123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140 |
- package main
- import (
- "crypto/aes"
- "crypto/cipher"
- "crypto/rand"
- "encoding/base64"
- "fmt"
- "io"
- "log"
- "log/syslog"
- "net/http"
- "net/smtp"
- "os"
- "time"
- "github.com/labstack/echo"
- "github.com/labstack/echo/middleware"
- )
- var _appversion string = "0.1"
- var _appname string = "ZiCloud-API"
- var URL string = "https://ipa-cl.zi-tel.com"
- func audit(txt string) {
- syslogger, err := syslog.New(syslog.LOG_INFO, _appname)
- if err != nil {
- log.Fatalln(err)
- }
- log.SetOutput(syslogger)
- log.Println(txt)
- }
- var RealIP string
- var secretKey = []byte("P*%!5+u!$y+cgM+P8bybzgnXpsd2Lv2z") // 32 bytes
- func sendMail(str string, subject string, recipient string) {
- auth := smtp.PlainAuth("", "zicloud@zi-tel.com", "5Sd?^AQx@r2OGRvS?i|DO0", "mail.zi-tel.com")
- to := []string{recipient}
- buff := make([]byte, 8)
- rand.Read(buff)
- random_str := base64.StdEncoding.EncodeToString(buff)
- msg := []byte("To:" + recipient + "\r\n" +
- "Date: " + time.Now().Format(time.RFC1123) + "\r\n" +
- "Message-Id: <" + random_str + "@ZiCloud.com>" + "\r\n" +
- "subject: " + subject + "\r\n" +
- "From: ZiCloud <" + "zicloud@zi-tel.com" + ">\r\n" +
- str)
- err := smtp.SendMail("mail.zi-tel.com:25", auth, "zicloud@zi-tel.com", to, msg)
- if err != nil {
- log.Fatal(err)
- }
- }
- func extractIP(next echo.HandlerFunc) echo.HandlerFunc {
- return func(c echo.Context) error {
- RealIP = c.RealIP()
- audit("Recieved request from: " + RealIP)
- return next(c)
- }
- }
- func main() {
- if len(os.Args) != 3 {
- fmt.Println("Wrong Usage:\n\t ./CMD IP Port")
- audit("Application in the wrong way")
- os.Exit(1)
- }
- echoHandler := echo.New()
- echoHandler.Use(extractIP)
- echoHandler.Use(middleware.CORSWithConfig(middleware.CORSConfig{
- AllowOrigins: []string{"*", "*"},
- AllowMethods: []string{http.MethodGet, http.MethodPost},
- }))
- audit("Application " + _appname + " (" + _appversion + ") Started by " + os.Getenv("USER"))
- echoHandler.GET("/", func(c echo.Context) error {
- return c.String(http.StatusOK, "Hello, World!")
- })
- h := &handler{}
- echoHandler.POST("/login", h.login)
- echoHandler.GET("/private", h.private, isLoggedIn)
- echoHandler.GET("/admin", h.private, isLoggedIn, isAdmin)
- echoHandler.POST("/addUser", h.addUser, isLoggedIn, isAdmin)
- echoHandler.POST("/disableUser", h.disableUser, isLoggedIn, isAdmin)
- echoHandler.POST("/resetUser", h.resetUser)
- echoHandler.GET("/verifyUser", h.verifyUser)
- echoHandler.POST("/dnsrecordadd", h.dnsrecordadd, isLoggedIn, isAdmin)
- echoHandler.POST("/token", h.token, isLoggedIn)
- echoHandler.Logger.Fatal(echoHandler.Start(os.Args[1] + ":" + os.Args[2]))
- }
- func encrypt(key []byte, text string) string {
- // key := []byte(keyText)
- plaintext := []byte(text)
- block, err := aes.NewCipher(key)
- if err != nil {
- panic(err)
- }
- // The IV needs to be unique, but not secure. Therefore it's common to
- // include it at the beginning of the ciphertext.
- ciphertext := make([]byte, aes.BlockSize+len(plaintext))
- iv := ciphertext[:aes.BlockSize]
- if _, err := io.ReadFull(rand.Reader, iv); err != nil {
- panic(err)
- }
- stream := cipher.NewCFBEncrypter(block, iv)
- stream.XORKeyStream(ciphertext[aes.BlockSize:], plaintext)
- // convert to base64
- return base64.URLEncoding.EncodeToString(ciphertext)
- }
- func decrypt(key []byte, cryptoText string) string {
- ciphertext, _ := base64.URLEncoding.DecodeString(cryptoText)
- block, err := aes.NewCipher(key)
- if err != nil {
- panic(err)
- }
- // The IV needs to be unique, but not secure. Therefore it's common to
- // include it at the beginning of the ciphertext.
- if len(ciphertext) < aes.BlockSize {
- panic("ciphertext too short")
- }
- iv := ciphertext[:aes.BlockSize]
- ciphertext = ciphertext[aes.BlockSize:]
- stream := cipher.NewCFBDecrypter(block, iv)
- // XORKeyStream can work in-place if the two arguments are the same.
- stream.XORKeyStream(ciphertext, ciphertext)
- return fmt.Sprintf("%s", ciphertext)
- }
- type _response struct {
- Message string `json:"message"`
- Origin string `json:"origin"`
- Code int `json:"code"`
- }
|