diff options
author | Christopher Speller <crspeller@gmail.com> | 2018-01-31 09:49:15 -0800 |
---|---|---|
committer | GitHub <noreply@github.com> | 2018-01-31 09:49:15 -0800 |
commit | 1262d254736229618582f0963c9c30c4e66efb98 (patch) | |
tree | c2375b6c6b143dc59c24d590eb59c5d49d17247e /app/authentication.go | |
parent | e0ee73ef9963ab398bcc6011795ad23e8e003147 (diff) | |
download | chat-1262d254736229618582f0963c9c30c4e66efb98.tar.gz chat-1262d254736229618582f0963c9c30c4e66efb98.tar.bz2 chat-1262d254736229618582f0963c9c30c4e66efb98.zip |
User based rate limiting (#8152)
Diffstat (limited to 'app/authentication.go')
-rw-r--r-- | app/authentication.go | 47 |
1 files changed, 47 insertions, 0 deletions
diff --git a/app/authentication.go b/app/authentication.go index 91e3bf564..140bffd5a 100644 --- a/app/authentication.go +++ b/app/authentication.go @@ -11,6 +11,30 @@ import ( "github.com/mattermost/mattermost-server/utils" ) +type TokenLocation int + +const ( + TokenLocationNotFound = iota + TokenLocationHeader + TokenLocationCookie + TokenLocationQueryString +) + +func (tl TokenLocation) String() string { + switch tl { + case TokenLocationNotFound: + return "Not Found" + case TokenLocationHeader: + return "Header" + case TokenLocationCookie: + return "Cookie" + case TokenLocationQueryString: + return "QueryString" + default: + return "Unknown" + } +} + func (a *App) IsPasswordValid(password string) *model.AppError { if utils.IsLicensed() && *utils.License().Features.PasswordRequirements { return utils.IsPasswordValidWithSettings(password, &a.Config().PasswordSettings) @@ -168,3 +192,26 @@ func (a *App) authenticateUser(user *model.User, password, mfaToken string) (*mo } } } + +func ParseAuthTokenFromRequest(r *http.Request) (string, TokenLocation) { + authHeader := r.Header.Get(model.HEADER_AUTH) + if len(authHeader) > 6 && strings.ToUpper(authHeader[0:6]) == model.HEADER_BEARER { + // Default session token + return authHeader[7:], TokenLocationHeader + } else if len(authHeader) > 5 && strings.ToLower(authHeader[0:5]) == model.HEADER_TOKEN { + // OAuth token + return authHeader[6:], TokenLocationHeader + } + + // Attempt to parse the token from the cookie + if cookie, err := r.Cookie(model.SESSION_COOKIE_TOKEN); err == nil { + return cookie.Value, TokenLocationCookie + } + + // Attempt to parse token out of the query string + if token := r.URL.Query().Get("access_token"); token != "" { + return token, TokenLocationQueryString + } + + return "", TokenLocationNotFound +} |