wip: mail...

2025-09-13 14:31:15 +00:00 · 2020-11-09 20:26:34 +01:00
parent 2e61b8c8bd
commit e8e8d08d98
16 changed files with 801 additions and 72 deletions
--- a/internal/server/core.go
+++ b/internal/server/core.go
@@ -3,6 +3,7 @@ package server
 import (
 	"encoding/gob"
 	"errors"
+	"html/template"
 	"math/rand"
 	"os"
 	"path/filepath"
@@ -15,7 +16,8 @@ import (
 	"github.com/h44z/wg-portal/internal/ldap"
 	log "github.com/sirupsen/logrus"

-	"github.com/gin-gonic/contrib/sessions"
+	"github.com/gin-contrib/sessions"
+	"github.com/gin-contrib/sessions/memstore"
 	"github.com/gin-gonic/gin"
 )

@@ -59,9 +61,10 @@ type StaticData struct {

 type Server struct {
 	// Core components
-	config *common.Config
-	server *gin.Engine
-	users  *UserManager
+	config  *common.Config
+	server  *gin.Engine
+	users   *UserManager
+	mailTpl *template.Template

 	// WireGuard stuff
 	wg *wireguard.Manager
@@ -105,6 +108,11 @@ func (s *Server) Setup() error {
 	rDir, _ := filepath.Abs(filepath.Dir(os.Args[0]))
 	log.Infof("Real working directory: %s", rDir)
 	log.Infof("Current working directory: %s", dir)
+	var err error
+	s.mailTpl, err = template.New("email").ParseGlob(filepath.Join(dir, "/assets/tpl/email.html"))
+	if err != nil {
+		return errors.New("unable to pare mail template")
+	}

 	// Setup http server
 	s.server = gin.Default()
@@ -112,7 +120,7 @@ func (s *Server) Setup() error {
 	// Setup templates
 	log.Infof("Loading templates from: %s", filepath.Join(dir, "/assets/tpl/*.html"))
 	s.server.LoadHTMLGlob(filepath.Join(dir, "/assets/tpl/*.html"))
-	s.server.Use(sessions.Sessions("authsession", sessions.NewCookieStore([]byte("secret"))))
+	s.server.Use(sessions.Sessions("authsession", memstore.NewStore([]byte("secret")))) // TODO: change key?

 	// Serve static files
 	s.server.Static("/css", filepath.Join(dir, "/assets/css"))
@@ -168,7 +176,7 @@ func (s *Server) getSessionData(c *gin.Context) SessionData {
 		sessionData = rawSessionData.(SessionData)
 	} else {
 		sessionData = SessionData{
-			SortedBy:      "sn",
+			SortedBy:      "mail",
 			SortDirection: "asc",
 			Firstname:     "",
 			Lastname:      "",
--- a/internal/server/handlers.go
+++ b/internal/server/handlers.go
@@ -1,6 +1,7 @@
 package server

 import (
+	"bytes"
 	"net/http"
 	"net/url"
 	"strconv"
@@ -54,21 +55,60 @@ func (s *Server) HandleError(c *gin.Context, code int, message, details string)
 }

 func (s *Server) GetAdminIndex(c *gin.Context) {
+	currentSession := s.getSessionData(c)
+
+	sort := c.Query("sort")
+	if sort != "" {
+		if currentSession.SortedBy != sort {
+			currentSession.SortedBy = sort
+			currentSession.SortDirection = "asc"
+		} else {
+			if currentSession.SortDirection == "asc" {
+				currentSession.SortDirection = "desc"
+			} else {
+				currentSession.SortDirection = "asc"
+			}
+		}
+
+		if err := s.updateSessionData(c, currentSession); err != nil {
+			s.HandleError(c, http.StatusInternalServerError, "sort error", "failed to save session")
+			return
+		}
+		c.Redirect(http.StatusSeeOther, "/admin")
+		return
+	}
+
+	search, searching := c.GetQuery("search")
+	if searching {
+		currentSession.Search = search
+
+		if err := s.updateSessionData(c, currentSession); err != nil {
+			s.HandleError(c, http.StatusInternalServerError, "search error", "failed to save session")
+			return
+		}
+		c.Redirect(http.StatusSeeOther, "/admin")
+		return
+	}
+
 	device := s.users.GetDevice()
-	users := s.users.GetAllUsers()
+	users := s.users.GetFilteredAndSortedUsers(currentSession.SortedBy, currentSession.SortDirection, currentSession.Search)

 	c.HTML(http.StatusOK, "admin_index.html", struct {
-		Route   string
-		Session SessionData
-		Static  StaticData
-		Peers   []User
-		Device  Device
+		Route      string
+		Alerts     AlertData
+		Session    SessionData
+		Static     StaticData
+		Peers      []User
+		TotalPeers int
+		Device     Device
 	}{
-		Route:   c.Request.URL.Path,
-		Session: s.getSessionData(c),
-		Static:  s.getStaticData(),
-		Peers:   users,
-		Device:  device,
+		Route:      c.Request.URL.Path,
+		Alerts:     s.getAlertData(c),
+		Session:    currentSession,
+		Static:     s.getStaticData(),
+		Peers:      users,
+		TotalPeers: len(s.users.GetAllUsers()),
+		Device:     device,
 	})
 }

@@ -357,6 +397,85 @@ func (s *Server) GetUserQRCode(c *gin.Context) {
 	return
 }

+func (s *Server) GetUserConfig(c *gin.Context) {
+	user := s.users.GetUserByKey(c.Query("pkey"))
+	cfg, err := user.GetClientConfigFile(s.users.GetDevice())
+	if err != nil {
+		s.HandleError(c, http.StatusInternalServerError, "ConfigFile error", err.Error())
+		return
+	}
+
+	c.Header("Content-Disposition", "attachment; filename="+user.GetConfigFileName())
+	c.Data(http.StatusOK, "application/config", cfg)
+	return
+}
+
+func (s *Server) GetUserConfigMail(c *gin.Context) {
+	user := s.users.GetUserByKey(c.Query("pkey"))
+	cfg, err := user.GetClientConfigFile(s.users.GetDevice())
+	if err != nil {
+		s.HandleError(c, http.StatusInternalServerError, "ConfigFile error", err.Error())
+		return
+	}
+	png, err := user.GetQRCode()
+	if err != nil {
+		s.HandleError(c, http.StatusInternalServerError, "QRCode error", err.Error())
+		return
+	}
+	// Apply mail template
+	var tplBuff bytes.Buffer
+	if err := s.mailTpl.Execute(&tplBuff, struct {
+		Client        User
+		QrcodePngName string
+	}{
+		Client:        user,
+		QrcodePngName: "wireguard-config.png",
+	}); err != nil {
+		s.HandleError(c, http.StatusInternalServerError, "Template error", err.Error())
+		return
+	}
+
+	// Send mail
+	attachments := []common.MailAttachment{
+		{
+			Name:        user.GetConfigFileName(),
+			ContentType: "application/config",
+			Data:        bytes.NewReader(cfg),
+		},
+		{
+			Name:        "wireguard-config.png",
+			ContentType: "image/png",
+			Data:        bytes.NewReader(png),
+		},
+	}
+
+	if err := common.SendEmailWithAttachments(s.config.Email, s.config.Core.MailFrom, "", "WireGuard VPN Configuration",
+		"Your mail client does not support HTML. Please find the configuration attached to this mail.", tplBuff.String(),
+		[]string{user.Email}, attachments); err != nil {
+		s.HandleError(c, http.StatusInternalServerError, "Email error", err.Error())
+		return
+	}
+
+	s.setAlert(c, "mail sent successfully", "success")
+	c.Redirect(http.StatusSeeOther, "/admin")
+}
+
+func (s *Server) GetDeviceConfig(c *gin.Context) {
+	device := s.users.GetDevice()
+	users := s.users.GetActiveUsers()
+	cfg, err := device.GetDeviceConfigFile(users)
+	if err != nil {
+		s.HandleError(c, http.StatusInternalServerError, "ConfigFile error", err.Error())
+		return
+	}
+
+	filename := strings.ToLower(device.DeviceName) + ".conf"
+
+	c.Header("Content-Disposition", "attachment; filename="+filename)
+	c.Data(http.StatusOK, "application/config", cfg)
+	return
+}
+
 func (s *Server) updateFormInSession(c *gin.Context, formData interface{}) error {
 	currentSession := s.getSessionData(c)
 	currentSession.FormData = formData
--- a/internal/server/handlers_auth.go
+++ b/internal/server/handlers_auth.go
@@ -68,7 +68,7 @@ func (s *Server) PostLogin(c *gin.Context) {
 		UserName:      username,
 		Firstname:     userData.Firstname,
 		Lastname:      userData.Lastname,
-		SortedBy:      "sn",
+		SortedBy:      "mail",
 		SortDirection: "asc",
 		Search:        "",
 	}
--- a/internal/server/routes.go
+++ b/internal/server/routes.go
@@ -22,6 +22,7 @@ func SetupRoutes(s *Server) {
 	admin.GET("/", s.GetAdminIndex)
 	admin.GET("/device/edit", s.GetAdminEditInterface)
 	admin.POST("/device/edit", s.PostAdminEditInterface)
+	admin.GET("/device/download", s.GetDeviceConfig)
 	admin.GET("/peer/edit", s.GetAdminEditPeer)
 	admin.POST("/peer/edit", s.PostAdminEditPeer)
 	admin.GET("/peer/create", s.GetAdminCreatePeer)
@@ -29,6 +30,8 @@ func SetupRoutes(s *Server) {
 	admin.GET("/peer/createldap", s.GetAdminCreateLdapPeers)
 	admin.POST("/peer/createldap", s.PostAdminCreateLdapPeers)
 	admin.GET("/peer/delete", s.GetAdminDeletePeer)
+	admin.GET("/peer/download", s.GetUserConfig)
+	admin.GET("/peer/email", s.GetUserConfigMail)

 	// User routes
 	user := s.server.Group("/user")
--- a/internal/server/usermanager.go
+++ b/internal/server/usermanager.go
@@ -7,6 +7,8 @@ import (
 	"fmt"
 	"net"
 	"reflect"
+	"regexp"
+	"sort"
 	"strings"
 	"text/template"
 	"time"
@@ -72,11 +74,13 @@ type User struct {
 	LdapUser *ldap.UserCacheHolderEntry `gorm:"-"` // optional, it is still possible to have users without ldap
 	Config   string                     `gorm:"-"`

-	UID        string `form:"uid" binding:"alphanum"` // uid for html identification
-	IsOnline   bool   `gorm:"-"`
-	IsNew      bool   `gorm:"-"`
-	Identifier string `form:"identifier" binding:"required,lt=64"` // Identifier AND Email make a WireGuard peer unique
-	Email      string `gorm:"index" form:"mail" binding:"required,email"`
+	UID               string `form:"uid" binding:"alphanum"` // uid for html identification
+	IsOnline          bool   `gorm:"-"`
+	IsNew             bool   `gorm:"-"`
+	Identifier        string `form:"identifier" binding:"required,lt=64"` // Identifier AND Email make a WireGuard peer unique
+	Email             string `gorm:"index" form:"mail" binding:"required,email"`
+	LastHandshake     string `gorm:"-"`
+	LastHandshakeTime string `gorm:"-"`

 	IgnorePersistentKeepalive bool     `form:"ignorekeepalive"`
 	PresharedKey              string   `form:"presharedkey" binding:"omitempty,base64"`
@@ -183,6 +187,11 @@ func (u User) ToMap() map[string]string {
 	return out
 }

+func (u User) GetConfigFileName() string {
+	reg := regexp.MustCompile("[^a-zA-Z0-9_-]+")
+	return reg.ReplaceAllString(strings.ReplaceAll(u.Identifier, " ", "-"), "") + ".conf"
+}
+
 //
 //  DEVICE --------------------------------------------------------------------------------------
 //
@@ -240,6 +249,28 @@ func (d Device) GetDeviceConfig() wgtypes.Config {
 	return cfg
 }

+func (d Device) GetDeviceConfigFile(clients []User) ([]byte, error) {
+	tpl, err := template.New("server").Funcs(template.FuncMap{"StringsJoin": strings.Join}).Parse(wireguard.DeviceCfgTpl)
+	if err != nil {
+		return nil, err
+	}
+
+	var tplBuff bytes.Buffer
+
+	err = tpl.Execute(&tplBuff, struct {
+		Clients []User
+		Server  Device
+	}{
+		Clients: clients,
+		Server:  d,
+	})
+	if err != nil {
+		return nil, err
+	}
+
+	return tplBuff.Bytes(), nil
+}
+
 //
 //  USER-MANAGER --------------------------------------------------------------------------------
 //
@@ -357,6 +388,23 @@ func (u *UserManager) populateUserData(user *User) {

 	// set data from WireGuard interface
 	user.Peer, _ = u.wg.GetPeer(user.PublicKey)
+	user.LastHandshake = "never"
+	user.LastHandshakeTime = "Never connected, or user is disabled."
+	if user.Peer != nil {
+		since := time.Since(user.Peer.LastHandshakeTime)
+		sinceSeconds := int(since.Round(time.Second).Seconds())
+		sinceMinutes := int(sinceSeconds / 60)
+		sinceSeconds -= sinceMinutes * 60
+
+		if sinceMinutes > 2*10080 { // 2 weeks
+			user.LastHandshake = "a while ago"
+		} else if sinceMinutes > 10080 { // 1 week
+			user.LastHandshake = "a week ago"
+		} else {
+			user.LastHandshake = fmt.Sprintf("%02dm %02ds", sinceMinutes, sinceSeconds)
+		}
+		user.LastHandshakeTime = user.Peer.LastHandshakeTime.Format(time.UnixDate)
+	}
 	user.IsOnline = false // todo: calculate online status

 	// set ldap data
@@ -383,6 +431,70 @@ func (u *UserManager) GetAllUsers() []User {
 	return users
 }

+func (u *UserManager) GetActiveUsers() []User {
+	users := make([]User, 0)
+	u.db.Where("deactivated_at IS NULL").Find(&users)
+
+	for i := range users {
+		u.populateUserData(&users[i])
+	}
+
+	return users
+}
+
+func (u *UserManager) GetFilteredAndSortedUsers(sortKey, sortDirection, search string) []User {
+	users := make([]User, 0)
+	u.db.Find(&users)
+
+	filteredUsers := make([]User, 0, len(users))
+	for i := range users {
+		u.populateUserData(&users[i])
+
+		if search == "" ||
+			strings.Contains(users[i].Email, search) ||
+			strings.Contains(users[i].Identifier, search) ||
+			strings.Contains(users[i].PublicKey, search) {
+			filteredUsers = append(filteredUsers, users[i])
+		}
+	}
+
+	sort.Slice(filteredUsers, func(i, j int) bool {
+		var sortValueLeft string
+		var sortValueRight string
+
+		switch sortKey {
+		case "id":
+			sortValueLeft = filteredUsers[i].Identifier
+			sortValueRight = filteredUsers[j].Identifier
+		case "pubKey":
+			sortValueLeft = filteredUsers[i].PublicKey
+			sortValueRight = filteredUsers[j].PublicKey
+		case "mail":
+			sortValueLeft = filteredUsers[i].Email
+			sortValueRight = filteredUsers[j].Email
+		case "ip":
+			sortValueLeft = filteredUsers[i].IPsStr
+			sortValueRight = filteredUsers[j].IPsStr
+		case "handshake":
+			if filteredUsers[i].Peer == nil {
+				return true
+			} else if filteredUsers[j].Peer == nil {
+				return false
+			}
+			sortValueLeft = filteredUsers[i].Peer.LastHandshakeTime.Format(time.RFC3339)
+			sortValueRight = filteredUsers[j].Peer.LastHandshakeTime.Format(time.RFC3339)
+		}
+
+		if sortDirection == "asc" {
+			return sortValueLeft < sortValueRight
+		} else {
+			return sortValueLeft > sortValueRight
+		}
+	})
+
+	return filteredUsers
+}
+
 func (u *UserManager) GetDevice() Device {
 	devices := make([]Device, 0, 1)
 	u.db.Find(&devices)