djsundog
/
wg-portal
mirror of https://github.com/DJSundog/wg-portal.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

wip: create/update/...

This commit is contained in:
Christoph Haas 2020-11-08 10:26:18 +01:00
parent 3e92cc8551
commit a617cb1059
6 changed files with 103 additions and 27 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
assets/tpl/admin_create_clients.html
View File

@ -41,7 +41,7 @@
<div class="form-row">
<div class="form-group col-md-12">
<label for="inputIdentifier">Client Friendly Name (will be added as suffix to the name of the user)</label>
<input type="text" name="identifier" class="form-control" id="inputIdentifier" value="Primary">
<input type="text" name="identifier" class="form-control" id="inputIdentifier" value="Default">
</div>
</div>

5
assets/tpl/admin_index.html
View File

@ -111,8 +111,13 @@
<td>{{$p.PublicKey}}</td>
<td>{{$p.Email}}</td>
<td>{{$p.IPsStr}}</td>
{{if not $p.Peer}}
<td>? / ?</td>
<td>?</td>
{{else}}
<td>{{if $p.DeactivatedAt}}-{{else}}{{$p.Peer.ReceiveBytes}} / {{$p.Peer.TransmitBytes}}{{end}}</td>
<td>{{if $p.DeactivatedAt}}-{{else}}{{$p.Peer.LastHandshakeTime}}{{end}}</td>
{{end}}
<td>
{{if eq $.Session.IsAdmin true}}
<a href="/admin/peer/edit?pkey={{$p.PublicKey}}"><i class="fas fa-cog"></i></a>

18
internal/common/iputil.go
View File

@ -39,19 +39,19 @@ func IsIPv6(address string) bool {
return ip.To4() == nil
}
func ParseIPList(lst string) []string {
ips := strings.Split(lst, ",")
validatedIPs := make([]string, 0, len(ips))
for i := range ips {
ips[i] = strings.TrimSpace(ips[i])
if ips[i] != "" {
validatedIPs = append(validatedIPs, ips[i])
func ParseStringList(lst string) []string {
tokens := strings.Split(lst, ",")
validatedTokens := make([]string, 0, len(tokens))
for i := range tokens {
tokens[i] = strings.TrimSpace(tokens[i])
if tokens[i] != "" {
validatedTokens = append(validatedTokens, tokens[i])
}
}
return validatedIPs
return validatedTokens
}
func IPListToString(lst []string) string {
func ListToString(lst []string) string {
return strings.Join(lst, ", ")
}

100
internal/server/handlers.go
View File

@ -6,8 +6,11 @@ import (
"net/http"
"net/url"
"strconv"
"strings"
"time"
log "github.com/sirupsen/logrus"
"github.com/h44z/wg-portal/internal/ldap"
"github.com/h44z/wg-portal/internal/common"
@ -89,12 +92,12 @@ func (s *Server) PostAdminEditInterface(c *gin.Context) {
return
}
// Clean list input
formDevice.IPs = common.ParseIPList(formDevice.IPsStr)
formDevice.AllowedIPs = common.ParseIPList(formDevice.AllowedIPsStr)
formDevice.DNS = common.ParseIPList(formDevice.DNSStr)
formDevice.IPsStr = common.IPListToString(formDevice.IPs)
formDevice.AllowedIPsStr = common.IPListToString(formDevice.AllowedIPs)
formDevice.DNSStr = common.IPListToString(formDevice.DNS)
formDevice.IPs = common.ParseStringList(formDevice.IPsStr)
formDevice.AllowedIPs = common.ParseStringList(formDevice.AllowedIPsStr)
formDevice.DNS = common.ParseStringList(formDevice.DNSStr)
formDevice.IPsStr = common.ListToString(formDevice.IPs)
formDevice.AllowedIPsStr = common.ListToString(formDevice.AllowedIPs)
formDevice.DNSStr = common.ListToString(formDevice.DNS)
// Update WireGuard device
err := s.wg.UpdateDevice(formDevice.DeviceName, formDevice.GetDeviceConfig())
@ -149,10 +152,10 @@ func (s *Server) PostAdminEditPeer(c *gin.Context) {
}
// Clean list input
formUser.IPs = common.ParseIPList(formUser.IPsStr)
formUser.AllowedIPs = common.ParseIPList(formUser.AllowedIPsStr)
formUser.IPsStr = common.IPListToString(formUser.IPs)
formUser.AllowedIPsStr = common.IPListToString(formUser.AllowedIPs)
formUser.IPs = common.ParseStringList(formUser.IPsStr)
formUser.AllowedIPs = common.ParseStringList(formUser.AllowedIPsStr)
formUser.IPsStr = common.ListToString(formUser.IPs)
formUser.AllowedIPsStr = common.ListToString(formUser.AllowedIPs)
disabled := c.PostForm("isdisabled") != ""
now := time.Now()
@ -244,10 +247,10 @@ func (s *Server) PostAdminCreatePeer(c *gin.Context) {
}
// Clean list input
formUser.IPs = common.ParseIPList(formUser.IPsStr)
formUser.AllowedIPs = common.ParseIPList(formUser.AllowedIPsStr)
formUser.IPsStr = common.IPListToString(formUser.IPs)
formUser.AllowedIPsStr = common.IPListToString(formUser.AllowedIPs)
formUser.IPs = common.ParseStringList(formUser.IPsStr)
formUser.AllowedIPs = common.ParseStringList(formUser.AllowedIPsStr)
formUser.IPsStr = common.ListToString(formUser.IPs)
formUser.AllowedIPsStr = common.ListToString(formUser.AllowedIPs)
disabled := c.PostForm("isdisabled") != ""
now := time.Now()
@ -265,7 +268,7 @@ func (s *Server) PostAdminCreatePeer(c *gin.Context) {
}
}
// Update in database
// Create in database
err := s.users.CreateUser(formUser)
if err != nil {
s.setAlert(c, "failed to add user in database: "+err.Error(), "danger")
@ -297,6 +300,73 @@ func (s *Server) GetAdminCreateLdapPeers(c *gin.Context) {
})
}
func (s *Server) PostAdminCreateLdapPeers(c *gin.Context) {
email := c.PostForm("email")
identifier := c.PostForm("identifier")
if identifier == "" {
identifier = "Default"
}
if email == "" {
s.setAlert(c, "missing email address", "danger")
c.Redirect(http.StatusSeeOther, "/admin/peer/createldap")
return
}
emails := common.ParseStringList(email)
for i := range emails {
// TODO: also check email addr for validity?
if !strings.ContainsRune(emails[i], '@') || s.ldapUsers.GetUserDNByMail(emails[i]) == "" {
s.setAlert(c, "invalid email address: "+emails[i], "danger")
c.Redirect(http.StatusSeeOther, "/admin/peer/createldap")
return
}
}
log.Infof("creating %d ldap peers", len(emails))
device := s.users.GetDevice()
for i := range emails {
ldapUser := s.ldapUsers.GetUserData(s.ldapUsers.GetUserDNByMail(emails[i]))
user := User{}
user.AllowedIPsStr = device.AllowedIPsStr
user.IPsStr = "" // TODO: add a valid ip here
psk, err := wgtypes.GenerateKey()
if err != nil {
s.HandleError(c, http.StatusInternalServerError, "Preshared key generation error", err.Error())
return
}
key, err := wgtypes.GeneratePrivateKey()
if err != nil {
s.HandleError(c, http.StatusInternalServerError, "Private key generation error", err.Error())
return
}
user.PresharedKey = psk.String()
user.PrivateKey = key.String()
user.PublicKey = key.PublicKey().String()
user.UID = fmt.Sprintf("u%x", md5.Sum([]byte(user.PublicKey)))
user.Email = emails[i]
user.Identifier = fmt.Sprintf("%s %s (%s)", ldapUser.Firstname, ldapUser.Lastname, identifier)
// Create wireguard interface
err = s.wg.AddPeer(user.GetPeerConfig())
if err != nil {
s.setAlert(c, "failed to add peer in WireGuard: "+err.Error(), "danger")
c.Redirect(http.StatusSeeOther, "/admin/peer/createldap")
return
}
// Create in database
err = s.users.CreateUser(user)
if err != nil {
s.setAlert(c, "failed to add user in database: "+err.Error(), "danger")
c.Redirect(http.StatusSeeOther, "/admin/peer/createldap")
return
}
}
s.setAlert(c, "client(s) created successfully", "success")
c.Redirect(http.StatusSeeOther, "/admin/peer/createldap")
}
func (s *Server) GetUserQRCode(c *gin.Context) {
user := s.users.GetUserByKey(c.Query("pkey"))
png, err := user.GetQRCode()

1
internal/server/routes.go
View File

@ -27,6 +27,7 @@ func SetupRoutes(s *Server) {
admin.GET("/peer/create", s.GetAdminCreatePeer)
admin.POST("/peer/create", s.PostAdminCreatePeer)
admin.GET("/peer/createldap", s.GetAdminCreateLdapPeers)
admin.POST("/peer/createldap", s.PostAdminCreateLdapPeers)
// User routes
user := s.server.Group("/user")

4
internal/server/usermanager.go
View File

@ -32,7 +32,7 @@ import (
var cidrList validator.Func = func(fl validator.FieldLevel) bool {
cidrListStr := fl.Field().String()
cidrList := common.ParseIPList(cidrListStr)
cidrList := common.ParseStringList(cidrListStr)
for i := range cidrList {
_, _, err := net.ParseCIDR(cidrList[i])
if err != nil {
@ -45,7 +45,7 @@ var cidrList validator.Func = func(fl validator.FieldLevel) bool {
var ipList validator.Func = func(fl validator.FieldLevel) bool {
ipListStr := fl.Field().String()
ipList := common.ParseIPList(ipListStr)
ipList := common.ParseStringList(ipListStr)
for i := range ipList {
ip := net.ParseIP(ipList[i])
if ip == nil {