From e62af3b41545ac7cb1b1b1cc0f58503a9437741c Mon Sep 17 00:00:00 2001 From: rsiddharth Date: Sun, 20 Dec 2020 21:03:26 -0500 Subject: lib: add web.go For challenge 13. --- lib/web.go | 96 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 96 insertions(+) create mode 100644 lib/web.go (limited to 'lib') diff --git a/lib/web.go b/lib/web.go new file mode 100644 index 0000000..ab50fc8 --- /dev/null +++ b/lib/web.go @@ -0,0 +1,96 @@ +// Copyright © 2020 rsiddharth +// SPDX-License-Identifier: ISC + +package lib + +import ( + "crypto/rand" +) + +type Profile map[string]string + +var webSessionEncryptionKey []byte = make([]byte, 16) +var webUidCounter int64 +var webUserProfiles map[string]Profile = make(map[string]Profile, 0) + +func init() { + _, err := rand.Read(webSessionEncryptionKey) + if err != nil { + panic(err) + } + webUidCounter = 10000 +} + +func WebGenUid() int64 { + uid := webUidCounter + webUidCounter += 1 + + return uid +} + +func WebParseKeyValue(encoded string) map[string]string { + m := make(map[string]string, 0) + + kvs := StrSplitAt('&', encoded) + for i := 0; i < len(kvs); i++ { + kv := StrSplitAt('=', kvs[i]) + m[stripSpaceChars(kv[0])] = kv[1] + } + return m +} + +func WebProfileFor(email string) string { + e := WebSanitizeEmail(email) + if len(e) == 0 { + panic("email invalid") + } + + if p, ok := webUserProfiles[e]; ok { + // Profile already exists. + return WebEncodeProfile(p) + } + + // Create profile. + p := make(Profile, 0) + p["email"] = e + p["uid"] = NumToStr(WebGenUid()) + p["role"] = "user" + webUserProfiles[e] = p + + return WebEncodeProfile(p) +} + +func WebEncodeProfile(p Profile) string { + ep := "email=" + p["email"] // Encoded profile. + ep += "&uid=" + p["uid"] + ep += "&role=" + p["role"] + return ep +} + +func WebDecodeProfile(encoded string) Profile { + return WebParseKeyValue(encoded) +} + +func WebEncryptProfile(encoded string) []byte { + return AESEncryptECB(StrToBytes(encoded), webSessionEncryptionKey) +} + +func WebDecryptProfile(cipher []byte) string { + return BytesToStr(AESDecryptECB(cipher, webSessionEncryptionKey)) +} + +func WebSanitizeEmail(email string) string { + if len(email) < 1 { + return "" + } + se := "" // sanitized email + + // Strip meta characters + for i := 0; i < len(email); i++ { + if email[i] == '&' || email[i] == '=' { + continue + } + se += string(email[i]) + } + return se +} -- cgit v1.2.3