# README
Sider-OG [WIP]
Project description
Http based sudo-like service. Some random description notes:
-
Client is registered to be allowed to consume the service
-
Registered client asks for session starting, server allows it.
-
Client asks if session is active, server replies.
-
Server generates unique static server identity, basing on machine ID.
-
Server component is delegated to store HASHES in memory, with its TTL.
-
Token is machine-unique (machine ID), unpredictable (hashed 256sum).
Calls
# create role
/admin/new_role?value=938579384579348579347
# return: 938579384579348579347
# Description: register role 938579384579348579347 in order to allow to consume /start_session call
# start session
/start_session?role=938579384579348579347
# return: 16b9ee3151ee76fdf5af5c509f9c208865e5a398a660167b64554c4e51211b9
# Description: This is the client's token
# check session
/check_session?token=16b9ee3151ee76fdf5af5c509f9c208865e5a398a660167b64554c4e51211b9e
# return: [true|false]
# Description: Client session is up/down
Unittest
> go test -v -cover ./...
[...]
Build
> export GOPATH=${HOME}/go
> export GOBIN=${GOPATH}/bin
> export PATH=${PATH}:${GOBIN}
> export GO111MODULE=on
....
> go build -o ${GOBIN}
> siderog
> Server running...
Make
# Install
$ make install
# Run
$ make run
# Stop
$ make stop
TLS setup
$ mkdir -p tls/cert tls/key
# private key (.key)
$ openssl genrsa -out ./tls/key/server.key 2048
# Key considerations for algorithm "ECDSA" ≥ secp384r1
# List ECDSA the supported curves (openssl ecparam -list_curves)
$ openssl ecparam -genkey -name secp384r1 -out ./tls/key/server.key
# self-signed(x509) public key (PEM-encodings .pem|.crt) based on the private (.key)
$ openssl req -new -x509 -sha256 -key ./tls/key/server.key -out ./tls/cert/server.crt -days 3650
# Packages
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author