Can delete own aliases
All checks were successful
continuous-integration/drone/push Build is passing
All checks were successful
continuous-integration/drone/push Build is passing
This commit is contained in:
parent
e6a4271a75
commit
daab7bf699
60
addy.go
60
addy.go
@ -66,25 +66,32 @@ func checkAddyApiAuthorization(authorization []byte) *string {
|
||||
return &username
|
||||
}
|
||||
|
||||
func addyAliasAPI(w http.ResponseWriter, r *http.Request) {
|
||||
func addyAliasAPIAuth(r *http.Request) (*string, error) {
|
||||
// Check authorization header
|
||||
fields := strings.Fields(r.Header.Get("Authorization"))
|
||||
if len(fields) != 2 || fields[0] != "Bearer" {
|
||||
http.Error(w, "Authorization header should be a valid Bearer token", http.StatusUnauthorized)
|
||||
return
|
||||
return nil, fmt.Errorf("Authorization header should be a valid Bearer token")
|
||||
}
|
||||
|
||||
// Decode header
|
||||
authorization, err := base32.StdEncoding.DecodeString(fields[1])
|
||||
if err != nil {
|
||||
log.Println("Invalid Authorization header: %s", err.Error())
|
||||
http.Error(w, "Authorization header should be a valid Bearer token", http.StatusUnauthorized)
|
||||
return
|
||||
return nil, err
|
||||
}
|
||||
|
||||
user := checkAddyApiAuthorization(authorization)
|
||||
if user == nil {
|
||||
http.Error(w, "Not authorized", http.StatusUnauthorized)
|
||||
return nil, fmt.Errorf("Not authorized")
|
||||
}
|
||||
|
||||
return user, nil
|
||||
}
|
||||
|
||||
func addyAliasAPI(w http.ResponseWriter, r *http.Request) {
|
||||
user, err := addyAliasAPIAuth(r)
|
||||
if err != nil {
|
||||
http.Error(w, err.Error(), http.StatusUnauthorized)
|
||||
return
|
||||
}
|
||||
|
||||
@ -154,6 +161,47 @@ func addyAliasAPI(w http.ResponseWriter, r *http.Request) {
|
||||
}
|
||||
}
|
||||
|
||||
func addyAliasAPIDelete(w http.ResponseWriter, r *http.Request) {
|
||||
user, err := addyAliasAPIAuth(r)
|
||||
if err != nil {
|
||||
http.Error(w, err.Error(), http.StatusUnauthorized)
|
||||
return
|
||||
}
|
||||
|
||||
email := r.PathValue("alias")
|
||||
|
||||
conn, err := myLDAP.Connect()
|
||||
if err != nil || conn == nil {
|
||||
log.Println(err)
|
||||
http.Error(w, err.Error(), http.StatusInternalServerError)
|
||||
return
|
||||
}
|
||||
|
||||
err = conn.ServiceBind()
|
||||
if err != nil {
|
||||
log.Println(err)
|
||||
http.Error(w, err.Error(), http.StatusInternalServerError)
|
||||
return
|
||||
}
|
||||
|
||||
dn, err := conn.SearchDN(*user, true)
|
||||
if err != nil {
|
||||
log.Println(err)
|
||||
http.Error(w, err.Error(), http.StatusInternalServerError)
|
||||
return
|
||||
}
|
||||
|
||||
err = conn.DelMailAlias(dn, email)
|
||||
if err != nil {
|
||||
log.Println(err)
|
||||
http.Error(w, err.Error(), http.StatusInternalServerError)
|
||||
return
|
||||
}
|
||||
|
||||
log.Printf("Alias deleted for %s: %s", dn, email)
|
||||
http.Error(w, "", http.StatusOK)
|
||||
}
|
||||
|
||||
func generateRandomString(length int) string {
|
||||
charset := "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789"
|
||||
result := make([]byte, length)
|
||||
|
||||
8
login.go
8
login.go
@ -50,17 +50,21 @@ func tryLogin(w http.ResponseWriter, r *http.Request) {
|
||||
log.Println(err)
|
||||
displayTmplError(w, http.StatusInternalServerError, "login.html", map[string]interface{}{"error": err.Error()})
|
||||
} else {
|
||||
apiToken := AddyAPIToken(r.PostFormValue("login"))
|
||||
|
||||
cnt := "<ul>"
|
||||
for _, e := range entries {
|
||||
for _, v := range e.Values {
|
||||
for i, v := range e.Values {
|
||||
if e.Name == "userPassword" {
|
||||
cnt += "<li><strong>" + e.Name + ":</strong> <em>[...]</em></li>"
|
||||
} else if e.Name == "mailAlias" && len(strings.SplitN(v, "@", 2)[0]) == 10 {
|
||||
cnt += "<li id='" + fmt.Sprintf("mailAlias-%d", i) + "'><strong>" + e.Name + ":</strong> " + v + `<button type="button" class="mx-1 btn btn-sm btn-danger" onclick="fetch('/api/v1/aliases/` + v + `', {'method': 'delete', 'headers': {'Authorization': 'Bearer ` + apiToken + `'}}).then((res) => { if (res.ok) document.getElementById('` + fmt.Sprintf("mailAlias-%d", i) + `').remove(); });">Supprimer</a></li>`
|
||||
} else {
|
||||
cnt += "<li><strong>" + e.Name + ":</strong> " + v + "</li>"
|
||||
}
|
||||
}
|
||||
}
|
||||
displayTmpl(w, "message.html", map[string]interface{}{"details": template.HTML(`Login ok<br><br>Here are the information we have about you:` + cnt + "</ul><p>To use our Addy.io compatible API, use the following token: <code>" + AddyAPIToken(r.PostFormValue("login")) + "</code></p>")})
|
||||
displayTmpl(w, "message.html", map[string]interface{}{"details": template.HTML(`Login ok<br><br>Here are the information we have about you:` + cnt + "</ul><p>To use our Addy.io compatible API, use the following token: <code>" + apiToken + "</code></p>")})
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
3
main.go
3
main.go
@ -148,8 +148,9 @@ func main() {
|
||||
signal.Notify(interrupt, os.Interrupt, syscall.SIGTERM)
|
||||
|
||||
// Register handlers
|
||||
http.HandleFunc(fmt.Sprintf("%s/", *baseURL), changePassword)
|
||||
http.HandleFunc(fmt.Sprintf("%s/{$}", *baseURL), changePassword)
|
||||
http.HandleFunc(fmt.Sprintf("POST %s/api/v1/aliases", *baseURL), addyAliasAPI)
|
||||
http.HandleFunc(fmt.Sprintf("DELETE %s/api/v1/aliases/{alias}", *baseURL), addyAliasAPIDelete)
|
||||
http.HandleFunc(fmt.Sprintf("%s/auth", *baseURL), httpBasicAuth)
|
||||
http.HandleFunc(fmt.Sprintf("%s/login", *baseURL), tryLogin)
|
||||
http.HandleFunc(fmt.Sprintf("%s/change", *baseURL), changePassword)
|
||||
|
||||
Loading…
Reference in New Issue
Block a user