xshield/Management/webserver.go

package management

import (
	"encoding/json"
	"log"
	"net/http"
	"path/filepath"
	"text/template"

	"github.com/asaskevich/govalidator"
	"github.com/cr3a70r/shield/Utils"
	"github.com/gorilla/mux"
	"github.com/gorilla/securecookie"
)

var hashKey = []byte("ckjstkldx-rlkjcmskl-rdlskjtmd")
var blockKey = []byte("opbckswle-sdnfekjtiw-dsmnwhekskd")
var secCookie = securecookie.New(hashKey, blockKey)

func StartWebserver(addr string) {
	router := mux.NewRouter()

	router.HandleFunc("/", renderIndex)
	router.HandleFunc("/config", config)
	router.HandleFunc("/dashboard", dashboard)
	router.HandleFunc("/protection", protection)
	router.HandleFunc("/config", config)

	log.Fatal(http.ListenAndServe(addr, router))
}

func health(writer http.ResponseWriter, req *http.Request) {
	Utils.RespondJSON("Unknown state", 200, writer)
}

func renderIndex(w http.ResponseWriter, r *http.Request) {
	if r.Method == "POST" {

		r.ParseForm()
		if !govalidator.IsEmail(r.FormValue("Email")) {
			log.Println("webserver.auth: email not found")
		}

		success, err := Settings.CheckPassword(r.FormValue("Email"), r.FormValue("Password"))
		if err != nil {
			log.Println("webserver.auth: unseccessful auth ")
			log.Println(err)

		} else if success {
			log.Println("webserver.auth: login")
			log.Println(r.FormValue("Email"))

			value := map[string]string{
				"email":    r.FormValue("Email"),
				"password": r.FormValue("Password"),
			}
			encoded, err := secCookie.Encode("Shield", value)

			Settings.SaveCookie(r.FormValue("Email"), encoded)

			if err != nil {
				log.Println("webserver.auth: failed to encode cookie")
			}
			cookie := &http.Cookie{
				Name:  "Shield",
				Value: encoded,
				Path:  "/",
			}
			http.SetCookie(w, cookie)
			r.Header.Set("x-shield", encoded)

			http.Redirect(w, r, "/dashboard", http.StatusSeeOther)
		}
	}

	parsedTemplate, _ := template.ParseFiles("static/index.html")
	err := parsedTemplate.Execute(w, "")
	if err != nil {
		log.Println("Error executing template :", err)
		return
	}

	defer r.Body.Close()
}

func dashboard(w http.ResponseWriter, r *http.Request) {
	fpTemplate := filepath.Join("static", "template.html")
	fpPage := filepath.Join("static", "dashboard.html")

	tmpl, err := template.ParseFiles(fpPage, fpTemplate)

	if err != nil {
		log.Println("webserver.dashboard: " + err.Error())
	}

	err = tmpl.ExecuteTemplate(w, "template.html", nil)
	if err != nil {
		log.Println("webserver.dashboard: " + err.Error())
	}
}

func protection(w http.ResponseWriter, r *http.Request) {
	fpTemplate := filepath.Join("static", "template.html")
	fpPage := filepath.Join("static", "protection.html")

	tmpl, err := template.ParseFiles(fpPage, fpTemplate)
	if err != nil {
		log.Println("webserver.protection: " + err.Error())
	}

	err = tmpl.ExecuteTemplate(w, "template.html", nil)
	if err != nil {
		log.Println("webserver.protection: " + err.Error())
	}
}

type View struct {
	Data string
}

func config(w http.ResponseWriter, r *http.Request) {
	fpTemplate := filepath.Join("static", "template.html")
	fpPage := filepath.Join("static", "config.html")

	tmpl, err := template.ParseFiles(fpPage, fpTemplate)
	if err != nil {
		log.Println("webserver.config: " + err.Error())
	}

	bt, err := json.MarshalIndent(Settings, "", " ")
	vd := View{string(bt)}

	//vd := ViewData{&Settings}

	err = tmpl.ExecuteTemplate(w, "template.html", vd)
	if err != nil {
		log.Println("webserver.config: " + err.Error())
	}
}

func requireAuth(h http.Handler) http.Handler {
	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
		if cookie, err := r.Cookie("Shield"); err == nil {
			value := make(map[string]string)
			if err = secCookie.Decode("Shield", cookie.Value, &value); err == nil {
				log.Println("webserver.requireAuth: unauthorized access denied " + r.RemoteAddr)
			}
		}
		h.ServeHTTP(w, r)
	})
}
v0.1 2 years ago			`package management`

			`import (`
			`"encoding/json"`
			`"log"`
			`"net/http"`
			`"path/filepath"`
			`"text/template"`

			`"github.com/asaskevich/govalidator"`
			`"github.com/cr3a70r/shield/Utils"`
			`"github.com/gorilla/mux"`
			`"github.com/gorilla/securecookie"`
			`)`

			`var hashKey = []byte("ckjstkldx-rlkjcmskl-rdlskjtmd")`
			`var blockKey = []byte("opbckswle-sdnfekjtiw-dsmnwhekskd")`
			`var secCookie = securecookie.New(hashKey, blockKey)`

			`func StartWebserver(addr string) {`
			`router := mux.NewRouter()`

			`router.HandleFunc("/", renderIndex)`
			`router.HandleFunc("/config", config)`
			`router.HandleFunc("/dashboard", dashboard)`
			`router.HandleFunc("/protection", protection)`
			`router.HandleFunc("/config", config)`

			`log.Fatal(http.ListenAndServe(addr, router))`
			`}`

			`func health(writer http.ResponseWriter, req *http.Request) {`
			`Utils.RespondJSON("Unknown state", 200, writer)`
			`}`

			`func renderIndex(w http.ResponseWriter, r *http.Request) {`
			`if r.Method == "POST" {`

			`r.ParseForm()`
			`if !govalidator.IsEmail(r.FormValue("Email")) {`
			`log.Println("webserver.auth: email not found")`
			`}`

			`success, err := Settings.CheckPassword(r.FormValue("Email"), r.FormValue("Password"))`
			`if err != nil {`
			`log.Println("webserver.auth: unseccessful auth ")`
			`log.Println(err)`

			`} else if success {`
			`log.Println("webserver.auth: login")`
			`log.Println(r.FormValue("Email"))`

			`value := map[string]string{`
			`"email": r.FormValue("Email"),`
			`"password": r.FormValue("Password"),`
			`}`
			`encoded, err := secCookie.Encode("Shield", value)`

			`Settings.SaveCookie(r.FormValue("Email"), encoded)`

			`if err != nil {`
			`log.Println("webserver.auth: failed to encode cookie")`
			`}`
			`cookie := &http.Cookie{`
			`Name: "Shield",`
			`Value: encoded,`
			`Path: "/",`
			`}`
			`http.SetCookie(w, cookie)`
			`r.Header.Set("x-shield", encoded)`

			`http.Redirect(w, r, "/dashboard", http.StatusSeeOther)`
			`}`
			`}`

			`parsedTemplate, _ := template.ParseFiles("static/index.html")`
			`err := parsedTemplate.Execute(w, "")`
			`if err != nil {`
			`log.Println("Error executing template :", err)`
			`return`
			`}`

			`defer r.Body.Close()`
			`}`

			`func dashboard(w http.ResponseWriter, r *http.Request) {`
			`fpTemplate := filepath.Join("static", "template.html")`
			`fpPage := filepath.Join("static", "dashboard.html")`

			`tmpl, err := template.ParseFiles(fpPage, fpTemplate)`

			`if err != nil {`
			`log.Println("webserver.dashboard: " + err.Error())`
			`}`

			`err = tmpl.ExecuteTemplate(w, "template.html", nil)`
			`if err != nil {`
			`log.Println("webserver.dashboard: " + err.Error())`
			`}`
			`}`

			`func protection(w http.ResponseWriter, r *http.Request) {`
			`fpTemplate := filepath.Join("static", "template.html")`
			`fpPage := filepath.Join("static", "protection.html")`

			`tmpl, err := template.ParseFiles(fpPage, fpTemplate)`
			`if err != nil {`
			`log.Println("webserver.protection: " + err.Error())`
			`}`

			`err = tmpl.ExecuteTemplate(w, "template.html", nil)`
			`if err != nil {`
			`log.Println("webserver.protection: " + err.Error())`
			`}`
			`}`

			`type View struct {`
			`Data string`
			`}`

			`func config(w http.ResponseWriter, r *http.Request) {`
			`fpTemplate := filepath.Join("static", "template.html")`
			`fpPage := filepath.Join("static", "config.html")`

			`tmpl, err := template.ParseFiles(fpPage, fpTemplate)`
			`if err != nil {`
			`log.Println("webserver.config: " + err.Error())`
			`}`

			`bt, err := json.MarshalIndent(Settings, "", " ")`
			`vd := View{string(bt)}`

			`//vd := ViewData{&Settings}`

			`err = tmpl.ExecuteTemplate(w, "template.html", vd)`
			`if err != nil {`
			`log.Println("webserver.config: " + err.Error())`
			`}`
			`}`

			`func requireAuth(h http.Handler) http.Handler {`
			`return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {`
			`if cookie, err := r.Cookie("Shield"); err == nil {`
			`value := make(map[string]string)`
			`if err = secCookie.Decode("Shield", cookie.Value, &value); err == nil {`
			`log.Println("webserver.requireAuth: unauthorized access denied " + r.RemoteAddr)`
			`}`
			`}`
			`h.ServeHTTP(w, r)`
			`})`
			`}`