commit 2dc276e4114538d41399da9105cc60f30db56de6
parent f5e140b41c1697f4b013dda1f1c1f7a3caec17fa
Author: Martin Schanzenbach <mschanzenbach@posteo.de>
Date: Tue, 19 Apr 2022 15:03:47 +0200
Add comments and minor fixes
Diffstat:
1 file changed, 19 insertions(+), 7 deletions(-)
diff --git a/taldir.go b/taldir.go
@@ -77,6 +77,9 @@ func sendEmail(recipient string, ref Validation) {
fmt.Println("Email Sent Successfully!")
}
+// Primary lookup function.
+// Allows the caller to query a wallet key using the hash(!) of the
+// identity, e.g. sha256(<email address>)
func returnSingleEntry(w http.ResponseWriter, r *http.Request){
vars := mux.Vars(r)
var entry Entry
@@ -90,16 +93,19 @@ func returnSingleEntry(w http.ResponseWriter, r *http.Request){
w.WriteHeader(http.StatusNotFound)
}
+// Hashes an identity key (e.g. sha256(<email address>)) with a salt for
+// Lookup and storage.
func hashIdentityKey(idkey string) string {
salt := make([]byte, len(config.Salt))
return base32.StdEncoding.EncodeToString(argon2.IDKey([]byte(idkey), salt, 1, 64*1024, 4, 32))
}
+// Called by the registrant to validate the registration request. The reference ID was
+// provided "out of band" using a validation method such as email or SMS
func validateSingleEntry(w http.ResponseWriter, r *http.Request){
vars := mux.Vars(r)
var entry Entry
var validation Validation
- //TODO actually validate
var err = db.First(&validation, "validation_reference = ?", vars["reference"]).Error
if err != nil {
w.WriteHeader(http.StatusNotFound)
@@ -127,6 +133,8 @@ func validateSingleEntry(w http.ResponseWriter, r *http.Request){
w.WriteHeader(http.StatusCreated)
}
+
+// Generates random reference token used in the validation flow.
func generateToken() string {
randBytes := make([]byte, 32)
_, err := rand.Read(randBytes)
@@ -136,6 +144,7 @@ func generateToken() string {
return base32.StdEncoding.EncodeToString(randBytes)
}
+// Initiate a registration request for an identity
func addPendingValidation(w http.ResponseWriter, r *http.Request){
vars := mux.Vars(r)
var validation Validation
@@ -154,17 +163,20 @@ func addPendingValidation(w http.ResponseWriter, r *http.Request){
http.Error(w, "Identity key type not supported.", 400)
return
}
- // TODO make sure sha256(vars["identity"]) == validation.IdentityKey
+ // TODO make sure sha256(vars["identity"]) == validation.IdentityKey or simply set it?
h := sha256.New()
h.Write([]byte(vars["identity"]))
identityKey := base32.StdEncoding.EncodeToString(h.Sum(nil))
- if (identityKey != validation.IdentityKey) {
- fmt.Printf("Identity key hash %s does not match identity %s\n", identityKey, validation.IdentityKey)
- w.WriteHeader(http.StatusBadRequest)
- return
+ if "" != validation.IdentityKey {
+ if (identityKey != validation.IdentityKey) {
+ fmt.Printf("Identity key hash %s does not match identity %s\n", identityKey, validation.IdentityKey)
+ w.WriteHeader(http.StatusBadRequest)
+ return
+ }
+ } else {
+ validation.IdentityKey = identityKey
}
validation.ValidationReference = generateToken()
- fmt.Println("Got ID key:", validation.IdentityKey)
err = db.First(&validation, "identity_key = ?", validation.IdentityKey).Error
if err == nil {
w.WriteHeader(http.StatusConflict)
