feat: Add signature based login

2025-03-07 15:14:34 +11:00 · 2025-03-07 15:14:34 +11:00 · 2b091fa707
commit 2b091fa707
parent 715273c58a
1 changed files with 34 additions and 18 deletions
--- a/main.py
+++ b/main.py
@ -512,10 +512,12 @@ def auth_get():
    
    if 'username' not in request.args:
        return redirect('/?error=Failed to login&reason=No username')
-    if 'token' not in request.args:
+    username = request.args['username']
+
+    if 'token' not in request.args and 'signature' not in request.args:
        return redirect('/?error=Failed to login&reason=No token')
    
-    username = request.args['username']
+    if 'token' in request.args:
        token = request.args['token']
    
        # Check if user is valid
@ -535,6 +537,20 @@ def auth_get():
        if r['username'] != username:
            return redirect('/?error=Failed to login&reason=Username mismatch')
    
+    else: # Signature based login
+        signature = request.args['signature']
+        r = requests.post(f'http://x:{HSD_API}@{HSD_IP}:{HSD_PORT}', json={
+            'method': 'verifymessagewithname',
+            'params': [username, signature, "hns-links"]
+        })
+        if r.status_code != 200:
+            return jsonify({'error': 'Failed to connect to HSD',"success":False}), 500
+        r = r.json()
+        if 'result' not in r:
+            return jsonify({'error': 'Failed to verify signature',"success":False}), 400
+        if r['result'] != True:
+            return jsonify({'error': 'Failed to verify signature',"success":False}), 400
+
    auth_cookie = secrets.token_hex(12 // 2)
    cookies.append({'name': username, 'cookie': auth_cookie})