mirror of
https://github.com/TecharoHQ/anubis.git
synced 2025-08-03 09:48:08 -04:00
dff2176beb
* feat(decaymap): add Delete method Signed-off-by: Xe Iaso <me@xeiaso.net> * chore(lib/challenge): refactor Validate to take ValidateInput Signed-off-by: Xe Iaso <me@xeiaso.net> * feat(lib): implement store interface Signed-off-by: Xe Iaso <me@xeiaso.net> * feat(lib/store): all metapackage to import all store implementations Signed-off-by: Xe Iaso <me@xeiaso.net> * chore(policy): import all store backends Signed-off-by: Xe Iaso <me@xeiaso.net> * feat(lib): use new challenge creation flow Previously Anubis constructed challenge strings from request metadata. This was a good idea in spirit, but has turned out to be a very bad idea in practice. This new flow reuses the Store facility to dynamically create challenge values with completely random data. This is a fairly big rewrite of how Anubis processes challenges. Right now it defaults to using the in-memory storage backend, but on-disk (boltdb) and valkey-based adaptors will come soon. Signed-off-by: Xe Iaso <me@xeiaso.net> * chore(decaymap): fix documentation typo Signed-off-by: Xe Iaso <me@xeiaso.net> * chore(lib): fix SA4004 Signed-off-by: Xe Iaso <me@xeiaso.net> * test(lib/store): make generic storage interface test adaptor Signed-off-by: Xe Iaso <me@xeiaso.net> * chore: spelling Signed-off-by: Xe Iaso <me@xeiaso.net> * fix(decaymap): invert locking process for Delete Signed-off-by: Xe Iaso <me@xeiaso.net> * feat(lib/store): add bbolt store implementation Signed-off-by: Xe Iaso <me@xeiaso.net> * chore: spelling Signed-off-by: Xe Iaso <me@xeiaso.net> * chore: go mod tidy Signed-off-by: Xe Iaso <me@xeiaso.net> * chore(devcontainer): adapt to docker compose, add valkey service Signed-off-by: Xe Iaso <me@xeiaso.net> * fix(lib): make challenges live for 30 minutes by default Signed-off-by: Xe Iaso <me@xeiaso.net> * feat(lib/store): implement valkey backend Signed-off-by: Xe Iaso <me@xeiaso.net> * test(lib/store/valkey): disable tests if not using docker Signed-off-by: Xe Iaso <me@xeiaso.net> * test(lib/policy/config): ensure valkey stores can be loaded Signed-off-by: Xe Iaso <me@xeiaso.net> * Update metadata check-spelling run (pull_request) for Xe/store-interface Signed-off-by: check-spelling-bot <check-spelling-bot@users.noreply.github.com> on-behalf-of: @check-spelling <check-spelling-bot@check-spelling.dev> * chore(devcontainer): remove port forwards because vs code handles that for you Signed-off-by: Xe Iaso <me@xeiaso.net> * docs(default-config): add a nudge to the storage backends section of the docs Signed-off-by: Xe Iaso <me@xeiaso.net> * chore(docs): listen on 0.0.0.0 for dev container support Signed-off-by: Xe Iaso <me@xeiaso.net> * docs(policy): document storage backends Signed-off-by: Xe Iaso <me@xeiaso.net> * docs: update CHANGELOG and internal links Signed-off-by: Xe Iaso <me@xeiaso.net> * docs(admin/policies): don't start a sentence with as Signed-off-by: Xe Iaso <me@xeiaso.net> * chore: fixes found in review Signed-off-by: Xe Iaso <me@xeiaso.net> --------- Signed-off-by: Xe Iaso <me@xeiaso.net> Signed-off-by: check-spelling-bot <check-spelling-bot@users.noreply.github.com>
69 lines
1.4 KiB
Go
69 lines
1.4 KiB
Go
package challenge
|
|
|
|
import (
|
|
"log/slog"
|
|
"net/http"
|
|
"sort"
|
|
"sync"
|
|
|
|
"github.com/TecharoHQ/anubis/lib/policy"
|
|
"github.com/TecharoHQ/anubis/lib/policy/config"
|
|
"github.com/TecharoHQ/anubis/lib/store"
|
|
"github.com/a-h/templ"
|
|
)
|
|
|
|
var (
|
|
registry map[string]Impl = map[string]Impl{}
|
|
regLock sync.RWMutex
|
|
)
|
|
|
|
func Register(name string, impl Impl) {
|
|
regLock.Lock()
|
|
defer regLock.Unlock()
|
|
|
|
registry[name] = impl
|
|
}
|
|
|
|
func Get(name string) (Impl, bool) {
|
|
regLock.RLock()
|
|
defer regLock.RUnlock()
|
|
result, ok := registry[name]
|
|
return result, ok
|
|
}
|
|
|
|
func Methods() []string {
|
|
regLock.RLock()
|
|
defer regLock.RUnlock()
|
|
var result []string
|
|
for method := range registry {
|
|
result = append(result, method)
|
|
}
|
|
sort.Strings(result)
|
|
return result
|
|
}
|
|
|
|
type IssueInput struct {
|
|
Impressum *config.Impressum
|
|
Rule *policy.Bot
|
|
Challenge *Challenge
|
|
OGTags map[string]string
|
|
Store store.Interface
|
|
}
|
|
|
|
type ValidateInput struct {
|
|
Rule *policy.Bot
|
|
Challenge *Challenge
|
|
Store store.Interface
|
|
}
|
|
|
|
type Impl interface {
|
|
// Setup registers any additional routes with the Impl for assets or API routes.
|
|
Setup(mux *http.ServeMux)
|
|
|
|
// Issue a new challenge to the user, called by the Anubis.
|
|
Issue(r *http.Request, lg *slog.Logger, in *IssueInput) (templ.Component, error)
|
|
|
|
// Validate a challenge, making sure that it passes muster.
|
|
Validate(r *http.Request, lg *slog.Logger, in *ValidateInput) error
|
|
}
|