first key exchange thing

.gitignore

@@ -30,3 +30,6 @@ go.work.sum
 # Editor/IDE
 # .idea/
 # .vscode/
+
+.venv
+__pycache__

internal/game/user.go

@@ -2,22 +2,18 @@ package game
 
 import (
 	"crypto/ed25519"
-	"crypto/rand"
 )
 
 type User struct {
 	Name      string
 	PublicKey ed25519.PublicKey
-	PrivateKey ed25519.PrivateKey
 }
 
-func NewUser(name string) User {
+func NewUser(name string, publicKey ed25519.PublicKey) User {
 	// ed25519
 
-	public, private, _ := ed25519.GenerateKey(rand.Reader)
 	return User{
 		Name:      name,
-		PublicKey:  public,
+		PublicKey: publicKey,
-		PrivateKey: private,
 	}
 }

internal/rest_handler/create_user.go

@@ -1,6 +1,7 @@
 package rest_handler
 
 import (
+	"encoding/base64"
 	"net/http"
 
 	"gitea.elara.ws/Hazel/hangman/internal/game"
@@ -12,6 +13,7 @@ func CreateUser(c echo.Context) error {
 
 	type BodyContent struct {
 		Name      string
+		PublicKey string
 	}
 	var bodyContent BodyContent
 
@@ -20,7 +22,9 @@ func CreateUser(c echo.Context) error {
 		return c.String(http.StatusBadRequest, err.Error())
 	}
 
-	user := game.NewUser(bodyContent.Name)
+	pub, _ := base64.StdEncoding.DecodeString(bodyContent.PublicKey)
+	user := game.NewUser(bodyContent.Name, pub)
 	session.AddUser(user)
+
 	return c.JSON(http.StatusOK, user)
 }

main.go

@@ -39,6 +39,7 @@ func main() {
 
 	e.POST("/api/session", rest_handler.CreateSession)
 	e.POST("/api/:session/user", rest_handler.CreateUser)
+	e.POST("/api/:session/test-auth", rest_handler.CreateSession)
 
 	e.GET("/", view_handler.CreateSession)
 	e.GET("/:name", view_handler.CreateUser)

python_frontend/frontend.py

@@ -0,0 +1,75 @@
+from __future__ import annotations
+
+from typing import List
+import requests
+from nacl.signing import SigningKey, VerifyKey
+import base64
+
+import json
+
+
+BASE_URL = "http://localhost:1323/api"
+
+
+class User:
+    def __init__(self, session: Session, name: str) -> None:
+        self.session = session
+        self.name = name
+
+        self.signing_key = SigningKey.generate()
+
+        r = requests.post(BASE_URL + f"/{self.session.name}/user", json={
+            "Name": name,
+            "PublicKey": base64.b64encode(self.signing_key.verify_key.__bytes__()).decode("ascii")
+        })
+
+        data = r.json()
+        print(json.dumps(data, indent=4))
+
+    def __repr__(self) -> str:
+        return f"User({self.name})"
+    
+
+    def test_auth(self):
+        r = self.signed_request("/test-auth", {
+            "foo": "bar"
+        })
+        print(r.content)
+    
+    def signed_request(self, endpoint: str, body: dict) -> requests.Response:
+        payload = json.dumps(body).encode("utf-8")
+
+        signature = self.signing_key.sign(payload)
+
+        return requests.post(
+            url=BASE_URL+f"/{self.session.name}"+endpoint,
+            data=payload,
+            headers={
+                "Content-Type": "application/json",
+                "signature": base64.b64encode(signature.signature).decode("ascii")
+            }
+        )
+
+
+class Session:
+    def __init__(self) -> None:
+        data = requests.post(BASE_URL + "/session").json()
+        self.name = data["Name"]
+        self.users: List[User] = []
+
+    def __repr__(self) -> str:
+        return f"Session({self.name})"
+
+    def add_user(self, name: str) -> User:
+        u = User(session=self, name=name)
+        self.users.append(u)
+        return u
+
+
+if __name__ == "__main__":
+    s = Session()
+    print(s)
+    u = s.add_user(name="Hazel")
+    print(u)
+
+    u.test_auth()