fixup! token-validator: wg tunnel API interface
This commit is contained in:
parent
cbebea37e5
commit
5de19436e0
2 changed files with 22 additions and 14 deletions
|
|
@ -19,7 +19,7 @@
|
|||
<td>
|
||||
<button class="btn btn-danger" ng-click="dropTunnel(tunnel)" disabled>
|
||||
<span class="spinner-border spinner-border-sm" role="status" aria-hidden="true" ng-show="tunnel.pleaseWaitDrop"></span>
|
||||
Supprimer
|
||||
Révoquer
|
||||
</button>
|
||||
</td>
|
||||
</tr>
|
||||
|
|
|
|||
|
|
@ -9,6 +9,7 @@ import (
|
|||
"fmt"
|
||||
"io"
|
||||
"net/http"
|
||||
"strings"
|
||||
"time"
|
||||
|
||||
"github.com/julienschmidt/httprouter"
|
||||
|
|
@ -26,10 +27,10 @@ func init() {
|
|||
})
|
||||
router.GET("/api/wg/", apiAuthHandler(showWgTunnel))
|
||||
router.GET("/api/wginfo", apiAuthHandler(func (student Student, ps httprouter.Params, body []byte) (interface{}, error) {
|
||||
return getTunnelInfo(student), nil
|
||||
return getTunnelInfo(student.Id), nil
|
||||
}))
|
||||
router.POST("/api/wg/", apiAuthHandler(genWgToken))
|
||||
router.GET("/api/wg/:token", apiAuthHandler(getWgTunnelInfo))
|
||||
router.POST("/api/wg/:token", apiHandler(getWgTunnelInfo))
|
||||
}
|
||||
|
||||
func showWgTunnel(student Student, ps httprouter.Params, body []byte) (interface{}, error) {
|
||||
|
|
@ -51,12 +52,13 @@ type TunnelInfo struct {
|
|||
SrvGW6 string `json:"srv_gw6"`
|
||||
}
|
||||
|
||||
func getTunnelInfo(student Student) TunnelInfo {
|
||||
func getTunnelInfo(student int64) TunnelInfo {
|
||||
srv_pubkey, _ := base64.StdEncoding.DecodeString("uSpqyYovvP4OG6wDxZ0Qkq45MfyK58PMUuPaLesY8FI=")
|
||||
return TunnelInfo{
|
||||
Status: "OK",
|
||||
SrvPubKey: []byte{'T', 'B', 'D'},
|
||||
SrvPubKey: srv_pubkey,
|
||||
SrvPort: 42912,
|
||||
CltIPv6: studentIP(student.Id),
|
||||
CltIPv6: studentIP(student),
|
||||
CltRange: 80,
|
||||
SrvGW6: "2a01:e0a:2b:2252::1",
|
||||
}
|
||||
|
|
@ -66,7 +68,7 @@ type PubTunnel struct {
|
|||
PubKey []byte
|
||||
}
|
||||
|
||||
func getWgTunnelInfo(student Student, ps httprouter.Params, body []byte) (interface{}, error) {
|
||||
func getWgTunnelInfo(ps httprouter.Params, body []byte) (interface{}, error) {
|
||||
// Access wg infos
|
||||
tokenhex := []byte(ps.ByName("token"))
|
||||
tokendec := make([]byte, hex.DecodedLen(len(tokenhex)))
|
||||
|
|
@ -75,7 +77,7 @@ func getWgTunnelInfo(student Student, ps httprouter.Params, body []byte) (interf
|
|||
return nil, err
|
||||
}
|
||||
|
||||
token, err := student.GetTunnelToken(tokendec[:n])
|
||||
token, err := GetTunnelToken(tokendec[:n])
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
|
@ -91,7 +93,7 @@ func getWgTunnelInfo(student Student, ps httprouter.Params, body []byte) (interf
|
|||
return nil, err
|
||||
}
|
||||
|
||||
return getTunnelInfo(student), nil
|
||||
return getTunnelInfo(token.IdStudent), nil
|
||||
}
|
||||
|
||||
|
||||
|
|
@ -103,13 +105,13 @@ type TunnelToken struct {
|
|||
Time time.Time
|
||||
}
|
||||
|
||||
func getTunnelToken(token []byte) (t TunnelToken, err error) {
|
||||
func GetTunnelToken(token []byte) (t TunnelToken, err error) {
|
||||
err = DBQueryRow("SELECT token, token_text, id_student, pubkey, time FROM student_tunnel_tokens WHERE token=? ORDER BY time DESC", token).Scan(&t.token, &t.TokenText, &t.IdStudent, &t.PubKey, &t.Time)
|
||||
return
|
||||
}
|
||||
|
||||
func tokenFromText(token string) []byte {
|
||||
sha := sha512.Sum512_256([]byte(token))
|
||||
sha := sha512.Sum512([]byte(token))
|
||||
return sha[:]
|
||||
}
|
||||
|
||||
|
|
@ -119,7 +121,7 @@ func (student Student) NewTunnelToken() (t TunnelToken, err error) {
|
|||
return
|
||||
}
|
||||
|
||||
t.TokenText = base64.RawStdEncoding.EncodeToString(tok)
|
||||
t.TokenText = strings.Replace(strings.Replace(strings.Replace(strings.Replace(strings.Replace(base64.RawStdEncoding.EncodeToString(tok), "/", ".", -1), "+", "_", -1), "O", "#", -1), "l", "$", -1), "I", ">", -1)
|
||||
t.token = tokenFromText(t.TokenText)
|
||||
t.IdStudent = student.Id
|
||||
|
||||
|
|
@ -169,7 +171,7 @@ func (t *TunnelToken) Update() (int64, error) {
|
|||
}
|
||||
|
||||
func GetStudentsTunnels() (ts []TunnelToken, err error) {
|
||||
if rows, errr := DBQuery("SELECT token, token_text, id_student, pubkey, time FROM student_tunnel_tokens T INNER JOIN (SELECT B.token, B.id_student, MAX(B.time) FROM student_tunnel_tokens B GROUP BY id_student) L ON T.token = L.token"); errr != nil {
|
||||
if rows, errr := DBQuery("SELECT T.token, T.token_text, T.id_student, T.pubkey, T.time FROM student_tunnel_tokens T INNER JOIN (SELECT B.id_student, MAX(B.time) AS time FROM student_tunnel_tokens B WHERE B.pubkey IS NOT NULL GROUP BY id_student) L ON T.id_student = L.id_student AND T.time = L.time"); errr != nil {
|
||||
return nil, errr
|
||||
} else {
|
||||
defer rows.Close()
|
||||
|
|
@ -198,9 +200,15 @@ func GenWGConfig(w io.Writer) (error) {
|
|||
}
|
||||
|
||||
for _, t := range ts {
|
||||
if t.PubKey == nil {
|
||||
continue
|
||||
}
|
||||
|
||||
w.Write([]byte(fmt.Sprintf(`[Peer]
|
||||
#IdStudent = %d
|
||||
#TokenText = %s
|
||||
PublicKey = %s
|
||||
AllowedIPs = %s/%d`, base64.StdEncoding.EncodeToString(t.PubKey), studentIP(t.IdStudent), 80)))
|
||||
AllowedIPs = %s/%d`, t.IdStudent, t.TokenText, base64.StdEncoding.EncodeToString(t.PubKey), studentIP(t.IdStudent), 80)))
|
||||
}
|
||||
|
||||
return nil
|
||||
|
|
|
|||
Reference in a new issue