "version": "1.0.0",
- "resolved": "https://registry.npmjs.org/execa/-/execa-1.0.0.tgz",
- "integrity": "sha512-adbxcyWV46qiHyvSp50TKt05tB4tK3HcmF7/nxfAdhnox83seTDbwnaqKO4sXRy7roHAIFqJP/Rw/AuEbX61LA==",
+ "version": "2.0.4",
+ "resolved": "https://registry.npmjs.org/execa/-/execa-2.0.4.tgz",
+ "integrity": "sha512-VcQfhuGD51vQUQtKIq2fjGDLDbL6N1DTQVpYzxZ7LPIXw3HqTuIz6uxRmpV1qf8i31LHf2kjiaGI+GdHwRgbnQ==",
"requires": {
- "cross-spawn": "^6.0.0",
- "get-stream": "^4.0.0",
- "is-stream": "^1.1.0",
- "npm-run-path": "^2.0.0",
- "p-finally": "^1.0.0",
- "signal-exit": "^3.0.0",
- "strip-eof": "^1.0.0"
+ "cross-spawn": "^6.0.5",
+ "get-stream": "^5.0.0",
+ "is-stream": "^2.0.0",
+ "merge-stream": "^2.0.0",
+ "npm-run-path": "^3.0.0",
+ "onetime": "^5.1.0",
+ "p-finally": "^2.0.0",
+ "signal-exit": "^3.0.2",
+ "strip-final-newline": "^2.0.0"
+ },
+ "dependencies": {
+ "is-stream": {
+ "version": "2.0.0",
+ "resolved": "https://registry.npmjs.org/is-stream/-/is-stream-2.0.0.tgz",
+ "integrity": "sha512-XCoy+WlUr7d1+Z8GgSuXmpuUFC9fOhRXglJMx+dwLKTkL44Cjd4W1Z5P+BQZpr+cR93aGP4S/s7Ftw6Nd/kiEw=="
+ }
}
},
"fast-url-parser": {
@@ -112,9 +164,9 @@
}
},
"get-stream": {
- "version": "4.1.0",
- "resolved": "https://registry.npmjs.org/get-stream/-/get-stream-4.1.0.tgz",
- "integrity": "sha512-GMat4EJ5161kIy2HevLlr4luNjBgvmj413KaQA7jt4V8B4RDsfpHk7WQ9GVqfYyyx8OS/L66Kox+rJRNklLK7w==",
+ "version": "5.1.0",
+ "resolved": "https://registry.npmjs.org/get-stream/-/get-stream-5.1.0.tgz",
+ "integrity": "sha512-EXr1FOzrzTfGeL0gQdeFEvOMm2mzMOglyiOXSTpPC+iAjAKftbr3jpCMWynogwYnM+eSj9sHGc6wjIcDvYiygw==",
"requires": {
"pump": "^3.0.0"
}
@@ -150,6 +202,11 @@
"resolved": "https://registry.npmjs.org/isexe/-/isexe-2.0.0.tgz",
"integrity": "sha1-6PvzdNxVb/iUehDcsFctYz8s+hA="
},
+ "merge-stream": {
+ "version": "2.0.0",
+ "resolved": "https://registry.npmjs.org/merge-stream/-/merge-stream-2.0.0.tgz",
+ "integrity": "sha512-abv/qOcuPfk3URPfDzmZU1LKmuw8kT+0nIHvKrKgFrwifol/doWcdA4ZqsWQ8ENrFKkd67Mfpo/LovbIUsbt3w=="
+ },
"micro": {
"version": "9.3.4",
"resolved": "https://registry.npmjs.org/micro/-/micro-9.3.4.tgz",
@@ -161,6 +218,14 @@
"raw-body": "2.3.2"
}
},
+ "microrouter": {
+ "version": "3.1.3",
+ "resolved": "https://registry.npmjs.org/microrouter/-/microrouter-3.1.3.tgz",
+ "integrity": "sha1-HkXfd9Pi13O+XaEpz8fV5ubIb04=",
+ "requires": {
+ "url-pattern": "^1.0.3"
+ }
+ },
"mime-db": {
"version": "1.33.0",
"resolved": "https://registry.npmjs.org/mime-db/-/mime-db-1.33.0.tgz",
@@ -174,6 +239,11 @@
"mime-db": "~1.33.0"
}
},
+ "mimic-fn": {
+ "version": "2.1.0",
+ "resolved": "https://registry.npmjs.org/mimic-fn/-/mimic-fn-2.1.0.tgz",
+ "integrity": "sha512-OqbOk5oEQeAZ8WXWydlu9HJjz9WVdEIvamMCcXmuqUYjTknH/sqsWvhQ3vgwKFRR1HpjvNBKQ37nbJgYzGqGcg=="
+ },
"minimatch": {
"version": "3.0.4",
"resolved": "https://registry.npmjs.org/minimatch/-/minimatch-3.0.4.tgz",
@@ -188,11 +258,18 @@
"integrity": "sha512-1nh45deeb5olNY7eX82BkPO7SSxR5SSYJiPTrTdFUVYwAl8CKMA5N9PjTYkHiRjisVcxcQ1HXdLhx2qxxJzLNQ=="
},
"npm-run-path": {
- "version": "2.0.2",
- "resolved": "https://registry.npmjs.org/npm-run-path/-/npm-run-path-2.0.2.tgz",
- "integrity": "sha1-NakjLfo11wZ7TLLd8jV7GHFTbF8=",
+ "version": "3.1.0",
+ "resolved": "https://registry.npmjs.org/npm-run-path/-/npm-run-path-3.1.0.tgz",
+ "integrity": "sha512-Dbl4A/VfiVGLgQv29URL9xshU8XDY1GeLy+fsaZ1AA8JDSfjvr5P5+pzRbWqRSBxk6/DW7MIh8lTM/PaGnP2kg==",
"requires": {
- "path-key": "^2.0.0"
+ "path-key": "^3.0.0"
+ },
+ "dependencies": {
+ "path-key": {
+ "version": "3.1.0",
+ "resolved": "https://registry.npmjs.org/path-key/-/path-key-3.1.0.tgz",
+ "integrity": "sha512-8cChqz0RP6SHJkMt48FW0A7+qUOn+OsnOsVtzI59tZ8m+5bCSk7hzwET0pulwOM2YMn9J1efb07KB9l9f30SGg=="
+ }
}
},
"once": {
@@ -203,10 +280,18 @@
"wrappy": "1"
}
},
+ "onetime": {
+ "version": "5.1.0",
+ "resolved": "https://registry.npmjs.org/onetime/-/onetime-5.1.0.tgz",
+ "integrity": "sha512-5NcSkPHhwTVFIQN+TUqXoS5+dlElHXdpAWu9I0HP20YOtIi+aZ0Ct82jdlILDxjLEAWwvm+qj1m6aEtsDVmm6Q==",
+ "requires": {
+ "mimic-fn": "^2.1.0"
+ }
+ },
"p-finally": {
- "version": "1.0.0",
- "resolved": "https://registry.npmjs.org/p-finally/-/p-finally-1.0.0.tgz",
- "integrity": "sha1-P7z7FbiZpEEjs0ttzBi3JDNqLK4="
+ "version": "2.0.1",
+ "resolved": "https://registry.npmjs.org/p-finally/-/p-finally-2.0.1.tgz",
+ "integrity": "sha512-vpm09aKwq6H9phqRQzecoDpD8TmVyGw70qmWlyq5onxY7tqyTTFVvxMykxQSQKILBSFlbXpypIw2T1Ml7+DDtw=="
},
"path-is-inside": {
"version": "1.0.2",
@@ -306,11 +391,21 @@
"resolved": "https://registry.npmjs.org/strip-eof/-/strip-eof-1.0.0.tgz",
"integrity": "sha1-u0P/VZim6wXYm1n80SnJgzE2Br8="
},
+ "strip-final-newline": {
+ "version": "2.0.0",
+ "resolved": "https://registry.npmjs.org/strip-final-newline/-/strip-final-newline-2.0.0.tgz",
+ "integrity": "sha512-BrpvfNAE3dcvq7ll3xVumzjKjZQ5tI1sEUIKr3Uoks0XUl45St3FlatVqef9prk4jRDzhW6WZg+3bk93y6pLjA=="
+ },
"unpipe": {
"version": "1.0.0",
"resolved": "https://registry.npmjs.org/unpipe/-/unpipe-1.0.0.tgz",
"integrity": "sha1-sr9O6FFKrmFltIF4KdIbLvSZBOw="
},
+ "url-pattern": {
+ "version": "1.0.3",
+ "resolved": "https://registry.npmjs.org/url-pattern/-/url-pattern-1.0.3.tgz",
+ "integrity": "sha1-BAkpJHGyTyPFDWWkeTF5PStaz8E="
+ },
"which": {
"version": "1.3.1",
"resolved": "https://registry.npmjs.org/which/-/which-1.3.1.tgz",
diff --git a/package.json b/package.json
index 3972eaf..bba2afd 100644
--- a/package.json
+++ b/package.json
@@ -13,6 +13,11 @@
"description": "auth application on snoot.club",
"dependencies": {
"@snootclub/boop": "^0.0.14",
- "micro": "^9.3.3"
+ "execa": "^2.0.4",
+ "micro": "^9.3.3",
+ "microrouter": "^3.1.3"
+ },
+ "devDependencies": {
+ "@types/node": "^12.7.5"
}
}
diff --git a/succeed/Cargo.lock b/succeed/Cargo.lock
new file mode 100644
index 0000000..c6e42e1
--- /dev/null
+++ b/succeed/Cargo.lock
@@ -0,0 +1,53 @@
+# This file is automatically @generated by Cargo.
+# It is not intended for manual editing.
+[[package]]
+name = "bitflags"
+version = "1.2.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+
+[[package]]
+name = "cc"
+version = "1.0.45"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+
+[[package]]
+name = "cfg-if"
+version = "0.1.9"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+
+[[package]]
+name = "libc"
+version = "0.2.62"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+
+[[package]]
+name = "nix"
+version = "0.15.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+dependencies = [
+ "bitflags 1.2.0 (registry+https://github.com/rust-lang/crates.io-index)",
+ "cc 1.0.45 (registry+https://github.com/rust-lang/crates.io-index)",
+ "cfg-if 0.1.9 (registry+https://github.com/rust-lang/crates.io-index)",
+ "libc 0.2.62 (registry+https://github.com/rust-lang/crates.io-index)",
+ "void 1.0.2 (registry+https://github.com/rust-lang/crates.io-index)",
+]
+
+[[package]]
+name = "succeed"
+version = "0.1.0"
+dependencies = [
+ "nix 0.15.0 (registry+https://github.com/rust-lang/crates.io-index)",
+]
+
+[[package]]
+name = "void"
+version = "1.0.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+
+[metadata]
+"checksum bitflags 1.2.0 (registry+https://github.com/rust-lang/crates.io-index)" = "8a606a02debe2813760609f57a64a2ffd27d9fdf5b2f133eaca0b248dd92cdd2"
+"checksum cc 1.0.45 (registry+https://github.com/rust-lang/crates.io-index)" = "4fc9a35e1f4290eb9e5fc54ba6cf40671ed2a2514c3eeb2b2a908dda2ea5a1be"
+"checksum cfg-if 0.1.9 (registry+https://github.com/rust-lang/crates.io-index)" = "b486ce3ccf7ffd79fdeb678eac06a9e6c09fc88d33836340becb8fffe87c5e33"
+"checksum libc 0.2.62 (registry+https://github.com/rust-lang/crates.io-index)" = "34fcd2c08d2f832f376f4173a231990fa5aef4e99fb569867318a227ef4c06ba"
+"checksum nix 0.15.0 (registry+https://github.com/rust-lang/crates.io-index)" = "3b2e0b4f3320ed72aaedb9a5ac838690a8047c7b275da22711fddff4f8a14229"
+"checksum void 1.0.2 (registry+https://github.com/rust-lang/crates.io-index)" = "6a02e4885ed3bc0f2de90ea6dd45ebcbb66dacffe03547fadbb0eeae2770887d"
diff --git a/succeed/Cargo.toml b/succeed/Cargo.toml
new file mode 100644
index 0000000..c04e4ea
--- /dev/null
+++ b/succeed/Cargo.toml
@@ -0,0 +1,10 @@
+[package]
+name = "succeed"
+version = "0.1.0"
+authors = ["chee