Please sign in

- -

- Email - -

- Password - -

- - - {{ if eq .error true }} -

- {{.message}} + +

+ + +

+ Username + + We'll never share your email with anyone else.

- {{end}} +

+ Password + +

+ + + {{ if eq .HasError true }} +

+ {{.Message}} +

+ {{end}} +

@@ -55,12 +56,9 @@

+ {{template "prt_footer.html" .}} - - - - \ No newline at end of file diff --git a/cmd/wg-portal/server.go b/cmd/wg-portal/server.go index 1a2ab22..76dcf02 100644 --- a/cmd/wg-portal/server.go +++ b/cmd/wg-portal/server.go @@ -112,6 +112,15 @@ s.server.StaticFS("/fonts", http.FS(fsMust(fs.Sub(Statics, "assets/fonts")))) //s.server.StaticFS("/tpl", http.FS(fsMust(fs.Sub(Templates, "assets/tpl")))) // TODO: remove, just for debugging... + s.server.GET("/favicon.ico", func(c *gin.Context) { + file, _ := Statics.ReadFile("assets/img/favicon.ico") + c.Data( + http.StatusOK, + "image/x-icon", + file, + ) + }) + return nil } diff --git a/cmd/wg-portal/ui/handler.go b/cmd/wg-portal/ui/handler.go index 0bf8c7b..fadf661 100644 --- a/cmd/wg-portal/ui/handler.go +++ b/cmd/wg-portal/ui/handler.go @@ -6,6 +6,7 @@ "github.com/h44z/wg-portal/cmd/wg-portal/common" "github.com/h44z/wg-portal/internal/portal" "github.com/sirupsen/logrus" + csrf "github.com/utrack/gin-csrf" ) type Handler struct { @@ -23,7 +24,27 @@ } func (h *Handler) RegisterRoutes(g *gin.Engine) { + csrfMiddleware := csrf.Middleware(csrf.Options{ + Secret: h.config.Core.SessionSecret, + ErrorFunc: func(c *gin.Context) { + c.String(400, "CSRF token mismatch") + c.Abort() + }, + }) + + // Entrypoint g.GET("/", h.GetIndex) + + // Auth routes + auth := g.Group("/auth") + auth.Use(csrfMiddleware) + auth.GET("/login", h.GetLogin) + //auth.POST("/login", s.PostLogin) + //auth.GET("/logout", s.GetLogout) + + // Admin routes + + // User routes } // @@ -48,6 +69,7 @@ if rawSessionData != nil { sessionData = rawSessionData.(common.SessionData) } else { + // init a new default session sessionData = common.SessionData{ Search: map[string]string{"peers": "", "userpeers": "", "users": ""}, SortedBy: map[string]string{"peers": "handshake", "userpeers": "id", "users": "email"}, diff --git a/cmd/wg-portal/ui/pages_core.go b/cmd/wg-portal/ui/pages_core.go index c654281..cd4b82c 100644 --- a/cmd/wg-portal/ui/pages_core.go +++ b/cmd/wg-portal/ui/pages_core.go @@ -6,6 +6,7 @@ "github.com/gin-gonic/gin" "github.com/h44z/wg-portal/internal" + csrf "github.com/utrack/gin-csrf" ) func (h *Handler) getStaticData() StaticData { @@ -30,3 +31,30 @@ "InterfaceNames": map[string]string{"wgX": "wgX descr"}, }) } + +func (h *Handler) GetLogin(c *gin.Context) { + currentSession := GetSessionData(c) + if currentSession.LoggedIn { + c.Redirect(http.StatusSeeOther, "/") // already logged in + } + + deepLink := c.DefaultQuery("dl", "") + authError := c.DefaultQuery("err", "") + errMsg := "Unknown error occurred, try again!" + switch authError { + case "missingdata": + errMsg = "Invalid login data retrieved, please fill out all fields and try again!" + case "authfail": + errMsg = "Authentication failed!" + case "loginreq": + errMsg = "Login required!" + } + + c.HTML(http.StatusOK, "login.html", gin.H{ + "HasError": authError != "", + "Message": errMsg, + "DeepLink": deepLink, + "Static": h.getStaticData(), + "Csrf": csrf.GetToken(c), + }) +} diff --git a/go.mod b/go.mod index c00966a..da42907 100644 --- a/go.mod +++ b/go.mod @@ -12,6 +12,7 @@ github.com/stretchr/testify v1.7.0 github.com/toorop/gin-logrus v0.0.0-20210225092905-2c785434f26f github.com/urfave/cli/v2 v2.3.0 + github.com/utrack/gin-csrf v0.0.0-20190424104817-40fb8d2c8fca github.com/vishvananda/netlink v1.1.0 golang.org/x/crypto v0.0.0-20210921155107-089bfa567519 golang.org/x/sys v0.0.0-20210630005230-0f9fa26af87c // indirect