add support for some basic authentication methods

2026-04-19 00:36:38 +00:00 · 2026-01-29 16:34:52 +00:00
parent 0d480071b6
commit e95cfa1a00
12 changed files with 867 additions and 449 deletions
--- a/proxy/internal/auth/link.go
+++ b/proxy/internal/auth/link.go
@@ -0,0 +1,57 @@
+package auth
+
+import (
+	"net/http"
+
+	"github.com/netbirdio/netbird/shared/management/proto"
+)
+
+const linkFormId = "email"
+
+type Link struct {
+	id, accountId string
+	client        authenticator
+}
+
+func NewLink(client authenticator, id, accountId string) Link {
+	return Link{
+		id:        id,
+		accountId: accountId,
+		client:    client,
+	}
+}
+
+func (Link) Type() Method {
+	return MethodLink
+}
+
+func (l Link) Authenticate(r *http.Request) (string, bool, any) {
+	email := r.FormValue(linkFormId)
+
+	res, err := l.client.Authenticate(r.Context(), &proto.AuthenticateRequest{
+		Id:        l.id,
+		AccountId: l.accountId,
+		Request: &proto.AuthenticateRequest_Link{
+			Link: &proto.LinkRequest{
+				Email:    email,
+				Redirect: "", // TODO: calculate this.
+			},
+		},
+	})
+	if err != nil {
+		// TODO: log error here
+		return "", false, linkFormId
+	}
+
+	if res.GetSuccess() {
+		// Use the email address as the user identifier.
+		return email, true, nil
+	}
+
+	return "", false, linkFormId
+}
+
+func (l Link) Middleware(next http.Handler) http.Handler {
+	// TODO: handle magic link redirects, should be similar to OIDC.
+	return next
+}