package main import ( "html/template" "net/http" "strconv" "strings" "github.com/gorilla/mux" "github.com/gorilla/sessions" log "github.com/sirupsen/logrus" "golang.org/x/crypto/argon2" "golang.org/x/crypto/blake2b" "git.deuxfleurs.fr/Deuxfleurs/easybridge/connector" "git.deuxfleurs.fr/Deuxfleurs/easybridge/mxlib" ) const SESSION_NAME = "easybridge_session" var sessionsStore sessions.Store = nil var userKeys = map[string]*[32]byte{} func StartWeb(errch chan error) { session_key := blake2b.Sum256([]byte(config.SessionKey)) sessionsStore = sessions.NewCookieStore(session_key[:]) r := mux.NewRouter() r.HandleFunc("/", handleHome) r.HandleFunc("/logout", handleLogout) r.HandleFunc("/add/{protocol}", handleAdd) r.HandleFunc("/edit/{account}", handleEdit) r.HandleFunc("/delete/{account}", handleDelete) staticfiles := http.FileServer(http.Dir("static")) r.Handle("/static/{file:.*}", http.StripPrefix("/static/", staticfiles)) log.Printf("Starting web UI HTTP server on %s", config.WebBindAddr) go func() { err := http.ListenAndServe(config.WebBindAddr, logRequest(r)) if err != nil { errch <- err } }() } func logRequest(handler http.Handler) http.Handler { return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { log.Printf("%s %s %s\n", r.RemoteAddr, r.Method, r.URL) handler.ServeHTTP(w, r) }) } // ---- type LoginInfo struct { MxId string } func checkLogin(w http.ResponseWriter, r *http.Request) *LoginInfo { var login_info *LoginInfo session, err := sessionsStore.Get(r, SESSION_NAME) if err == nil { mxid, ok := session.Values["login_mxid"].(string) user_key, ok2 := session.Values["login_user_key"].([]byte) if ok && ok2 { if _, had_key := userKeys[mxid]; !had_key && len(user_key) == 32 { key := new([32]byte) copy(key[:], user_key) userKeys[mxid] = key LoadDbAccounts(mxid, key) } login_info = &LoginInfo{ MxId: mxid, } } } if login_info == nil { login_info = handleLogin(w, r) } return login_info } // ---- type HomeData struct { Login *LoginInfo Accounts []*Account } func handleHome(w http.ResponseWriter, r *http.Request) { templateHome := template.Must(template.ParseFiles("templates/layout.html", "templates/home.html")) login := checkLogin(w, r) if login == nil { return } templateHome.Execute(w, &HomeData{ Login: login, Accounts: ListAccounts(login.MxId), }) } func handleLogout(w http.ResponseWriter, r *http.Request) { session, err := sessionsStore.Get(r, SESSION_NAME) if err != nil { session, _ = sessionsStore.New(r, SESSION_NAME) } delete(session.Values, "login_mxid") err = session.Save(r, w) if err != nil { http.Error(w, err.Error(), http.StatusInternalServerError) return } http.Redirect(w, r, "/", http.StatusFound) } type LoginFormData struct { Username string WrongPass bool ErrorMessage string MatrixDomain string } func handleLogin(w http.ResponseWriter, r *http.Request) *LoginInfo { templateLogin := template.Must(template.ParseFiles("templates/layout.html", "templates/login.html")) data := &LoginFormData{ MatrixDomain: config.MatrixDomain, } if r.Method == "GET" { templateLogin.Execute(w, data) return nil } else if r.Method == "POST" { r.ParseForm() username := strings.Join(r.Form["username"], "") password := strings.Join(r.Form["password"], "") cli := mxlib.NewClient(config.Server, "") mxid, err := cli.PasswordLogin(username, password, "EZBRIDGE", "Easybridge") if err != nil { data.Username = username data.ErrorMessage = err.Error() templateLogin.Execute(w, data) return nil } key := new([32]byte) key_slice := argon2.IDKey([]byte(password), []byte("EZBRIDGE account store"), 3, 64*1024, 4, 32) copy(key[:], key_slice) userKeys[mxid] = key SaveDbAccounts(mxid, key) LoadDbAccounts(mxid, key) // Successfully logged in, save it to session session, err := sessionsStore.Get(r, SESSION_NAME) if err != nil { session, _ = sessionsStore.New(r, SESSION_NAME) } session.Values["login_mxid"] = mxid session.Values["login_user_key"] = key_slice err = session.Save(r, w) if err != nil { http.Error(w, err.Error(), http.StatusInternalServerError) return nil } return &LoginInfo{ MxId: mxid, } } else { http.Error(w, "Unsupported method", http.StatusBadRequest) return nil } } // ---- func handleAdd(w http.ResponseWriter, r *http.Request) { login := checkLogin(w, r) if login == nil { return } protocol := mux.Vars(r)["protocol"] configForm(w, r, login, "", protocol, map[string]string{}) } func handleEdit(w http.ResponseWriter, r *http.Request) { login := checkLogin(w, r) if login == nil { return } account := mux.Vars(r)["account"] acct := FindAccount(login.MxId, account) if acct == nil { http.Error(w, "No such account", http.StatusNotFound) return } configForm(w, r, login, account, acct.Protocol, acct.Config) } type ConfigFormData struct { ErrorMessage string Name string NameEditable bool InvalidName bool Protocol string Config map[string]string Errors map[string]string Schema connector.ConfigSchema } func configForm(w http.ResponseWriter, r *http.Request, login *LoginInfo, name string, protocol string, prevConfig map[string]string) { templateConfig := template.Must(template.ParseFiles("templates/layout.html", "templates/config.html")) data := &ConfigFormData{ Name: name, NameEditable: (name == ""), Protocol: protocol, Config: map[string]string{}, Errors: map[string]string{}, Schema: connector.Protocols[protocol].Schema, } for k, v := range prevConfig { data.Config[k] = v } for _, sch := range data.Schema { if _, ok := data.Config[sch.Name]; !ok && sch.Default != "" { data.Config[sch.Name] = sch.Default } } if r.Method == "POST" { ok := true r.ParseForm() if data.NameEditable { data.Name = strings.Join(r.Form["name"], "") if data.Name == "" { ok = false data.InvalidName = true } } for _, schema := range data.Schema { field := schema.Name old_value := data.Config[field] data.Config[field] = strings.Join(r.Form[field], "") if schema.IsPassword { if data.Config[field] == "" { data.Config[field] = old_value } } else if data.Config[field] == "" { if schema.Required { ok = false data.Errors[field] = "This field is required" } } else if schema.FixedValue != "" { if data.Config[field] != schema.FixedValue { ok = false data.Errors[field] = "This field must be equal to " + schema.FixedValue } } else if schema.IsBoolean { if data.Config[field] != "false" && data.Config[field] != "true" { ok = false data.Errors[field] = "This field must be 'true' or 'false'" } } else if schema.IsNumeric { _, err := strconv.Atoi(data.Config[field]) if err != nil { ok = false data.Errors[field] = "This field must be a valid number" } } } if ok { var entry DbAccountConfig db.Where(&DbAccountConfig{ MxUserID: login.MxId, Name: data.Name, }).Assign(&DbAccountConfig{ Protocol: protocol, Config: encryptAccountConfig(data.Config, userKeys[login.MxId]), }).FirstOrCreate(&entry) err := SetAccount(login.MxId, data.Name, protocol, data.Config) if err == nil { http.Redirect(w, r, "/", http.StatusFound) return } data.ErrorMessage = err.Error() } } templateConfig.Execute(w, data) } func handleDelete(w http.ResponseWriter, r *http.Request) { templateDelete := template.Must(template.ParseFiles("templates/layout.html", "templates/delete.html")) login := checkLogin(w, r) if login == nil { return } account := mux.Vars(r)["account"] if r.Method == "POST" { r.ParseForm() del := strings.Join(r.Form["delete"], "") if del == "Yes" { RemoveAccount(login.MxId, account) db.Where(&DbAccountConfig{ MxUserID: login.MxId, Name: account, }).Delete(&DbAccountConfig{}) http.Redirect(w, r, "/", http.StatusFound) return } } templateDelete.Execute(w, account) }