You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
152 lines
3.8 KiB
152 lines
3.8 KiB
2 years ago
|
package management
|
||
|
|
||
|
import (
|
||
|
"encoding/json"
|
||
|
"log"
|
||
|
"net/http"
|
||
|
"path/filepath"
|
||
|
"text/template"
|
||
|
|
||
|
"github.com/asaskevich/govalidator"
|
||
|
"github.com/cr3a70r/shield/Utils"
|
||
|
"github.com/gorilla/mux"
|
||
|
"github.com/gorilla/securecookie"
|
||
|
)
|
||
|
|
||
|
var hashKey = []byte("ckjstkldx-rlkjcmskl-rdlskjtmd")
|
||
|
var blockKey = []byte("opbckswle-sdnfekjtiw-dsmnwhekskd")
|
||
|
var secCookie = securecookie.New(hashKey, blockKey)
|
||
|
|
||
|
func StartWebserver(addr string) {
|
||
|
router := mux.NewRouter()
|
||
|
|
||
|
router.HandleFunc("/", renderIndex)
|
||
|
router.HandleFunc("/config", config)
|
||
|
router.HandleFunc("/dashboard", dashboard)
|
||
|
router.HandleFunc("/protection", protection)
|
||
|
router.HandleFunc("/config", config)
|
||
|
|
||
|
log.Fatal(http.ListenAndServe(addr, router))
|
||
|
}
|
||
|
|
||
|
func health(writer http.ResponseWriter, req *http.Request) {
|
||
|
Utils.RespondJSON("Unknown state", 200, writer)
|
||
|
}
|
||
|
|
||
|
func renderIndex(w http.ResponseWriter, r *http.Request) {
|
||
|
if r.Method == "POST" {
|
||
|
|
||
|
r.ParseForm()
|
||
|
if !govalidator.IsEmail(r.FormValue("Email")) {
|
||
|
log.Println("webserver.auth: email not found")
|
||
|
}
|
||
|
|
||
|
success, err := Settings.CheckPassword(r.FormValue("Email"), r.FormValue("Password"))
|
||
|
if err != nil {
|
||
|
log.Println("webserver.auth: unseccessful auth ")
|
||
|
log.Println(err)
|
||
|
|
||
|
} else if success {
|
||
|
log.Println("webserver.auth: login")
|
||
|
log.Println(r.FormValue("Email"))
|
||
|
|
||
|
value := map[string]string{
|
||
|
"email": r.FormValue("Email"),
|
||
|
"password": r.FormValue("Password"),
|
||
|
}
|
||
|
encoded, err := secCookie.Encode("Shield", value)
|
||
|
|
||
|
Settings.SaveCookie(r.FormValue("Email"), encoded)
|
||
|
|
||
|
if err != nil {
|
||
|
log.Println("webserver.auth: failed to encode cookie")
|
||
|
}
|
||
|
cookie := &http.Cookie{
|
||
|
Name: "Shield",
|
||
|
Value: encoded,
|
||
|
Path: "/",
|
||
|
}
|
||
|
http.SetCookie(w, cookie)
|
||
|
r.Header.Set("x-shield", encoded)
|
||
|
|
||
|
http.Redirect(w, r, "/dashboard", http.StatusSeeOther)
|
||
|
}
|
||
|
}
|
||
|
|
||
|
parsedTemplate, _ := template.ParseFiles("static/index.html")
|
||
|
err := parsedTemplate.Execute(w, "")
|
||
|
if err != nil {
|
||
|
log.Println("Error executing template :", err)
|
||
|
return
|
||
|
}
|
||
|
|
||
|
defer r.Body.Close()
|
||
|
}
|
||
|
|
||
|
func dashboard(w http.ResponseWriter, r *http.Request) {
|
||
|
fpTemplate := filepath.Join("static", "template.html")
|
||
|
fpPage := filepath.Join("static", "dashboard.html")
|
||
|
|
||
|
tmpl, err := template.ParseFiles(fpPage, fpTemplate)
|
||
|
|
||
|
if err != nil {
|
||
|
log.Println("webserver.dashboard: " + err.Error())
|
||
|
}
|
||
|
|
||
|
err = tmpl.ExecuteTemplate(w, "template.html", nil)
|
||
|
if err != nil {
|
||
|
log.Println("webserver.dashboard: " + err.Error())
|
||
|
}
|
||
|
}
|
||
|
|
||
|
func protection(w http.ResponseWriter, r *http.Request) {
|
||
|
fpTemplate := filepath.Join("static", "template.html")
|
||
|
fpPage := filepath.Join("static", "protection.html")
|
||
|
|
||
|
tmpl, err := template.ParseFiles(fpPage, fpTemplate)
|
||
|
if err != nil {
|
||
|
log.Println("webserver.protection: " + err.Error())
|
||
|
}
|
||
|
|
||
|
err = tmpl.ExecuteTemplate(w, "template.html", nil)
|
||
|
if err != nil {
|
||
|
log.Println("webserver.protection: " + err.Error())
|
||
|
}
|
||
|
}
|
||
|
|
||
|
type View struct {
|
||
|
Data string
|
||
|
}
|
||
|
|
||
|
func config(w http.ResponseWriter, r *http.Request) {
|
||
|
fpTemplate := filepath.Join("static", "template.html")
|
||
|
fpPage := filepath.Join("static", "config.html")
|
||
|
|
||
|
tmpl, err := template.ParseFiles(fpPage, fpTemplate)
|
||
|
if err != nil {
|
||
|
log.Println("webserver.config: " + err.Error())
|
||
|
}
|
||
|
|
||
|
bt, err := json.MarshalIndent(Settings, "", " ")
|
||
|
vd := View{string(bt)}
|
||
|
|
||
|
//vd := ViewData{&Settings}
|
||
|
|
||
|
err = tmpl.ExecuteTemplate(w, "template.html", vd)
|
||
|
if err != nil {
|
||
|
log.Println("webserver.config: " + err.Error())
|
||
|
}
|
||
|
}
|
||
|
|
||
|
func requireAuth(h http.Handler) http.Handler {
|
||
|
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
|
||
|
if cookie, err := r.Cookie("Shield"); err == nil {
|
||
|
value := make(map[string]string)
|
||
|
if err = secCookie.Decode("Shield", cookie.Value, &value); err == nil {
|
||
|
log.Println("webserver.requireAuth: unauthorized access denied " + r.RemoteAddr)
|
||
|
}
|
||
|
}
|
||
|
h.ServeHTTP(w, r)
|
||
|
})
|
||
|
}
|