From 62edcb3745f414212ee102c13429056f02cf31bd Mon Sep 17 00:00:00 2001 From: FChannel <> Date: Mon, 2 May 2022 16:03:32 -0700 Subject: admin login working --- routes/admin.go | 99 +++++++++++++++++++++++++++++++++++++++++++++++++++++---- 1 file changed, 93 insertions(+), 6 deletions(-) (limited to 'routes/admin.go') diff --git a/routes/admin.go b/routes/admin.go index a2f7cd2..a6978f4 100644 --- a/routes/admin.go +++ b/routes/admin.go @@ -1,26 +1,113 @@ package routes import ( + "bytes" + "encoding/json" + "fmt" + "io/ioutil" + "log" + "net/http" + "time" + + "github.com/FChannel0/FChannel-Server/activitypub" "github.com/FChannel0/FChannel-Server/config" "github.com/FChannel0/FChannel-Server/db" "github.com/FChannel0/FChannel-Server/util" "github.com/FChannel0/FChannel-Server/webfinger" "github.com/gofiber/fiber/v2" + "github.com/gofrs/uuid" ) -func AdminVerify(c *fiber.Ctx) error { - // STUB +func AdminVerify(ctx *fiber.Ctx) error { + identifier := ctx.FormValue("id") + code := ctx.FormValue("code") + + var verify db.Verify + verify.Identifier = identifier + verify.Code = code + + j, _ := json.Marshal(&verify) - return c.SendString("admin verify") + req, err := http.NewRequest("POST", config.Domain+"/auth", bytes.NewBuffer(j)) + + if err != nil { + log.Println("error making verify req") + return err + } + + req.Header.Set("Content-Type", config.ActivityStreams) + + resp, err := http.DefaultClient.Do(req) + + if err != nil { + log.Println("error getting verify resp") + return err + } + + defer resp.Body.Close() + + rBody, _ := ioutil.ReadAll(resp.Body) + + body := string(rBody) + + if resp.StatusCode != 200 { + return ctx.Redirect("/"+config.Key, http.StatusPermanentRedirect) + } + + //TODO remove redis dependency + sessionToken, _ := uuid.NewV4() + + _, err = db.Cache.Do("SETEX", sessionToken, "86400", body+"|"+verify.Code) + if err != nil { + return ctx.Redirect("/"+config.Key, http.StatusPermanentRedirect) + } + + ctx.Cookie(&fiber.Cookie{ + Name: "session_token", + Value: sessionToken.String(), + Expires: time.Now().UTC().Add(60 * 60 * 48 * time.Second), + }) + + return ctx.Redirect("/", http.StatusSeeOther) } -func AdminAuth(c *fiber.Ctx) error { - // STUB +// TODO remove this route it is mostly unneeded +func AdminAuth(ctx *fiber.Ctx) error { + var verify db.Verify + + err := json.Unmarshal(ctx.Body(), &verify) + + if err != nil { + log.Println("error get verify from json") + return err + } - return c.SendString("admin auth") + v, _ := db.GetVerificationByCode(verify.Code) + + if v.Identifier == verify.Identifier { + _, err := ctx.Write([]byte(v.Board)) + return err + } + + ctx.Response().Header.SetStatusCode(http.StatusBadRequest) + _, err = ctx.Write([]byte("")) + + return err } func AdminIndex(ctx *fiber.Ctx) error { + fmt.Println("admin index") + id, _ := db.GetPasswordFromSession(ctx) + actor, _ := webfinger.GetActorFromPath(ctx.Path(), "/"+config.Key+"/") + + if actor.Id == "" { + actor, _ = activitypub.GetActorByNameFromDB(config.Domain) + } + + if id == "" || (id != actor.Id && id != config.Domain) { + return ctx.Render("verify", fiber.Map{}) + } + actor, err := webfinger.GetActor(config.Domain) if err != nil { -- cgit v1.2.3