- commit
- 35fb876
- parent
- 34adbd4
- author
- Eric Bower
- date
- 2024-06-17 18:20:36 +0000 UTC
refactor(pgs): use pubkey auth handler
3 files changed,
+7,
-35
+2,
-29
1@@ -16,6 +16,7 @@ import (
2 "github.com/charmbracelet/ssh"
3 "github.com/charmbracelet/wish"
4 "github.com/picosh/pico/db"
5+ "github.com/picosh/pico/filehandlers/util"
6 futil "github.com/picosh/pico/filehandlers/util"
7 "github.com/picosh/pico/shared"
8 "github.com/picosh/pico/shared/storage"
9@@ -192,39 +193,11 @@ func (h *UploadAssetHandler) List(s ssh.Session, fpath string, isDir bool, recur
10 }
11
12 func (h *UploadAssetHandler) Validate(s ssh.Session) error {
13- var err error
14- key, err := shared.KeyText(s)
15- if err != nil {
16- return fmt.Errorf("key not found")
17- }
18-
19- user, err := h.DBPool.FindUserForKey(s.User(), key)
20+ user, err := util.GetUser(s.Context())
21 if err != nil {
22 return err
23 }
24
25- if user.Name == "" {
26- return fmt.Errorf("must have username set")
27- }
28-
29- ff, err := h.DBPool.FindFeatureForUser(user.ID, "plus")
30- // pgs.sh has a free tier so users might not have a feature flag
31- // in which case we set sane defaults
32- if err != nil {
33- ff = db.NewFeatureFlag(
34- user.ID,
35- "plus",
36- h.Cfg.MaxSize,
37- h.Cfg.MaxAssetSize,
38- )
39- }
40- // this is jank
41- ff.Data.StorageMax = ff.FindStorageMax(h.Cfg.MaxSize)
42- ff.Data.FileMax = ff.FindFileMax(h.Cfg.MaxAssetSize)
43-
44- futil.SetFeatureFlag(s.Context(), ff)
45- futil.SetUser(s.Context(), user)
46-
47 assetBucket := shared.GetAssetBucketName(user.ID)
48 bucket, err := h.Storage.UpsertBucket(assetBucket)
49 if err != nil {
+2,
-0
1@@ -23,6 +23,8 @@ func NewSshAuthHandler(dbpool db.DB, logger *slog.Logger, cfg *shared.ConfigSite
2 }
3
4 func (r *SshAuthHandler) PubkeyAuthHandler(ctx ssh.Context, key ssh.PublicKey) bool {
5+ shared.SetPublicKeyCtx(ctx, key)
6+
7 pubkey, err := shared.KeyForKeyText(key)
8 if err != nil {
9 return false
+3,
-6
1@@ -14,6 +14,7 @@ import (
2 "github.com/picosh/pico/db"
3 "github.com/picosh/pico/db/postgres"
4 uploadassets "github.com/picosh/pico/filehandlers/assets"
5+ "github.com/picosh/pico/filehandlers/util"
6 "github.com/picosh/pico/shared"
7 "github.com/picosh/pico/shared/storage"
8 wsh "github.com/picosh/pico/wish"
9@@ -27,11 +28,6 @@ import (
10 "github.com/picosh/send/send/sftp"
11 )
12
13-func authHandler(ctx ssh.Context, key ssh.PublicKey) bool {
14- shared.SetPublicKeyCtx(ctx, key)
15- return true
16-}
17-
18 func createRouter(cfg *shared.ConfigSite, handler *uploadassets.UploadAssetHandler) proxy.Router {
19 return func(sh ssh.Handler, s ssh.Session) []wish.Middleware {
20 return []wish.Middleware{
21@@ -100,10 +96,11 @@ func StartSshServer() {
22 HttpHandler: createHttpHandler(apiConfig),
23 }
24
25+ sshAuth := util.NewSshAuthHandler(dbpool, logger, cfg)
26 s, err := wish.NewServer(
27 wish.WithAddress(fmt.Sprintf("%s:%s", host, port)),
28 wish.WithHostKeyPath("ssh_data/term_info_ed25519"),
29- wish.WithPublicKeyAuth(authHandler),
30+ wish.WithPublicKeyAuth(sshAuth.PubkeyAuthHandler),
31 ptun.WithWebTunnel(webTunnel),
32 withProxy(
33 cfg,