Separate proxy stuff

author: Runxi Yu <me@runxiyu.org> 2025-03-23 12:04:27 +0800
committer: Runxi Yu <me@runxiyu.org> 2025-03-23 12:04:27 +0800
commit: 137415cb5062ae3b5ce4ba8056754c1fc4febcaf (patch)
tree: 95b7f7bfa04ab381e21e14a1dcd3bb1f8fc90663 /token.go
parent: Separate privkey stuff (diff)
download: powxy-137415cb5062ae3b5ce4ba8056754c1fc4febcaf.tar.gz
powxy-137415cb5062ae3b5ce4ba8056754c1fc4febcaf.tar.zst
powxy-137415cb5062ae3b5ce4ba8056754c1fc4febcaf.zip
1 files changed, 39 insertions, 0 deletions
diff --git a/token.go b/token.go
new file mode 100644
index 0000000..74bf903
--- /dev/null
+++ b/token.go
@@ -0,0 +1,39 @@
+package main
+
+import (
+	"crypto/hmac"
+	"crypto/sha256"
+	"encoding/binary"
+	"net/http"
+	"time"
+)
+
+func makeSignedToken(request *http.Request) []byte {
+	buf := make([]byte, 0, 2*sha256.Size)
+
+	timeBuf := make([]byte, binary.MaxVarintLen64)
+	binary.PutVarint(timeBuf, time.Now().Unix()/604800)
+
+	remoteIP := getRemoteIP(request)
+
+	h := sha256.New()
+	h.Write(timeBuf)
+	h.Write(stringToBytes(remoteIP))
+	h.Write(stringToBytes(request.Header.Get("User-Agent")))
+	h.Write(stringToBytes(request.Header.Get("Accept-Encoding")))
+	h.Write(stringToBytes(request.Header.Get("Accept-Language")))
+	h.Write(privkeyHash)
+	buf = h.Sum(buf)
+	if len(buf) != sha256.Size {
+		panic("unexpected buffer length after hashing contents")
+	}
+
+	mac := hmac.New(sha256.New, privkey)
+	mac.Write(buf)
+	buf = mac.Sum(buf)
+	if len(buf) != 2*sha256.Size {
+		panic("unexpected buffer length after hmac")
+	}
+
+	return buf
+}
author	Runxi Yu <me@runxiyu.org>	2025-03-23 12:04:27 +0800
committer	Runxi Yu <me@runxiyu.org>	2025-03-23 12:04:27 +0800
commit	137415cb5062ae3b5ce4ba8056754c1fc4febcaf (patch)
tree	95b7f7bfa04ab381e21e14a1dcd3bb1f8fc90663 /token.go
parent	Separate privkey stuff (diff)
download	powxy-137415cb5062ae3b5ce4ba8056754c1fc4febcaf.tar.gz powxy-137415cb5062ae3b5ce4ba8056754c1fc4febcaf.tar.zst powxy-137415cb5062ae3b5ce4ba8056754c1fc4febcaf.zip