torabkheslat
/
ZiCloud-API


			
				
					
						
						
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132
							package main

import (
	"crypto/aes"
	"crypto/cipher"
	"crypto/rand"
	"encoding/base64"
	"fmt"
	"github.com/labstack/echo"
	"io"
	"log"
	"log/syslog"
	"net/http"
	"net/smtp"
	"os"
	"time"
)

var _appversion string = "0.1"
var _appname string = "ZiCloud-API"
var URL string = "https://ipa-cl.zi-tel.com"

func audit(txt string) {

	syslogger, err := syslog.New(syslog.LOG_INFO, _appname)
	if err != nil {
		log.Fatalln(err)
	}
	log.SetOutput(syslogger)
	log.Println(txt)

}

var RealIP string

var secretKey = []byte("P*%!5+u!$y+cgM+P8bybzgnXpsd2Lv2z") // 32 bytes
func sendMail(str string, subject string, recipient string) {
	auth := smtp.PlainAuth("", "zicloud@zi-tel.com", "5Sd?^AQx@r2OGRvS?i|DO0", "mail.zi-tel.com")
	to := []string{recipient}
	buff := make([]byte, 8)
	rand.Read(buff)
	random_str := base64.StdEncoding.EncodeToString(buff)
	msg := []byte("To:" + recipient + "\r\n" +
		"Date: " + time.Now().String() + "\r\n" +
		"Message-Id: <" + random_str + "@ZiCloud.com>" + "\r\n" +
		"subject: " + subject + "\r\n" +
		"From: ZiCloud <" + "zicloud@zi-tel.com" + ">\r\n" +
		str)
	err := smtp.SendMail("mail.zi-tel.com:25", auth, "zicloud@zi-tel.com", to, msg)
	if err != nil {
		log.Fatal(err)
	}
}
func extractIP(next echo.HandlerFunc) echo.HandlerFunc {
	return func(c echo.Context) error {
		RealIP = c.RealIP()
		audit("Recieved request from: " + RealIP)
		return next(c)
	}
}
func main() {
	if len(os.Args) != 3 {
		fmt.Println("Wrong Usage:\n\t ./CMD IP Port")
		audit("Application in the wrong way")
		os.Exit(1)
	}
	echoHandler := echo.New()
	echoHandler.Use(extractIP)
	audit("Application " + _appname + " (" + _appversion + ") Started by " + os.Getenv("USER"))
	echoHandler.GET("/", func(c echo.Context) error {
		return c.String(http.StatusOK, "Hello, World!")
	})

	h := &handler{}
	echoHandler.POST("/login", h.login)

	echoHandler.GET("/private", h.private, isLoggedIn)

	echoHandler.GET("/admin", h.private, isLoggedIn, isAdmin)
	echoHandler.POST("/addUser", h.addUser, isLoggedIn, isAdmin)
	echoHandler.POST("/disableUser", h.disableUser, isLoggedIn, isAdmin)
	echoHandler.POST("/resetUser", h.resetUser)
	echoHandler.POST("/dnsrecordadd", h.dnsrecordadd, isLoggedIn, isAdmin)

	echoHandler.Logger.Fatal(echoHandler.Start(os.Args[1] + ":" + os.Args[2]))
}
func encrypt(key []byte, text string) string {
	// key := []byte(keyText)
	plaintext := []byte(text)

	block, err := aes.NewCipher(key)
	if err != nil {
		panic(err)
	}

	// The IV needs to be unique, but not secure. Therefore it's common to
	// include it at the beginning of the ciphertext.
	ciphertext := make([]byte, aes.BlockSize+len(plaintext))
	iv := ciphertext[:aes.BlockSize]
	if _, err := io.ReadFull(rand.Reader, iv); err != nil {
		panic(err)
	}

	stream := cipher.NewCFBEncrypter(block, iv)
	stream.XORKeyStream(ciphertext[aes.BlockSize:], plaintext)

	// convert to base64
	return base64.URLEncoding.EncodeToString(ciphertext)
}
func decrypt(key []byte, cryptoText string) string {
	ciphertext, _ := base64.URLEncoding.DecodeString(cryptoText)

	block, err := aes.NewCipher(key)
	if err != nil {
		panic(err)
	}

	// The IV needs to be unique, but not secure. Therefore it's common to
	// include it at the beginning of the ciphertext.
	if len(ciphertext) < aes.BlockSize {
		panic("ciphertext too short")
	}
	iv := ciphertext[:aes.BlockSize]
	ciphertext = ciphertext[aes.BlockSize:]

	stream := cipher.NewCFBDecrypter(block, iv)

	// XORKeyStream can work in-place if the two arguments are the same.
	stream.XORKeyStream(ciphertext, ciphertext)

	return fmt.Sprintf("%s", ciphertext)
}