From ea65e6b43ce6c62b4c80b0ad50cc5145382cd896 Mon Sep 17 00:00:00 2001
From: Christoph Haas <christoph.h@sprinternet.at>
Date: Sat, 7 Nov 2020 11:47:52 +0100
Subject: [PATCH] wip: create/update/...

---
 internal/server/handlers.go    | 91 +++++++++++++++++-----------------
 internal/wireguard/template.go |  1 +
 2 files changed, 47 insertions(+), 45 deletions(-)

diff --git a/internal/server/handlers.go b/internal/server/handlers.go
index 7ae946c..3577ccd 100644
--- a/internal/server/handlers.go
+++ b/internal/server/handlers.go
@@ -7,6 +7,8 @@ import (
 	"strings"
 	"time"
 
+	"golang.zx2c4.com/wireguard/wgctrl/wgtypes"
+
 	"github.com/gin-gonic/gin"
 )
 
@@ -273,7 +275,9 @@ func (s *Server) PostAdminEditPeer(c *gin.Context) {
 
 func (s *Server) GetAdminCreatePeer(c *gin.Context) {
 	device := s.users.GetDevice()
-	user := s.users.GetUserByKey(c.Query("pkey"))
+	user := User{}
+	user.AllowedIPsStr = device.AllowedIPsStr
+	user.IPsStr = "" // TODO: add a valid ip here
 
 	c.HTML(http.StatusOK, "admin_edit_client.html", struct {
 		Route   string
@@ -293,13 +297,26 @@ func (s *Server) GetAdminCreatePeer(c *gin.Context) {
 }
 
 func (s *Server) PostAdminCreatePeer(c *gin.Context) {
-	device := s.users.GetDevice()
-	var err error
-
-	device.ListenPort, err = strconv.Atoi(c.PostForm("port"))
+	user := User{}
+	key, err := wgtypes.GeneratePrivateKey()
 	if err != nil {
-		s.setAlert(c, "invalid port: "+err.Error(), "danger")
-		c.Redirect(http.StatusSeeOther, "/admin/device/edit")
+		s.HandleError(c, http.StatusInternalServerError, "Private key generation error", err.Error())
+		return
+	}
+	user.PrivateKey = key.String()
+	user.PublicKey = key.PublicKey().String()
+
+	user.Identifier = c.PostForm("identifier")
+	if user.Identifier == "" {
+		s.setAlert(c, "invalid identifier, must not be empty", "danger")
+		c.Redirect(http.StatusSeeOther, "/admin/peer/create")
+		return
+	}
+
+	user.Email = c.PostForm("mail")
+	if user.Email == "" {
+		s.setAlert(c, "invalid email, must not be empty", "danger")
+		c.Redirect(http.StatusSeeOther, "/admin/peer/create")
 		return
 	}
 
@@ -314,23 +331,10 @@ func (s *Server) PostAdminCreatePeer(c *gin.Context) {
 	}
 	if len(validatedIPs) == 0 {
 		s.setAlert(c, "invalid ip address", "danger")
-		c.Redirect(http.StatusSeeOther, "/admin/device/edit")
+		c.Redirect(http.StatusSeeOther, "/admin/peer/create")
 		return
 	}
-	device.IPs = validatedIPs
-
-	device.Endpoint = c.PostForm("endpoint")
-
-	dnsField := c.PostForm("dns")
-	dns := strings.Split(dnsField, ",")
-	validatedDNS := make([]string, 0, len(dns))
-	for i := range dns {
-		dns[i] = strings.TrimSpace(dns[i])
-		if dns[i] != "" {
-			validatedDNS = append(validatedDNS, dns[i])
-		}
-	}
-	device.DNS = validatedDNS
+	user.IPs = validatedIPs
 
 	allowedIPField := c.PostForm("allowedip")
 	allowedIP := strings.Split(allowedIPField, ",")
@@ -341,40 +345,37 @@ func (s *Server) PostAdminCreatePeer(c *gin.Context) {
 			validatedAllowedIP = append(validatedAllowedIP, allowedIP[i])
 		}
 	}
-	device.AllowedIPs = validatedAllowedIP
+	user.AllowedIPs = validatedAllowedIP
 
-	device.Mtu, err = strconv.Atoi(c.PostForm("mtu"))
-	if err != nil {
-		s.setAlert(c, "invalid MTU: "+err.Error(), "danger")
-		c.Redirect(http.StatusSeeOther, "/admin/device/edit")
-		return
-	}
-
-	device.PersistentKeepalive, err = strconv.Atoi(c.PostForm("keepalive"))
-	if err != nil {
-		s.setAlert(c, "invalid PersistentKeepalive: "+err.Error(), "danger")
-		c.Redirect(http.StatusSeeOther, "/admin/device/edit")
-		return
+	user.IgnorePersistentKeepalive = c.PostForm("ignorekeepalive") != ""
+	disabled := c.PostForm("isdisabled") != ""
+	now := time.Now()
+	if disabled && user.DeactivatedAt == nil {
+		user.DeactivatedAt = &now
+	} else if !disabled {
+		user.DeactivatedAt = nil
 	}
 
 	// Update WireGuard device
-	err = s.wg.UpdateDevice(device.DeviceName, device.GetDeviceConfig())
-	if err != nil {
-		s.setAlert(c, "failed to update device in WireGuard: "+err.Error(), "danger")
-		c.Redirect(http.StatusSeeOther, "/admin/device/edit")
-		return
+	if user.DeactivatedAt == nil {
+		err = s.wg.AddPeer(user.GetPeerConfig())
+		if err != nil {
+			s.setAlert(c, "failed to add peer in WireGuard: "+err.Error(), "danger")
+			c.Redirect(http.StatusSeeOther, "/admin/peer/create")
+			return
+		}
 	}
 
 	// Update in database
-	err = s.users.UpdateDevice(device)
+	err = s.users.CreateUser(user)
 	if err != nil {
-		s.setAlert(c, "failed to update device in database: "+err.Error(), "danger")
-		c.Redirect(http.StatusSeeOther, "/admin/device/edit")
+		s.setAlert(c, "failed to add user in database: "+err.Error(), "danger")
+		c.Redirect(http.StatusSeeOther, "/admin/peer/create")
 		return
 	}
 
-	s.setAlert(c, "changes applied successfully", "success")
-	c.Redirect(http.StatusSeeOther, "/admin/device/edit")
+	s.setAlert(c, "client created successfully", "success")
+	c.Redirect(http.StatusSeeOther, "/admin")
 }
 
 func (s *Server) GetUserQRCode(c *gin.Context) {
diff --git a/internal/wireguard/template.go b/internal/wireguard/template.go
index c34cb20..a1ef935 100644
--- a/internal/wireguard/template.go
+++ b/internal/wireguard/template.go
@@ -2,6 +2,7 @@ package wireguard
 
 var (
 	ClientCfgTpl = `[Interface]
+#{{ .Client.Identifier }}
 Address = {{ .Client.IPsStr }}
 PrivateKey = {{ .Client.PrivateKey }}
 {{ if ne (len .Server.DNS) 0 -}}