mirror of
https://github.com/octoleo/syncthing.git
synced 2024-12-31 22:11:51 +00:00
aa901790b9
This adds a "token manager" which handles storing and checking expired tokens, used for both sessions and CSRF tokens. It removes the old, corresponding functionality for CSRFs which saved things in a file. The result is less crap in the state directory, and active login sessions now survive a Syncthing restart (this really annoyed me). It also adds a boolean on login to create a longer-lived session cookie, which is now possible and useful. Thus we can remain logged in over browser restarts, which was also annoying... :) <img width="1001" alt="Screenshot 2023-12-12 at 09 56 34" src="https://github.com/syncthing/syncthing/assets/125426/55cb20c8-78fc-453e-825d-655b94c8623b"> Best viewed with whitespace-insensitive diff, as a bunch of the auth functions became methods instead of closures which changed indentation.
412 lines
10 KiB
Go
412 lines
10 KiB
Go
// Code generated by protoc-gen-gogo. DO NOT EDIT.
|
|
// source: lib/api/tokenset.proto
|
|
|
|
package api
|
|
|
|
import (
|
|
fmt "fmt"
|
|
proto "github.com/gogo/protobuf/proto"
|
|
io "io"
|
|
math "math"
|
|
math_bits "math/bits"
|
|
)
|
|
|
|
// Reference imports to suppress errors if they are not otherwise used.
|
|
var _ = proto.Marshal
|
|
var _ = fmt.Errorf
|
|
var _ = math.Inf
|
|
|
|
// This is a compile-time assertion to ensure that this generated file
|
|
// is compatible with the proto package it is being compiled against.
|
|
// A compilation error at this line likely means your copy of the
|
|
// proto package needs to be updated.
|
|
const _ = proto.GoGoProtoPackageIsVersion3 // please upgrade the proto package
|
|
|
|
type TokenSet struct {
|
|
// token -> expiry time (epoch nanoseconds)
|
|
Tokens map[string]int64 `protobuf:"bytes,1,rep,name=tokens,proto3" json:"tokens" xml:"token" protobuf_key:"bytes,1,opt,name=key,proto3" protobuf_val:"varint,2,opt,name=value,proto3"`
|
|
}
|
|
|
|
func (m *TokenSet) Reset() { *m = TokenSet{} }
|
|
func (m *TokenSet) String() string { return proto.CompactTextString(m) }
|
|
func (*TokenSet) ProtoMessage() {}
|
|
func (*TokenSet) Descriptor() ([]byte, []int) {
|
|
return fileDescriptor_9ea8707737c33b38, []int{0}
|
|
}
|
|
func (m *TokenSet) XXX_Unmarshal(b []byte) error {
|
|
return m.Unmarshal(b)
|
|
}
|
|
func (m *TokenSet) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) {
|
|
if deterministic {
|
|
return xxx_messageInfo_TokenSet.Marshal(b, m, deterministic)
|
|
} else {
|
|
b = b[:cap(b)]
|
|
n, err := m.MarshalToSizedBuffer(b)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
return b[:n], nil
|
|
}
|
|
}
|
|
func (m *TokenSet) XXX_Merge(src proto.Message) {
|
|
xxx_messageInfo_TokenSet.Merge(m, src)
|
|
}
|
|
func (m *TokenSet) XXX_Size() int {
|
|
return m.ProtoSize()
|
|
}
|
|
func (m *TokenSet) XXX_DiscardUnknown() {
|
|
xxx_messageInfo_TokenSet.DiscardUnknown(m)
|
|
}
|
|
|
|
var xxx_messageInfo_TokenSet proto.InternalMessageInfo
|
|
|
|
func init() {
|
|
proto.RegisterType((*TokenSet)(nil), "api.TokenSet")
|
|
proto.RegisterMapType((map[string]int64)(nil), "api.TokenSet.TokensEntry")
|
|
}
|
|
|
|
func init() { proto.RegisterFile("lib/api/tokenset.proto", fileDescriptor_9ea8707737c33b38) }
|
|
|
|
var fileDescriptor_9ea8707737c33b38 = []byte{
|
|
// 260 bytes of a gzipped FileDescriptorProto
|
|
0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xe2, 0x12, 0xcb, 0xc9, 0x4c, 0xd2,
|
|
0x4f, 0x2c, 0xc8, 0xd4, 0x2f, 0xc9, 0xcf, 0x4e, 0xcd, 0x2b, 0x4e, 0x2d, 0xd1, 0x2b, 0x28, 0xca,
|
|
0x2f, 0xc9, 0x17, 0x62, 0x4e, 0x2c, 0xc8, 0x54, 0x3a, 0xce, 0xc8, 0xc5, 0x11, 0x02, 0x12, 0x0f,
|
|
0x4e, 0x2d, 0x11, 0x0a, 0xe0, 0x62, 0x83, 0xa8, 0x91, 0x60, 0x54, 0x60, 0xd6, 0xe0, 0x36, 0x92,
|
|
0xd4, 0x4b, 0x2c, 0xc8, 0xd4, 0x83, 0x49, 0x43, 0x18, 0xc5, 0xae, 0x79, 0x25, 0x45, 0x95, 0x4e,
|
|
0xb2, 0x27, 0xee, 0xc9, 0x33, 0xbc, 0xba, 0x27, 0x0f, 0xd5, 0xf0, 0xe9, 0x9e, 0x3c, 0x77, 0x45,
|
|
0x6e, 0x8e, 0x95, 0x12, 0x98, 0xab, 0x14, 0x04, 0x15, 0x96, 0xca, 0xe4, 0xe2, 0x46, 0xd2, 0x25,
|
|
0xa4, 0xc6, 0xc5, 0x9c, 0x9d, 0x5a, 0x29, 0xc1, 0xa8, 0xc0, 0xa8, 0xc1, 0xe9, 0x24, 0xf2, 0xea,
|
|
0x9e, 0x3c, 0x88, 0xfb, 0xe9, 0x9e, 0x3c, 0x27, 0x58, 0x6f, 0x76, 0x6a, 0xa5, 0x52, 0x10, 0x48,
|
|
0x44, 0x48, 0x8f, 0x8b, 0xb5, 0x2c, 0x31, 0xa7, 0x34, 0x55, 0x82, 0x49, 0x81, 0x51, 0x83, 0xd9,
|
|
0x49, 0xe2, 0xd5, 0x3d, 0x79, 0x88, 0x00, 0xdc, 0x1e, 0x30, 0x4f, 0x29, 0x08, 0x22, 0x6a, 0xc5,
|
|
0x64, 0xc1, 0xe8, 0xe4, 0x71, 0xe2, 0xa1, 0x1c, 0xc3, 0x85, 0x87, 0x72, 0x0c, 0x27, 0x1e, 0xc9,
|
|
0x31, 0x5e, 0x78, 0x24, 0xc7, 0x38, 0xe1, 0xb1, 0x1c, 0xc3, 0x82, 0xc7, 0x72, 0x8c, 0x17, 0x1e,
|
|
0xcb, 0x31, 0xdc, 0x78, 0x2c, 0xc7, 0x10, 0xa5, 0x96, 0x9e, 0x59, 0x92, 0x51, 0x9a, 0xa4, 0x97,
|
|
0x9c, 0x9f, 0xab, 0x5f, 0x5c, 0x99, 0x97, 0x5c, 0x92, 0x91, 0x99, 0x97, 0x8e, 0xc4, 0x82, 0x86,
|
|
0x53, 0x12, 0x1b, 0x38, 0x7c, 0x8c, 0x01, 0x01, 0x00, 0x00, 0xff, 0xff, 0xfe, 0x25, 0x31, 0x49,
|
|
0x39, 0x01, 0x00, 0x00,
|
|
}
|
|
|
|
func (m *TokenSet) Marshal() (dAtA []byte, err error) {
|
|
size := m.ProtoSize()
|
|
dAtA = make([]byte, size)
|
|
n, err := m.MarshalToSizedBuffer(dAtA[:size])
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
return dAtA[:n], nil
|
|
}
|
|
|
|
func (m *TokenSet) MarshalTo(dAtA []byte) (int, error) {
|
|
size := m.ProtoSize()
|
|
return m.MarshalToSizedBuffer(dAtA[:size])
|
|
}
|
|
|
|
func (m *TokenSet) MarshalToSizedBuffer(dAtA []byte) (int, error) {
|
|
i := len(dAtA)
|
|
_ = i
|
|
var l int
|
|
_ = l
|
|
if len(m.Tokens) > 0 {
|
|
for k := range m.Tokens {
|
|
v := m.Tokens[k]
|
|
baseI := i
|
|
i = encodeVarintTokenset(dAtA, i, uint64(v))
|
|
i--
|
|
dAtA[i] = 0x10
|
|
i -= len(k)
|
|
copy(dAtA[i:], k)
|
|
i = encodeVarintTokenset(dAtA, i, uint64(len(k)))
|
|
i--
|
|
dAtA[i] = 0xa
|
|
i = encodeVarintTokenset(dAtA, i, uint64(baseI-i))
|
|
i--
|
|
dAtA[i] = 0xa
|
|
}
|
|
}
|
|
return len(dAtA) - i, nil
|
|
}
|
|
|
|
func encodeVarintTokenset(dAtA []byte, offset int, v uint64) int {
|
|
offset -= sovTokenset(v)
|
|
base := offset
|
|
for v >= 1<<7 {
|
|
dAtA[offset] = uint8(v&0x7f | 0x80)
|
|
v >>= 7
|
|
offset++
|
|
}
|
|
dAtA[offset] = uint8(v)
|
|
return base
|
|
}
|
|
func (m *TokenSet) ProtoSize() (n int) {
|
|
if m == nil {
|
|
return 0
|
|
}
|
|
var l int
|
|
_ = l
|
|
if len(m.Tokens) > 0 {
|
|
for k, v := range m.Tokens {
|
|
_ = k
|
|
_ = v
|
|
mapEntrySize := 1 + len(k) + sovTokenset(uint64(len(k))) + 1 + sovTokenset(uint64(v))
|
|
n += mapEntrySize + 1 + sovTokenset(uint64(mapEntrySize))
|
|
}
|
|
}
|
|
return n
|
|
}
|
|
|
|
func sovTokenset(x uint64) (n int) {
|
|
return (math_bits.Len64(x|1) + 6) / 7
|
|
}
|
|
func sozTokenset(x uint64) (n int) {
|
|
return sovTokenset(uint64((x << 1) ^ uint64((int64(x) >> 63))))
|
|
}
|
|
func (m *TokenSet) Unmarshal(dAtA []byte) error {
|
|
l := len(dAtA)
|
|
iNdEx := 0
|
|
for iNdEx < l {
|
|
preIndex := iNdEx
|
|
var wire uint64
|
|
for shift := uint(0); ; shift += 7 {
|
|
if shift >= 64 {
|
|
return ErrIntOverflowTokenset
|
|
}
|
|
if iNdEx >= l {
|
|
return io.ErrUnexpectedEOF
|
|
}
|
|
b := dAtA[iNdEx]
|
|
iNdEx++
|
|
wire |= uint64(b&0x7F) << shift
|
|
if b < 0x80 {
|
|
break
|
|
}
|
|
}
|
|
fieldNum := int32(wire >> 3)
|
|
wireType := int(wire & 0x7)
|
|
if wireType == 4 {
|
|
return fmt.Errorf("proto: TokenSet: wiretype end group for non-group")
|
|
}
|
|
if fieldNum <= 0 {
|
|
return fmt.Errorf("proto: TokenSet: illegal tag %d (wire type %d)", fieldNum, wire)
|
|
}
|
|
switch fieldNum {
|
|
case 1:
|
|
if wireType != 2 {
|
|
return fmt.Errorf("proto: wrong wireType = %d for field Tokens", wireType)
|
|
}
|
|
var msglen int
|
|
for shift := uint(0); ; shift += 7 {
|
|
if shift >= 64 {
|
|
return ErrIntOverflowTokenset
|
|
}
|
|
if iNdEx >= l {
|
|
return io.ErrUnexpectedEOF
|
|
}
|
|
b := dAtA[iNdEx]
|
|
iNdEx++
|
|
msglen |= int(b&0x7F) << shift
|
|
if b < 0x80 {
|
|
break
|
|
}
|
|
}
|
|
if msglen < 0 {
|
|
return ErrInvalidLengthTokenset
|
|
}
|
|
postIndex := iNdEx + msglen
|
|
if postIndex < 0 {
|
|
return ErrInvalidLengthTokenset
|
|
}
|
|
if postIndex > l {
|
|
return io.ErrUnexpectedEOF
|
|
}
|
|
if m.Tokens == nil {
|
|
m.Tokens = make(map[string]int64)
|
|
}
|
|
var mapkey string
|
|
var mapvalue int64
|
|
for iNdEx < postIndex {
|
|
entryPreIndex := iNdEx
|
|
var wire uint64
|
|
for shift := uint(0); ; shift += 7 {
|
|
if shift >= 64 {
|
|
return ErrIntOverflowTokenset
|
|
}
|
|
if iNdEx >= l {
|
|
return io.ErrUnexpectedEOF
|
|
}
|
|
b := dAtA[iNdEx]
|
|
iNdEx++
|
|
wire |= uint64(b&0x7F) << shift
|
|
if b < 0x80 {
|
|
break
|
|
}
|
|
}
|
|
fieldNum := int32(wire >> 3)
|
|
if fieldNum == 1 {
|
|
var stringLenmapkey uint64
|
|
for shift := uint(0); ; shift += 7 {
|
|
if shift >= 64 {
|
|
return ErrIntOverflowTokenset
|
|
}
|
|
if iNdEx >= l {
|
|
return io.ErrUnexpectedEOF
|
|
}
|
|
b := dAtA[iNdEx]
|
|
iNdEx++
|
|
stringLenmapkey |= uint64(b&0x7F) << shift
|
|
if b < 0x80 {
|
|
break
|
|
}
|
|
}
|
|
intStringLenmapkey := int(stringLenmapkey)
|
|
if intStringLenmapkey < 0 {
|
|
return ErrInvalidLengthTokenset
|
|
}
|
|
postStringIndexmapkey := iNdEx + intStringLenmapkey
|
|
if postStringIndexmapkey < 0 {
|
|
return ErrInvalidLengthTokenset
|
|
}
|
|
if postStringIndexmapkey > l {
|
|
return io.ErrUnexpectedEOF
|
|
}
|
|
mapkey = string(dAtA[iNdEx:postStringIndexmapkey])
|
|
iNdEx = postStringIndexmapkey
|
|
} else if fieldNum == 2 {
|
|
for shift := uint(0); ; shift += 7 {
|
|
if shift >= 64 {
|
|
return ErrIntOverflowTokenset
|
|
}
|
|
if iNdEx >= l {
|
|
return io.ErrUnexpectedEOF
|
|
}
|
|
b := dAtA[iNdEx]
|
|
iNdEx++
|
|
mapvalue |= int64(b&0x7F) << shift
|
|
if b < 0x80 {
|
|
break
|
|
}
|
|
}
|
|
} else {
|
|
iNdEx = entryPreIndex
|
|
skippy, err := skipTokenset(dAtA[iNdEx:])
|
|
if err != nil {
|
|
return err
|
|
}
|
|
if (skippy < 0) || (iNdEx+skippy) < 0 {
|
|
return ErrInvalidLengthTokenset
|
|
}
|
|
if (iNdEx + skippy) > postIndex {
|
|
return io.ErrUnexpectedEOF
|
|
}
|
|
iNdEx += skippy
|
|
}
|
|
}
|
|
m.Tokens[mapkey] = mapvalue
|
|
iNdEx = postIndex
|
|
default:
|
|
iNdEx = preIndex
|
|
skippy, err := skipTokenset(dAtA[iNdEx:])
|
|
if err != nil {
|
|
return err
|
|
}
|
|
if (skippy < 0) || (iNdEx+skippy) < 0 {
|
|
return ErrInvalidLengthTokenset
|
|
}
|
|
if (iNdEx + skippy) > l {
|
|
return io.ErrUnexpectedEOF
|
|
}
|
|
iNdEx += skippy
|
|
}
|
|
}
|
|
|
|
if iNdEx > l {
|
|
return io.ErrUnexpectedEOF
|
|
}
|
|
return nil
|
|
}
|
|
func skipTokenset(dAtA []byte) (n int, err error) {
|
|
l := len(dAtA)
|
|
iNdEx := 0
|
|
depth := 0
|
|
for iNdEx < l {
|
|
var wire uint64
|
|
for shift := uint(0); ; shift += 7 {
|
|
if shift >= 64 {
|
|
return 0, ErrIntOverflowTokenset
|
|
}
|
|
if iNdEx >= l {
|
|
return 0, io.ErrUnexpectedEOF
|
|
}
|
|
b := dAtA[iNdEx]
|
|
iNdEx++
|
|
wire |= (uint64(b) & 0x7F) << shift
|
|
if b < 0x80 {
|
|
break
|
|
}
|
|
}
|
|
wireType := int(wire & 0x7)
|
|
switch wireType {
|
|
case 0:
|
|
for shift := uint(0); ; shift += 7 {
|
|
if shift >= 64 {
|
|
return 0, ErrIntOverflowTokenset
|
|
}
|
|
if iNdEx >= l {
|
|
return 0, io.ErrUnexpectedEOF
|
|
}
|
|
iNdEx++
|
|
if dAtA[iNdEx-1] < 0x80 {
|
|
break
|
|
}
|
|
}
|
|
case 1:
|
|
iNdEx += 8
|
|
case 2:
|
|
var length int
|
|
for shift := uint(0); ; shift += 7 {
|
|
if shift >= 64 {
|
|
return 0, ErrIntOverflowTokenset
|
|
}
|
|
if iNdEx >= l {
|
|
return 0, io.ErrUnexpectedEOF
|
|
}
|
|
b := dAtA[iNdEx]
|
|
iNdEx++
|
|
length |= (int(b) & 0x7F) << shift
|
|
if b < 0x80 {
|
|
break
|
|
}
|
|
}
|
|
if length < 0 {
|
|
return 0, ErrInvalidLengthTokenset
|
|
}
|
|
iNdEx += length
|
|
case 3:
|
|
depth++
|
|
case 4:
|
|
if depth == 0 {
|
|
return 0, ErrUnexpectedEndOfGroupTokenset
|
|
}
|
|
depth--
|
|
case 5:
|
|
iNdEx += 4
|
|
default:
|
|
return 0, fmt.Errorf("proto: illegal wireType %d", wireType)
|
|
}
|
|
if iNdEx < 0 {
|
|
return 0, ErrInvalidLengthTokenset
|
|
}
|
|
if depth == 0 {
|
|
return iNdEx, nil
|
|
}
|
|
}
|
|
return 0, io.ErrUnexpectedEOF
|
|
}
|
|
|
|
var (
|
|
ErrInvalidLengthTokenset = fmt.Errorf("proto: negative length found during unmarshaling")
|
|
ErrIntOverflowTokenset = fmt.Errorf("proto: integer overflow")
|
|
ErrUnexpectedEndOfGroupTokenset = fmt.Errorf("proto: unexpected end of group")
|
|
)
|