mirror of
https://github.com/donl/gPanel.git
synced 2026-06-30 06:12:06 -06:00
Merge pull request #106 from george-e-shaw-iv/master
Secure account credentials, track a server admin email/name for use in auto-generated emails to clients
This commit is contained in:
commit
7c35770f26
11 changed files with 231 additions and 18 deletions
3
.gitignore
vendored
3
.gitignore
vendored
|
|
@ -15,3 +15,6 @@ bundles/*
|
|||
|
||||
# IGNORE OSX FINDER FILES
|
||||
**.DS_Store
|
||||
|
||||
# IGNORE GOLAND IDE DIRECTORY
|
||||
.idea/
|
||||
|
|
|
|||
|
|
@ -104,8 +104,9 @@ func Create(res http.ResponseWriter, req *http.Request, logger *log.Logger, bund
|
|||
}
|
||||
|
||||
var defaultBundleUser database.Struct_Users
|
||||
var tempPass = encryption.RandomString(16)
|
||||
|
||||
defaultBundleUser.Pass, err = encryption.HashPassword("root")
|
||||
defaultBundleUser.Pass, err = encryption.HashPassword(tempPass)
|
||||
if err != nil {
|
||||
logger.Println(req.URL.Path + "::" + err.Error())
|
||||
http.Error(res, err.Error(), http.StatusInternalServerError)
|
||||
|
|
@ -135,6 +136,7 @@ func Create(res http.ResponseWriter, req *http.Request, logger *log.Logger, bund
|
|||
defer ds.Close()
|
||||
|
||||
var smtpSettings database.Struct_SMTP
|
||||
var adminSettings database.Struct_Admin
|
||||
|
||||
err = ds.Get(database.BUCKET_GENERAL, []byte("smtp"), &smtpSettings)
|
||||
if err != nil {
|
||||
|
|
@ -143,6 +145,13 @@ func Create(res http.ResponseWriter, req *http.Request, logger *log.Logger, bund
|
|||
return false
|
||||
}
|
||||
|
||||
err = ds.Get(database.BUCKET_GENERAL, []byte("admin"), &adminSettings)
|
||||
if err != nil {
|
||||
logger.Println(req.URL.Path + "::" + err.Error())
|
||||
http.Error(res, err.Error(), http.StatusInternalServerError)
|
||||
return false
|
||||
}
|
||||
|
||||
mail, err := emailer.New(smtpSettings.Type, emailer.Credentials{
|
||||
Username: smtpSettings.Username,
|
||||
Password: smtpSettings.Password,
|
||||
|
|
@ -159,7 +168,9 @@ func Create(res http.ResponseWriter, req *http.Request, logger *log.Logger, bund
|
|||
"Account Port: " + strconv.Itoa(createBundleRequestData.AccPort) + "\r\n" +
|
||||
"Public Port: " + strconv.Itoa(createBundleRequestData.PubPort) + "\r\n\n" +
|
||||
"Default account username: root\r\n" +
|
||||
"Default account password: root")
|
||||
"Default account password: " + tempPass + "\r\n\n" +
|
||||
"Any questions, comments, or concerns can be directed toward your server administrator " + adminSettings.Name +
|
||||
" at " + adminSettings.Email)
|
||||
|
||||
err = mail.SendSimple(createBundleRequestData.Email, "New gPanel Bundle - "+createBundleRequestData.Name, msg)
|
||||
if err != nil {
|
||||
|
|
@ -168,6 +179,13 @@ func Create(res http.ResponseWriter, req *http.Request, logger *log.Logger, bund
|
|||
return false
|
||||
}
|
||||
|
||||
err = mail.SendSimple(adminSettings.Email, "New gPanel Bundle - "+createBundleRequestData.Name, msg)
|
||||
if err != nil {
|
||||
logger.Println(req.URL.Path + "::" + err.Error())
|
||||
http.Error(res, err.Error(), http.StatusInternalServerError)
|
||||
return false
|
||||
}
|
||||
|
||||
res.WriteHeader(http.StatusOK)
|
||||
res.Write([]byte(createBundleRequestData.Name))
|
||||
|
||||
|
|
|
|||
45
pkg/api/settings/get_admin.go
Normal file
45
pkg/api/settings/get_admin.go
Normal file
|
|
@ -0,0 +1,45 @@
|
|||
package settings
|
||||
|
||||
import (
|
||||
"net/http"
|
||||
"strconv"
|
||||
"log"
|
||||
"github.com/Ennovar/gPanel/pkg/database"
|
||||
"encoding/json"
|
||||
)
|
||||
|
||||
func GetAdmin(res http.ResponseWriter, req *http.Request, logger *log.Logger, dir string) bool {
|
||||
if req.Method != "GET" {
|
||||
logger.Println(req.URL.Path + "::" + req.Method + "::" + strconv.Itoa(http.StatusMethodNotAllowed) + "::" + http.StatusText(http.StatusMethodNotAllowed))
|
||||
http.Error(res, http.StatusText(http.StatusMethodNotAllowed), http.StatusMethodNotAllowed)
|
||||
return false
|
||||
}
|
||||
|
||||
ds, err := database.Open(dir + database.DB_SETTINGS)
|
||||
if err != nil || ds == nil {
|
||||
logger.Println(req.URL.Path + "::" + err.Error())
|
||||
http.Error(res, err.Error(), http.StatusInternalServerError)
|
||||
return false
|
||||
}
|
||||
defer ds.Close()
|
||||
|
||||
var adminSettings database.Struct_Admin
|
||||
|
||||
err = ds.Get(database.BUCKET_GENERAL, []byte("admin"), &adminSettings)
|
||||
if err != nil {
|
||||
logger.Println(req.URL.Path + "::" + err.Error())
|
||||
http.Error(res, err.Error(), http.StatusInternalServerError)
|
||||
return false
|
||||
}
|
||||
|
||||
b, err := json.Marshal(adminSettings)
|
||||
if err != nil {
|
||||
logger.Println(req.URL.Path + "::" + err.Error())
|
||||
http.Error(res, err.Error(), http.StatusInternalServerError)
|
||||
return false
|
||||
}
|
||||
|
||||
res.WriteHeader(http.StatusOK)
|
||||
res.Write(b)
|
||||
return true
|
||||
}
|
||||
|
|
@ -1,11 +1,10 @@
|
|||
package email
|
||||
package settings
|
||||
|
||||
import (
|
||||
"encoding/json"
|
||||
"log"
|
||||
"net/http"
|
||||
"log"
|
||||
"strconv"
|
||||
|
||||
"encoding/json"
|
||||
"github.com/Ennovar/gPanel/pkg/database"
|
||||
)
|
||||
|
||||
44
pkg/api/settings/set_admin.go
Normal file
44
pkg/api/settings/set_admin.go
Normal file
|
|
@ -0,0 +1,44 @@
|
|||
package settings
|
||||
|
||||
import (
|
||||
"net/http"
|
||||
"log"
|
||||
"strconv"
|
||||
"github.com/Ennovar/gPanel/pkg/database"
|
||||
"encoding/json"
|
||||
)
|
||||
|
||||
func SetAdmin(res http.ResponseWriter, req *http.Request, logger *log.Logger, dir string) bool {
|
||||
if req.Method != "POST" {
|
||||
logger.Println(req.URL.Path + "::" + req.Method + "::" + strconv.Itoa(http.StatusMethodNotAllowed) + "::" + http.StatusText(http.StatusMethodNotAllowed))
|
||||
http.Error(res, http.StatusText(http.StatusMethodNotAllowed), http.StatusMethodNotAllowed)
|
||||
return false
|
||||
}
|
||||
|
||||
var adminSettingsRequestData database.Struct_Admin
|
||||
|
||||
err := json.NewDecoder(req.Body).Decode(&adminSettingsRequestData)
|
||||
if err != nil {
|
||||
logger.Println(req.URL.Path + "::" + err.Error())
|
||||
http.Error(res, err.Error(), http.StatusBadRequest)
|
||||
return false
|
||||
}
|
||||
|
||||
ds, err := database.Open(dir + database.DB_SETTINGS)
|
||||
if err != nil || ds == nil {
|
||||
logger.Println(req.URL.Path + "::" + err.Error())
|
||||
http.Error(res, err.Error(), http.StatusInternalServerError)
|
||||
return false
|
||||
}
|
||||
defer ds.Close()
|
||||
|
||||
err = ds.Put(database.BUCKET_GENERAL, []byte("admin"), adminSettingsRequestData)
|
||||
if err != nil {
|
||||
logger.Println(req.URL.Path + "::" + err.Error())
|
||||
http.Error(res, err.Error(), http.StatusInternalServerError)
|
||||
return false
|
||||
}
|
||||
|
||||
res.WriteHeader(http.StatusNoContent)
|
||||
return true
|
||||
}
|
||||
|
|
@ -1,13 +1,12 @@
|
|||
package email
|
||||
package settings
|
||||
|
||||
import (
|
||||
"encoding/json"
|
||||
"log"
|
||||
"net/http"
|
||||
"log"
|
||||
"strconv"
|
||||
|
||||
"github.com/Ennovar/gPanel/pkg/database"
|
||||
"encoding/json"
|
||||
"github.com/Ennovar/gPanel/pkg/emailer"
|
||||
"github.com/Ennovar/gPanel/pkg/database"
|
||||
)
|
||||
|
||||
func SetSMTP(res http.ResponseWriter, req *http.Request, logger *log.Logger, dir string) bool {
|
||||
|
|
@ -7,3 +7,8 @@ type Struct_SMTP struct {
|
|||
Server string `json:"server"`
|
||||
Port int `json:"port"`
|
||||
}
|
||||
|
||||
type Struct_Admin struct {
|
||||
Name string `json:"name"`
|
||||
Email string `json:"email"`
|
||||
}
|
||||
|
|
@ -9,10 +9,10 @@ import (
|
|||
"strings"
|
||||
|
||||
"github.com/Ennovar/gPanel/pkg/api/bundle"
|
||||
"github.com/Ennovar/gPanel/pkg/api/email"
|
||||
logapi "github.com/Ennovar/gPanel/pkg/api/log"
|
||||
"github.com/Ennovar/gPanel/pkg/api/server"
|
||||
"github.com/Ennovar/gPanel/pkg/api/user"
|
||||
"github.com/Ennovar/gPanel/pkg/api/settings"
|
||||
)
|
||||
|
||||
func (con *Controller) apiHandler(res http.ResponseWriter, req *http.Request) (bool, bool) {
|
||||
|
|
@ -89,10 +89,14 @@ func (con *Controller) apiHandler(res http.ResponseWriter, req *http.Request) (b
|
|||
return true, logapi.Read(res, req, con.APILogger, con.Directory)
|
||||
case "/log/delete":
|
||||
return true, logapi.Truncate(res, req, con.APILogger, con.Directory)
|
||||
case "/email/set_smtp":
|
||||
return true, email.SetSMTP(res, req, con.APILogger, con.Directory)
|
||||
case "/email/get_smtp":
|
||||
return true, email.GetSMTP(res, req, con.APILogger, con.Directory)
|
||||
case "/settings/set_smtp":
|
||||
return true, settings.SetSMTP(res, req, con.APILogger, con.Directory)
|
||||
case "/settings/get_smtp":
|
||||
return true, settings.GetSMTP(res, req, con.APILogger, con.Directory)
|
||||
case "/settings/set_admin":
|
||||
return true, settings.SetAdmin(res, req, con.APILogger, con.Directory)
|
||||
case "/settings/get_admin":
|
||||
return true, settings.GetAdmin(res, req, con.APILogger, con.Directory)
|
||||
default:
|
||||
return false, false
|
||||
}
|
||||
|
|
|
|||
|
|
@ -0,0 +1,60 @@
|
|||
var adminSettingsModal = jQuery('.admin-settings-modal');
|
||||
|
||||
jQuery('._js_admin-settings').on('click', function(e){
|
||||
e.preventDefault();
|
||||
|
||||
var xhr = new XMLHttpRequest();
|
||||
xhr.open('GET', 'api/settings/get_admin', true);
|
||||
xhr.send();
|
||||
|
||||
xhr.onloadend = function() {
|
||||
if(xhr.status == 200) {
|
||||
var resp = JSON.parse(xhr.response);
|
||||
|
||||
jQuery('#adminName').val(resp["name"]);
|
||||
jQuery('#adminEmail').val(resp["email"]);
|
||||
}
|
||||
adminSettingsModal.modal('show');
|
||||
}
|
||||
});
|
||||
|
||||
jQuery('._js_admin-settings-form').on('submit', function(e){
|
||||
e.preventDefault();
|
||||
|
||||
var flag = false;
|
||||
jQuery(this).find('input').each(function(i){
|
||||
if(jQuery(this) && jQuery(this).val()) return true;
|
||||
else {
|
||||
flag = true;
|
||||
return false;
|
||||
}
|
||||
});
|
||||
|
||||
if(flag) {
|
||||
alert('All inputs need to be filled out.');
|
||||
return;
|
||||
}
|
||||
|
||||
var requestData = {};
|
||||
requestData["name"] = jQuery(this).find('#adminName').val();
|
||||
requestData["email"] = jQuery(this).find('#adminEmail').val();
|
||||
|
||||
var xhr = new XMLHttpRequest();
|
||||
xhr.open(jQuery(this).attr('method'), jQuery(this).attr('action'), true);
|
||||
xhr.setRequestHeader('Content-Type', 'application/json; charset=UTF-8');
|
||||
xhr.send(JSON.stringify(requestData));
|
||||
|
||||
xhr.onloadend = function() {
|
||||
if(xhr.status == 204) {
|
||||
alert('Administrator settings successfully set.');
|
||||
}
|
||||
else {
|
||||
if(xhr.response != undefined && xhr.response.length != 0) {
|
||||
alert('Error: ' + xhr.response);
|
||||
}
|
||||
else {
|
||||
alert('An error has occurred, refresh and try again. If problem persists please contact your administrator.');
|
||||
}
|
||||
}
|
||||
}
|
||||
});
|
||||
|
|
@ -4,7 +4,7 @@ jQuery('._js_smtp-credentials').on('click', function(e){
|
|||
e.preventDefault();
|
||||
|
||||
var xhr = new XMLHttpRequest();
|
||||
xhr.open('GET', 'api/email/get_smtp', true);
|
||||
xhr.open('GET', 'api/settings/get_smtp', true);
|
||||
xhr.send();
|
||||
|
||||
xhr.onloadend = function() {
|
||||
|
|
|
|||
|
|
@ -295,7 +295,7 @@
|
|||
</button>
|
||||
</div>
|
||||
<div class="modal-body">
|
||||
<form class="_js_smtp-settings-form" action="api/email/set_smtp" method="POST">
|
||||
<form class="_js_smtp-settings-form" action="api/settings/set_smtp" method="POST">
|
||||
<div class="form-group">
|
||||
<label for="smtpType">Authentication Type</label>
|
||||
<select class="form-control" id="smtpType">
|
||||
|
|
@ -331,6 +331,40 @@
|
|||
</div>
|
||||
</div>
|
||||
|
||||
<!-- Administrator Settings Modal -->
|
||||
<div class="modal fade admin-settings-modal" tabindex="-1" role="dialog" aria-labelledby="admin-settings-modal" aria-hidden="true">
|
||||
<div class="modal-dialog modal-lg">
|
||||
<div class="modal-content">
|
||||
<div class="modal-header">
|
||||
<h5 class="modal-title">Administrator Settings</h5>
|
||||
<button type="button" class="close" data-dismiss="modal" aria-label="Close">
|
||||
<span aria-hidden="true">×</span>
|
||||
</button>
|
||||
</div>
|
||||
<div class="modal-body">
|
||||
<form class="_js_admin-settings-form" action="api/settings/set_admin" method="POST">
|
||||
<div class="form-group">
|
||||
<label for="adminName">Administrator Name</label>
|
||||
<input type="text" class="form-control" id="adminName" placeholder="Administrator Name" value="">
|
||||
<small class="form-text text-muted">This will be used in auto-generated emails sent to bundle clients.</small>
|
||||
</div>
|
||||
<div class="form-group">
|
||||
<label for="adminEmail">Administrator Email</label>
|
||||
<input type="email" class="form-control" id="adminEmail" placeholder="admin@domain.com" value="">
|
||||
<small class="form-text text-muted">A copy of each important email (auto-generated credentials, etc.) sent to bundle clients will also be sent to this email.</small>
|
||||
</div>
|
||||
<div class="btn-group" role="group">
|
||||
<button type="submit" class="btn btn-primary">Set Administrator Settings</button>
|
||||
</div>
|
||||
</form>
|
||||
</div>
|
||||
<div class="modal-footer">
|
||||
<button type="button" class="btn btn-secondary" data-dismiss="modal">Close</button>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
<div class="container">
|
||||
<div class="row">
|
||||
<div class="col-12">
|
||||
|
|
@ -383,6 +417,7 @@
|
|||
<h6 class="card-subtitle mb-4 text-muted">Set or update various settings, such as smtp credentials, that the server uses</h6>
|
||||
<div class="btn-group" role="group">
|
||||
<button type="button" class="btn btn-outline-primary _js_smtp-credentials">SMTP Credentials</button>
|
||||
<button type="button" class="btn btn-outline-primary _js_admin-settings">Administrator Settings</button>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
|
|
@ -436,6 +471,7 @@
|
|||
<script type="text/javascript" src="assets/js/panelHandlers/users/new_password.js"></script>
|
||||
|
||||
<script type="text/javascript" src="assets/js/panelHandlers/settings/smtp.js"></script>
|
||||
<script type="text/javascript" src="assets/js/panelHandlers/settings/admin.js"></script>
|
||||
<!-- KEEP AT BOTTOM OF BODY TAGS -->
|
||||
</body>
|
||||
</html>
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue