Implement Corlink

Author: MotorTruck1221

Gemfile

@@ -20,6 +20,7 @@ gem 'bcrypt'
 gem 'thor'
 gem 'readline'
 gem 'readline-ext'
+gem 'httparty'
 gem "rack-reverse-proxy", require: "rack/reverse_proxy"
 group :development do
   gem "rerun"

config/settings.example.yml

@@ -16,3 +16,8 @@ database:
   password: "ruby" # change this to your database password
   host: "db" # change this to your database host
   dbname: "ruby" # change this to your database name
+
+corlink:
+  enabled: "false"
+  url: "https://corlink.com"
+  apiKey: "yourapikey"

main.rb

@@ -94,22 +94,39 @@
 
 #Auth to login to the site
 post '/auth' do 
-  if Settings.private == "false" || Settings.multiuser == "false"
-    if params[:password] == Settings.password && params[:username].downcase == Settings.username.downcase
-      session[:auth] = true
-      session[:uid] = SecureRandom.alphanumeric(2048)
-      redirect '/'
+  if Settings.corlink.enabled == "true" && Settings.private == "false"
+    password = params[:password]
+    username = params[:username]
+    req = HTTParty.post("#{Settings.corlink.url}", headers: { 'Content-Type' => 'application/json', 'Authorization' => "Bearer #{Settings.corlink.apiKey}", 'Key' => "#{password}" })
+    if req.code == 200
+      if username == "ruby"
+        session[:auth] = true
+        session[:uid] = SecureRandom.alphanumeric(2048)
+        redirect '/'
+      else 
+        redirect '/'
+      end
     else
       redirect '/'
     end
   else
-    loggedIn = login(params[:username], params[:password])
-    if loggedIn == true
-      session[:auth] = true
-      session[:uid] = SecureRandom.alphanumeric(2048)
-      redirect '/'
+    if Settings.private == "false" || Settings.multiuser == "false"
+      if params[:password] == Settings.password && params[:username].downcase == Settings.username.downcase
+        session[:auth] = true
+        session[:uid] = SecureRandom.alphanumeric(2048)
+        redirect '/'
+      else
+        redirect '/'
+      end
     else
-      redirect '/'
+      loggedIn = login(params[:username], params[:password])
+      if loggedIn == true
+        session[:auth] = true
+        session[:uid] = SecureRandom.alphanumeric(2048)
+        redirect '/'
+      else
+        redirect '/'
+      end
     end
   end
 end

require.rb

@@ -12,6 +12,7 @@
 require 'yaml'
 require 'sequel'
 require 'bcrypt'
+require 'httparty'
 require './ruby/utils.rb'
 require './ruby/proxyPaths.rb'
 require './ruby/auth.rb'

ruby/auth.rb

@@ -13,10 +13,20 @@ def call(env)
       #  session[:auth] = true
       #  session[:uid] = SecureRandom.alphanumeric(2048)
        # return [302, {'Location' => '/'}, []]
-      if Settings.private == "false" && params['unlock'] == '' || params['unlock'] == 'unlock' || params['unlock'] == 'true' || params['unlock'] == ' '
-        session[:auth] = true
-        session[:uid] = SecureRandom.alphanumeric(2048)
-        return [302, {'Location' => '/'}, []]
+      if Settings.corlink.enabled == "true" && Settings.private == "false"
+        auth = params['unlock']
+        req = HTTParty.post("#{Settings.corlink.url}", headers: { 'Content-Type' => 'application/json', 'Authorization' => "Bearer #{Settings.corlink.apiKey}", 'Key' => "#{auth}" })
+        if req.code == 200
+          session[:auth] = true
+          session[:uid] = SecureRandom.alphanumeric(2048)
+          return [302, {'Location' => '/'}, []]
+        end
+      else 
+        if Settings.private == "false" && params['unlock'] == '' || params['unlock'] == 'unlock' || params['unlock'] == 'true' || params['unlock'] == ' '
+          session[:auth] = true
+          session[:uid] = SecureRandom.alphanumeric(2048)
+          return [302, {'Location' => '/'}, []]
+        end
       end
     end
     @app.call(env)

ruby/validator.rb

@@ -13,6 +13,10 @@ class YamlValidator < Dry::Validation::Contract
       required(:password).filled(:string)
       required(:dbname).filled(:string)
     end
+    optional(:corlink).filled(:hash).schema do 
+      required(:url).filled(:string)
+      required(:apiKey).filled(:string)
+    end
   end
   rule(:port) do
     key.failure('must be greater than 0') if value <= 0