Add Backend to Monorepo

WebsiteBackend/src/de/steamwar/plugins/Auth.kt

@@ -0,0 +1,104 @@
+/*
+ *   This file is a part of the SteamWar software.
+ *
+ *   Copyright (C) 2024 SteamWar.de-Serverteam
+ *
+ *   This program is free software: you can redistribute it and/or modify
+ *   it under the terms of the GNU Affero General Public License as published by
+ *   the Free Software Foundation, either version 3 of the License, or
+ *   (at your option) any later version.
+ *
+ *   This program is distributed in the hope that it will be useful,
+ *   but WITHOUT ANY WARRANTY; without even the implied warranty of
+ *   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ *   GNU Affero General Public License for more details.
+ *
+ *   You should have received a copy of the GNU Affero General Public License
+ *   along with this program.  If not, see <https://www.gnu.org/licenses/>.
+ */
+
+package de.steamwar.plugins
+
+import de.steamwar.sql.SWException
+import de.steamwar.sql.SteamwarUser
+import de.steamwar.sql.Token
+import de.steamwar.sql.UserPerm
+import io.ktor.http.*
+import io.ktor.server.application.*
+import io.ktor.server.application.hooks.*
+import io.ktor.server.auth.*
+import io.ktor.server.request.*
+import io.ktor.server.response.*
+
+
+data class SWAuthPrincipal(val token: Token, val user: SteamwarUser) : Principal
+
+class SWAuthConfig {
+    var permission: UserPerm? = null
+    var allowedMethods = mutableListOf<HttpMethod>()
+    var userCheck: SWAuthPrincipal.(ApplicationRequest) -> Boolean = { true }
+    var mustAuth: Boolean = false
+
+    fun allowMethod(method: HttpMethod) {
+        allowedMethods.add(method)
+    }
+
+    fun allowMethods(methods: List<HttpMethod>) {
+        allowedMethods.addAll(methods)
+    }
+
+    fun userCheck(check: SWAuthPrincipal.(ApplicationRequest) -> Boolean) {
+        userCheck = check
+    }
+}
+
+val SWPermissionCheck = createRouteScopedPlugin("SWAuth", ::SWAuthConfig) {
+    pluginConfig.apply {
+        on(AuthenticationChecked) { call ->
+            if (call.request.httpMethod in allowedMethods) {
+                if(mustAuth) {
+                    val token = call.principal<SWAuthPrincipal>()
+
+                    if (token == null) {
+                        call.respond(HttpStatusCode.Unauthorized)
+                    }
+                }
+
+                return@on
+            }
+
+            val token = call.principal<SWAuthPrincipal>()
+
+            if (token == null) {
+                call.respond(HttpStatusCode.Unauthorized)
+                return@on
+            }
+
+            if (permission != null && !token.user.hasPerm(permission)) {
+                call.respond(HttpStatusCode.Forbidden)
+                return@on
+            }
+
+            if (!token.userCheck(call.request)) {
+                call.respond(HttpStatusCode.Forbidden)
+                return@on
+            }
+        }
+    }
+}
+
+val ErrorLogger = createApplicationPlugin("SWLogger") {
+    on(CallFailed) { call, cause ->
+        val msg = """
+{
+URI: ${call.request.uri}
+Method: ${call.request.httpMethod.value}
+Headers: ${call.request.headers.entries().joinToString("\n    ") { "${it.key}: ${it.value}" }}
+
+Message: ${cause.message}
+}
+        """
+
+        call.response.headers.append("X-Caught", "1")
+    }
+}

WebsiteBackend/src/de/steamwar/plugins/Plugins.kt

@@ -0,0 +1,78 @@
+/*
+ *   This file is a part of the SteamWar software.
+ *
+ *   Copyright (C) 2024 SteamWar.de-Serverteam
+ *
+ *   This program is free software: you can redistribute it and/or modify
+ *   it under the terms of the GNU Affero General Public License as published by
+ *   the Free Software Foundation, either version 3 of the License, or
+ *   (at your option) any later version.
+ *
+ *   This program is distributed in the hope that it will be useful,
+ *   but WITHOUT ANY WARRANTY; without even the implied warranty of
+ *   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ *   GNU Affero General Public License for more details.
+ *
+ *   You should have received a copy of the GNU Affero General Public License
+ *   along with this program.  If not, see <https://www.gnu.org/licenses/>.
+ */
+
+package de.steamwar.plugins
+
+import de.steamwar.sql.Token
+import io.ktor.http.*
+import io.ktor.serialization.kotlinx.json.*
+import io.ktor.server.application.*
+import io.ktor.server.auth.*
+import io.ktor.server.plugins.contentnegotiation.*
+import io.ktor.server.plugins.cors.routing.*
+import io.ktor.server.plugins.ratelimit.*
+import kotlinx.serialization.json.Json
+import kotlin.time.Duration.Companion.seconds
+
+fun Application.configurePlugins() {
+    install(CORS) {
+        allowMethod(HttpMethod.Options)
+        allowMethod(HttpMethod.Get)
+        allowMethod(HttpMethod.Post)
+        allowMethod(HttpMethod.Put)
+        allowMethod(HttpMethod.Delete)
+        allowHeader(HttpHeaders.Authorization)
+        allowHeader(HttpHeaders.AccessControlAllowOrigin)
+        allowHeader(HttpHeaders.ContentType)
+        anyHost()
+        allowXHttpMethodOverride()
+    }
+    install(RateLimit) {
+        global {
+            rateLimiter(limit = 60, refillPeriod = 60.seconds)
+            requestKey {
+                it.request.headers["X-Forwarded-For"] ?: it.request.local.remoteHost
+            }
+            requestWeight { applicationCall, _ ->
+                if(applicationCall.request.headers["X-Forwarded-For"] != null) {
+                    0
+                } else {
+                    1
+                }
+            }
+        }
+    }
+    authentication {
+        bearer("sw-auth") {
+            realm = "SteamWar API"
+            authenticate { call ->
+                val token = Token.getTokenByCode(call.token)
+                if (token == null) {
+                    null
+                } else {
+                    SWAuthPrincipal(token, token.owner)
+                }
+            }
+        }
+    }
+    install(ContentNegotiation) {
+        json(Json)
+    }
+    install(ErrorLogger)
+}

WebsiteBackend/src/de/steamwar/plugins/SteamWar.kt

@@ -0,0 +1,27 @@
+/*
+ *   This file is a part of the SteamWar software.
+ *
+ *   Copyright (C) 2024 SteamWar.de-Serverteam
+ *
+ *   This program is free software: you can redistribute it and/or modify
+ *   it under the terms of the GNU Affero General Public License as published by
+ *   the Free Software Foundation, either version 3 of the License, or
+ *   (at your option) any later version.
+ *
+ *   This program is distributed in the hope that it will be useful,
+ *   but WITHOUT ANY WARRANTY; without even the implied warranty of
+ *   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ *   GNU Affero General Public License for more details.
+ *
+ *   You should have received a copy of the GNU Affero General Public License
+ *   along with this program.  If not, see <https://www.gnu.org/licenses/>.
+ */
+
+package de.steamwar.plugins
+
+import de.steamwar.sql.SteamwarUser
+import io.ktor.server.request.*
+
+fun ApplicationRequest.getUser(key: String = "id"): SteamwarUser? {
+    return SteamwarUser.get(call.parameters[key]?.toIntOrNull() ?: return null)
+}