Olivier/colorshell
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
e1a3e654bec17ef25bd43a2d567efbd8005cb286
colorshell/src/modules/auth.ts
T
retrozinndev e1a3e654be 🔧 chore: general improvements 
- save night light filter data in `userData`
- better click detection in control center tiles
- continue development of the native polkit agent
- start night light module on shell init, drop hyprsunset scripts
2025-09-26 22:23:45 -03:00

116 lines
3.7 KiB
TypeScript
Raw Blame History

import { exec, execAsync } from "ags/process";
import { register } from "ags/gobject";
import { AuthPopup } from "../widget/AuthPopup";
import AstalAuth from "gi://AstalAuth";
import Polkit from "gi://Polkit";
import PolkitAgent from "gi://PolkitAgent";
import Gio from "gi://Gio?version=2.0";
import GLib from "gi://GLib?version=2.0";
@register({ GTypeName: "AuthAgent" })
export class Auth extends PolkitAgent.Listener {
private static instance: Auth;
#subject: Polkit.Subject;
#pam: AstalAuth.Pam;
#handle: any;
constructor() {
super();
this.#subject = Polkit.UnixSession.new(""); // TODO find how to get session id (for some reason, i can't find a session ID that works)
this.#pam = new AstalAuth.Pam();
this.#handle = this.register(
PolkitAgent.RegisterFlags.RUN_IN_THREAD,
this.#subject,
"/io/github/retrozinndev/colorshell/PolicyKit/AuthAgent",
null
);
}
vfunc_dispose() {
PolkitAgent.Listener.unregister(this.#handle);
}
public static initiate_authentication(action_id: string, message: string, icon_name: string, details: Polkit.Details, cookie: string, identities: Array<Polkit.Identity>, cancellable: Gio.Cancellable|null, callback: Gio.AsyncReadyCallback<Auth>|null): void {
const task = Gio.Task.new(
this.getDefault(),
cancellable,
callback as Gio.AsyncReadyCallback|null
);
AuthPopup({
text: message,
iconName: icon_name,
onContinue: (data, reject, approve) => {
this.getDefault().validateAuth(data.passwd, data.user).then((success) => {
approve();
task.return_boolean(success);
}).catch((error: GLib.Error) => {
// TODO implement a number of tries (usually it's 3)
reject(`Authentication failed: ${error.message}`);
task.return_error(error);
});
}
});
}
public static initAgent(): Auth {
if(!this.instance)
this.instance = new Auth();
return this.instance;
}
// TODO: support fingerprint/facial auth
/** @returns true if data are correct, rejects promise otherwise */
public validateAuth(passwd: string, user?: string): Promise<boolean> {
if(user !== undefined)
this.#pam.username = user;
return new Promise<boolean>((resolve, reject) => {
const connections: Array<number> = [];
connections.push(
this.#pam.connect("fail", () => {
reject(
`Auth: Authentication has failed for user ${this.#pam.username}`
);
connections.forEach(id => this.#pam.disconnect(id));
}),
this.#pam.connect("success", () => {
resolve(true);
connections.forEach(id => this.#pam.disconnect(id));
})
);
this.#pam.start_authenticate();
this.#pam.supply_secret(passwd);
});
}
/** @returns true if successful */
public async polkitExecute(cmd: string | Array<string>): Promise<boolean> {
let success: boolean = true;
await execAsync([
"pkexec",
"--",
...(Array.isArray(cmd) ? cmd : [ cmd ]) ]
).catch((r) => {
success = false;
console.error(`Polkit: Couldn't authenticate. Stderr: ${r}`);
});
return success;
}
public static getDefault(): Auth {
if(!this.instance)
this.instance = new Auth();
return this.instance;
}
}
Reference in New Issue View Git Blame Copy Permalink