main.go 3.9 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140
  1. package main
  2. import (
  3. "crypto/aes"
  4. "crypto/cipher"
  5. "crypto/rand"
  6. "encoding/base64"
  7. "fmt"
  8. "io"
  9. "log"
  10. "log/syslog"
  11. "net/http"
  12. "net/smtp"
  13. "os"
  14. "time"
  15. "github.com/labstack/echo"
  16. "github.com/labstack/echo/middleware"
  17. )
  18. var _appversion string = "0.1"
  19. var _appname string = "ZiCloud-API"
  20. var URL string = "https://ipa-cl.zi-tel.com"
  21. func audit(txt string) {
  22. syslogger, err := syslog.New(syslog.LOG_INFO, _appname)
  23. if err != nil {
  24. log.Fatalln(err)
  25. }
  26. log.SetOutput(syslogger)
  27. log.Println(txt)
  28. }
  29. var RealIP string
  30. var secretKey = []byte("P*%!5+u!$y+cgM+P8bybzgnXpsd2Lv2z") // 32 bytes
  31. func sendMail(str string, subject string, recipient string) {
  32. auth := smtp.PlainAuth("", "zicloud@zi-tel.com", "5Sd?^AQx@r2OGRvS?i|DO0", "mail.zi-tel.com")
  33. to := []string{recipient}
  34. buff := make([]byte, 8)
  35. rand.Read(buff)
  36. random_str := base64.StdEncoding.EncodeToString(buff)
  37. msg := []byte("To:" + recipient + "\r\n" +
  38. "Date: " + time.Now().Format(time.RFC1123) + "\r\n" +
  39. "Message-Id: <" + random_str + "@ZiCloud.com>" + "\r\n" +
  40. "subject: " + subject + "\r\n" +
  41. "From: ZiCloud <" + "zicloud@zi-tel.com" + ">\r\n" +
  42. str)
  43. err := smtp.SendMail("mail.zi-tel.com:25", auth, "zicloud@zi-tel.com", to, msg)
  44. if err != nil {
  45. log.Fatal(err)
  46. }
  47. }
  48. func extractIP(next echo.HandlerFunc) echo.HandlerFunc {
  49. return func(c echo.Context) error {
  50. RealIP = c.RealIP()
  51. audit("Recieved request from: " + RealIP)
  52. return next(c)
  53. }
  54. }
  55. func main() {
  56. if len(os.Args) != 3 {
  57. fmt.Println("Wrong Usage:\n\t ./CMD IP Port")
  58. audit("Application in the wrong way")
  59. os.Exit(1)
  60. }
  61. echoHandler := echo.New()
  62. echoHandler.Use(extractIP)
  63. echoHandler.Use(middleware.CORSWithConfig(middleware.CORSConfig{
  64. AllowOrigins: []string{"*", "*"},
  65. AllowMethods: []string{http.MethodGet, http.MethodPost},
  66. }))
  67. audit("Application " + _appname + " (" + _appversion + ") Started by " + os.Getenv("USER"))
  68. echoHandler.GET("/", func(c echo.Context) error {
  69. return c.String(http.StatusOK, "Hello, World!")
  70. })
  71. h := &handler{}
  72. echoHandler.POST("/login", h.login)
  73. echoHandler.GET("/private", h.private, isLoggedIn)
  74. echoHandler.GET("/admin", h.private, isLoggedIn, isAdmin)
  75. echoHandler.POST("/addUser", h.addUser, isLoggedIn, isAdmin)
  76. echoHandler.POST("/disableUser", h.disableUser, isLoggedIn, isAdmin)
  77. echoHandler.POST("/resetUser", h.resetUser)
  78. echoHandler.GET("/verifyUser", h.verifyUser)
  79. echoHandler.POST("/dnsrecordadd", h.dnsrecordadd, isLoggedIn, isAdmin)
  80. echoHandler.POST("/token", h.token, isLoggedIn)
  81. echoHandler.Logger.Fatal(echoHandler.Start(os.Args[1] + ":" + os.Args[2]))
  82. }
  83. func encrypt(key []byte, text string) string {
  84. // key := []byte(keyText)
  85. plaintext := []byte(text)
  86. block, err := aes.NewCipher(key)
  87. if err != nil {
  88. panic(err)
  89. }
  90. // The IV needs to be unique, but not secure. Therefore it's common to
  91. // include it at the beginning of the ciphertext.
  92. ciphertext := make([]byte, aes.BlockSize+len(plaintext))
  93. iv := ciphertext[:aes.BlockSize]
  94. if _, err := io.ReadFull(rand.Reader, iv); err != nil {
  95. panic(err)
  96. }
  97. stream := cipher.NewCFBEncrypter(block, iv)
  98. stream.XORKeyStream(ciphertext[aes.BlockSize:], plaintext)
  99. // convert to base64
  100. return base64.URLEncoding.EncodeToString(ciphertext)
  101. }
  102. func decrypt(key []byte, cryptoText string) string {
  103. ciphertext, _ := base64.URLEncoding.DecodeString(cryptoText)
  104. block, err := aes.NewCipher(key)
  105. if err != nil {
  106. panic(err)
  107. }
  108. // The IV needs to be unique, but not secure. Therefore it's common to
  109. // include it at the beginning of the ciphertext.
  110. if len(ciphertext) < aes.BlockSize {
  111. panic("ciphertext too short")
  112. }
  113. iv := ciphertext[:aes.BlockSize]
  114. ciphertext = ciphertext[aes.BlockSize:]
  115. stream := cipher.NewCFBDecrypter(block, iv)
  116. // XORKeyStream can work in-place if the two arguments are the same.
  117. stream.XORKeyStream(ciphertext, ciphertext)
  118. return fmt.Sprintf("%s", ciphertext)
  119. }
  120. type _response struct {
  121. Message string `json:"message"`
  122. Origin string `json:"origin"`
  123. Code int `json:"code"`
  124. }