// Copyright 2017 Vector Creations Ltd // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // http://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. package routing import ( "context" "net/http" "github.com/matrix-org/dendrite/clientapi/auth" "github.com/matrix-org/dendrite/clientapi/httputil" "github.com/matrix-org/dendrite/clientapi/jsonerror" "github.com/matrix-org/dendrite/clientapi/userutil" "github.com/matrix-org/dendrite/internal/config" userapi "github.com/matrix-org/dendrite/userapi/api" "github.com/matrix-org/dendrite/userapi/storage/accounts" "github.com/matrix-org/gomatrixserverlib" "github.com/matrix-org/util" ) type loginResponse struct { UserID string `json:"user_id"` AccessToken string `json:"access_token"` HomeServer gomatrixserverlib.ServerName `json:"home_server"` DeviceID string `json:"device_id"` } type flows struct { Flows []flow `json:"flows"` } type flow struct { Type string `json:"type"` Stages []string `json:"stages"` } func passwordLogin() flows { f := flows{} s := flow{ Type: "m.login.password", Stages: []string{"m.login.password"}, } f.Flows = append(f.Flows, s) return f } // Login implements GET and POST /login func Login( req *http.Request, accountDB accounts.Database, userAPI userapi.UserInternalAPI, cfg *config.ClientAPI, ) util.JSONResponse { if req.Method == http.MethodGet { // TODO: support other forms of login other than password, depending on config options return util.JSONResponse{ Code: http.StatusOK, JSON: passwordLogin(), } } else if req.Method == http.MethodPost { typePassword := auth.LoginTypePassword{ GetAccountByPassword: accountDB.GetAccountByPassword, Config: cfg, } r := typePassword.Request() resErr := httputil.UnmarshalJSONRequest(req, r) if resErr != nil { return *resErr } login, authErr := typePassword.Login(req.Context(), r) if authErr != nil { return *authErr } // make a device/access token return completeAuth(req.Context(), cfg.Matrix.ServerName, userAPI, login) } return util.JSONResponse{ Code: http.StatusMethodNotAllowed, JSON: jsonerror.NotFound("Bad method"), } } func completeAuth( ctx context.Context, serverName gomatrixserverlib.ServerName, userAPI userapi.UserInternalAPI, login *auth.Login, ) util.JSONResponse { token, err := auth.GenerateAccessToken() if err != nil { util.GetLogger(ctx).WithError(err).Error("auth.GenerateAccessToken failed") return jsonerror.InternalServerError() } localpart, err := userutil.ParseUsernameParam(login.Username(), &serverName) if err != nil { util.GetLogger(ctx).WithError(err).Error("auth.ParseUsernameParam failed") return jsonerror.InternalServerError() } var performRes userapi.PerformDeviceCreationResponse err = userAPI.PerformDeviceCreation(ctx, &userapi.PerformDeviceCreationRequest{ DeviceDisplayName: login.InitialDisplayName, DeviceID: login.DeviceID, AccessToken: token, Localpart: localpart, }, &performRes) if err != nil { return util.JSONResponse{ Code: http.StatusInternalServerError, JSON: jsonerror.Unknown("failed to create device: " + err.Error()), } } return util.JSONResponse{ Code: http.StatusOK, JSON: loginResponse{ UserID: performRes.Device.UserID, AccessToken: performRes.Device.AccessToken, HomeServer: serverName, DeviceID: performRes.Device.ID, }, } }