From b1c4ab8e164ab45862810ae0fabb47b51d640c55 Mon Sep 17 00:00:00 2001
From: absc <a@abiscuola.com>
Date: Sun, 15 Sep 2024 13:23:38 +0000
Subject: [PATCH] Add support for multi-host to the authentication module.

---
 dudeswave_users/src/dudeswave_users_auth.erl | 38 ++++++++++++--------
 1 file changed, 24 insertions(+), 14 deletions(-)

diff --git a/dudeswave_users/src/dudeswave_users_auth.erl b/dudeswave_users/src/dudeswave_users_auth.erl
index da99164..9f0b130 100644
--- a/dudeswave_users/src/dudeswave_users_auth.erl
+++ b/dudeswave_users/src/dudeswave_users_auth.erl
@@ -23,7 +23,7 @@ Here lives all the functions for the APIs needed to handle users authentication.
 -include_lib("dudeswave_backend/include/defines.hrl").
 -include_lib("storage/include/storage.hrl").
 
--export([authenticate/3, logout/2]).
+-export([authenticate/4, logout/3]).
 
 -doc """
 Verify a session with an existing cookie.
@@ -31,9 +31,10 @@ Verify a session with an existing cookie.
 Spec:
 
 ```
--spec authenticate(Type, User, Auth) -> true | false | {true, Cookie, Validity} | {error, Reason} when
+-spec authenticate(Type, User, Host, Auth) -> true | false | {true, Cookie, Validity} | {error, Reason} when
 	Type :: cookie | password,
 	User :: binary(),
+	Host :: binary(),
 	Auth :: {cookie, binary()} | {password, binary()},
 	Cookie :: binary(),
 	Validity :: pos_integer(),
@@ -46,15 +47,18 @@ after authenticating with `Password`.
 If `Cookie` is valid, the function returns `true`. If the authentication is denied
 returns `false`
 """.
--spec authenticate(Type, User, Auth) -> true | false | {true, Cookie, Validity} | {error, Reason} when
+-spec authenticate(Type, User, Host, Auth) -> true | false | {true, Cookie, Validity} | {error, Reason} when
 	Type :: cookie | password,
 	User :: binary(),
+	Host :: binary(),
 	Auth :: {cookie, binary()} | {password, binary()},
 	Cookie :: binary(),
 	Validity :: pos_integer(),
 	Reason :: term().
 
-authenticate(cookie, User, Cookie) ->
+authenticate(cookie, User, Host, Cookie) ->
+	ComplUser = <<User/binary, "@", Host/binary>>,
+
 	case storage:read(?COOKIESBUCK, Cookie) of
 		{ok, [R]} ->
 			CurTime = calendar:now_to_universal_time(erlang:timestamp()),
@@ -64,7 +68,7 @@ authenticate(cookie, User, Cookie) ->
 			if
 				CookieTime >= CurTime ->
 					if
-						User =:= CookieUser -> true;
+						ComplUser =:= CookieUser -> true;
 						true -> false
 					end;
 				true -> false
@@ -73,8 +77,10 @@ authenticate(cookie, User, Cookie) ->
 		{error, _} -> {error, service_unavailable}
 	end;
 
-authenticate(password, User, Password) ->
-	case storage:read(?USERSBUCK, User) of
+authenticate(password, User, Host, Password) ->
+	ComplUser = <<User/binary, "@", Host/binary>>,
+
+	case storage:read(?USERSBUCK, ComplUser) of
 		{ok, [R]} ->
 			Validity = case application:get_env(cookie_validity) of
 				{ok, Value} ->
@@ -83,8 +89,8 @@ authenticate(password, User, Password) ->
 				    erlang:system_time(seconds) + ?DEFVALIDITY * 86400
 			end,
 
-			{hash, Hash} = proplists:lookup(hash, R#object.metadata),
-			{salt, Salt} = proplists:lookup(salt, R#object.metadata),
+			{hash, Hash} = proplists:lookup(hash, R#object.value),
+			{salt, Salt} = proplists:lookup(salt, R#object.value),
 			{approved, Appr} = proplists:lookup(approved, R#object.metadata),
 
 			Auth = crypto:hash(sha256, <<Password/binary, Salt/binary>>),
@@ -94,7 +100,7 @@ authenticate(password, User, Password) ->
 				Auth =:= Hash ->
 					Cookie = base64:encode(rand:bytes(64)),
 					case storage:write(?COOKIESBUCK, <<Cookie/binary>>,
-					    Validity, [{user, User}]) of
+					    Validity, [{user, ComplUser}]) of
 						ok -> {true, Cookie, Validity};
 						{error, Reason} -> {error, Reason}
 					end;
@@ -110,23 +116,27 @@ Close an existing session
 Spec:
 
 ```
--spec logout(User, Cookie) -> ok | {error, Reason} when
+-spec logout(User, Host, Cookie) -> ok | {error, Reason} when
 	User :: binary(),
+	Host :: binary(),
 	Cookie :: binary(),
 	Reason :: term().
 ```
 
 Invalidate and delete `Cookie` associated with `User` from the system.
 """.
--spec logout(User, Cookie) -> ok | {error, Reason} when
+-spec logout(User, Host, Cookie) -> ok | {error, Reason} when
 	User :: binary(),
+	Host :: binary(),
 	Cookie :: binary(),
 	Reason :: term().
 
-logout(User, Cookie) ->
+logout(User, Host, Cookie) ->
+	ComplUser = <<User/binary, "@", Host/binary>>,
+
 	case storage:read(?COOKIESBUCK, Cookie) of
 		{ok, [R]} ->
-			{user, User} = proplists:lookup(user, R#object.metadata),
+			{user, ComplUser} = proplists:lookup(user, R#object.metadata),
 			storage:delete(?COOKIESBUCK, Cookie);
 		{ok, []} ->
 			{error, not_found};