2023-02-26 22:26:09 +00:00
|
|
|
package main
|
|
|
|
|
|
|
|
import (
|
|
|
|
"net/http"
|
|
|
|
"./utils"
|
2023-03-10 20:59:56 +00:00
|
|
|
"./user"
|
2023-02-26 22:26:09 +00:00
|
|
|
"./proxy"
|
|
|
|
"github.com/gorilla/mux"
|
|
|
|
"strings"
|
2023-03-10 20:59:56 +00:00
|
|
|
"strconv"
|
|
|
|
"regexp"
|
|
|
|
"time"
|
|
|
|
"encoding/json"
|
2023-03-12 18:17:28 +00:00
|
|
|
"os"
|
2023-03-10 20:59:56 +00:00
|
|
|
"github.com/go-chi/chi/middleware"
|
|
|
|
"github.com/go-chi/httprate"
|
|
|
|
"crypto/tls"
|
2023-03-12 18:17:28 +00:00
|
|
|
spa "github.com/roberthodgen/spa-server"
|
2023-02-26 22:26:09 +00:00
|
|
|
)
|
|
|
|
|
2023-03-10 20:59:56 +00:00
|
|
|
var serverPortHTTP = ""
|
|
|
|
var serverPortHTTPS = ""
|
2023-02-26 22:26:09 +00:00
|
|
|
|
|
|
|
func startHTTPServer(router *mux.Router) {
|
2023-03-10 20:59:56 +00:00
|
|
|
utils.Log("Listening to HTTP on :" + serverPortHTTP)
|
2023-02-26 22:26:09 +00:00
|
|
|
|
|
|
|
err := http.ListenAndServe("0.0.0.0:" + serverPortHTTP, router)
|
|
|
|
|
|
|
|
if err != nil {
|
2023-03-10 20:59:56 +00:00
|
|
|
utils.Fatal("Listening to HTTP", err)
|
2023-02-26 22:26:09 +00:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
func startHTTPSServer(router *mux.Router, tlsCert string, tlsKey string) {
|
|
|
|
// redirect http to https
|
|
|
|
go (func () {
|
|
|
|
err := http.ListenAndServe("0.0.0.0:" + serverPortHTTP, http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
|
|
|
|
// change port in host
|
|
|
|
if strings.HasSuffix(r.Host, ":" + serverPortHTTP) {
|
|
|
|
if serverPortHTTPS != "443" {
|
|
|
|
r.Host = r.Host[:len(r.Host)-len(":" + serverPortHTTP)] + ":" + serverPortHTTPS
|
|
|
|
} else {
|
|
|
|
r.Host = r.Host[:len(r.Host)-len(":" + serverPortHTTP)]
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
http.Redirect(w, r, "https://"+r.Host+r.URL.String(), http.StatusMovedPermanently)
|
|
|
|
}))
|
|
|
|
if err != nil {
|
2023-03-10 20:59:56 +00:00
|
|
|
utils.Fatal("Listening to HTTP (Red)", err)
|
2023-02-26 22:26:09 +00:00
|
|
|
}
|
|
|
|
})()
|
|
|
|
|
2023-03-10 20:59:56 +00:00
|
|
|
utils.Log("Listening to HTTP on :" + serverPortHTTP)
|
|
|
|
utils.Log("Listening to HTTPS on :" + serverPortHTTPS)
|
|
|
|
|
|
|
|
utils.IsHTTPS = true
|
|
|
|
|
|
|
|
cert, errCert := tls.X509KeyPair(([]byte)(tlsCert), ([]byte)(tlsKey))
|
|
|
|
if errCert != nil {
|
|
|
|
utils.Fatal("Getting Certificate pair", errCert)
|
|
|
|
}
|
|
|
|
|
|
|
|
tlsConfig := &tls.Config{
|
|
|
|
Certificates: []tls.Certificate{cert},
|
|
|
|
// Other options
|
|
|
|
}
|
|
|
|
|
|
|
|
server := http.Server{
|
|
|
|
TLSConfig: tlsConfig,
|
|
|
|
Addr: utils.GetMainConfig().HTTPConfig.Hostname + ":" + serverPortHTTPS,
|
|
|
|
ReadTimeout: 0,
|
|
|
|
ReadHeaderTimeout: 10 * time.Second,
|
|
|
|
WriteTimeout: 0,
|
|
|
|
IdleTimeout: 30 * time.Second,
|
|
|
|
Handler: router,
|
|
|
|
}
|
2023-02-26 22:26:09 +00:00
|
|
|
|
|
|
|
// start https server
|
2023-03-10 20:59:56 +00:00
|
|
|
err := server.ListenAndServeTLS("", "")
|
2023-02-26 22:26:09 +00:00
|
|
|
|
|
|
|
if err != nil {
|
2023-03-10 20:59:56 +00:00
|
|
|
utils.Fatal("Listening to HTTPS", err)
|
2023-02-26 22:26:09 +00:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2023-03-10 20:59:56 +00:00
|
|
|
func tokenMiddleware(next http.Handler) http.Handler {
|
|
|
|
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
|
|
|
|
r.Header.Set("x-cosmos-user", "")
|
|
|
|
r.Header.Set("x-cosmos-role", "")
|
|
|
|
|
|
|
|
u, err := user.RefreshUserToken(w, r)
|
|
|
|
|
|
|
|
if err != nil {
|
|
|
|
return
|
|
|
|
}
|
|
|
|
|
|
|
|
r.Header.Set("x-cosmos-user", u.Nickname)
|
|
|
|
r.Header.Set("x-cosmos-role", strconv.Itoa((int)(u.Role)))
|
|
|
|
|
|
|
|
// TODO: If external application, remove the cookie from the request
|
|
|
|
// to prevent leaking, and generate new JWT token
|
|
|
|
if false {
|
|
|
|
cookies := r.Header.Get("Cookie")
|
|
|
|
// This prob dowsnt work
|
|
|
|
cookieRemoveRegex := regexp.MustCompile(`jwttoken=[^;]*;`)
|
|
|
|
cookies = cookieRemoveRegex.ReplaceAllString(cookies, "")
|
|
|
|
r.Header.Set("Cookie", cookies)
|
|
|
|
|
|
|
|
// Replace the token with a application speicfic one
|
|
|
|
r.Header.Set("x-cosmos-token", "1234567890")
|
|
|
|
}
|
|
|
|
|
|
|
|
next.ServeHTTP(w, r)
|
|
|
|
})
|
|
|
|
}
|
|
|
|
|
|
|
|
func StartServer() {
|
|
|
|
baseMainConfig := utils.GetBaseMainConfig()
|
|
|
|
config := utils.GetMainConfig().HTTPConfig
|
|
|
|
serverPortHTTP = config.HTTPPort
|
|
|
|
serverPortHTTPS = config.HTTPSPort
|
2023-02-26 22:26:09 +00:00
|
|
|
|
|
|
|
var tlsCert = config.TLSCert
|
|
|
|
var tlsKey= config.TLSKey
|
|
|
|
|
2023-03-10 20:59:56 +00:00
|
|
|
configJson, _ := json.MarshalIndent(config, "", " ")
|
|
|
|
utils.Debug("Configuration" + (string)(configJson))
|
|
|
|
|
|
|
|
if((tlsCert == "" || tlsKey == "") && config.GenerateMissingTLSCert) {
|
|
|
|
utils.Log("Generating new TLS certificate")
|
|
|
|
pub, priv := utils.GenerateRSAWebCertificates()
|
|
|
|
|
|
|
|
baseMainConfig.HTTPConfig.TLSCert = pub
|
|
|
|
baseMainConfig.HTTPConfig.TLSKey = priv
|
|
|
|
utils.SetBaseMainConfig(baseMainConfig)
|
|
|
|
|
|
|
|
utils.Log("Saved new TLS certificate")
|
|
|
|
|
|
|
|
tlsCert = pub
|
|
|
|
tlsKey = priv
|
2023-02-26 22:26:09 +00:00
|
|
|
}
|
|
|
|
|
2023-03-10 20:59:56 +00:00
|
|
|
if ((config.AuthPublicKey == "" || config.AuthPrivateKey == "") && config.GenerateMissingAuthCert) {
|
|
|
|
utils.Log("Generating new Auth ED25519 certificate")
|
|
|
|
pub, priv := utils.GenerateEd25519Certificates()
|
|
|
|
|
|
|
|
baseMainConfig.HTTPConfig.AuthPublicKey = pub
|
|
|
|
baseMainConfig.HTTPConfig.AuthPrivateKey = priv
|
|
|
|
utils.SetBaseMainConfig(baseMainConfig)
|
|
|
|
|
|
|
|
utils.Log("Saved new Auth ED25519 certificate")
|
2023-02-26 22:26:09 +00:00
|
|
|
}
|
|
|
|
|
2023-03-12 18:17:28 +00:00
|
|
|
router := mux.NewRouter().StrictSlash(true)
|
2023-02-26 22:26:09 +00:00
|
|
|
|
2023-03-10 20:59:56 +00:00
|
|
|
router.Use(middleware.Recoverer)
|
|
|
|
router.Use(middleware.Logger)
|
|
|
|
router.Use(tokenMiddleware)
|
|
|
|
router.Use(utils.SetSecurityHeaders)
|
2023-03-12 18:17:28 +00:00
|
|
|
|
|
|
|
srapi := router.PathPrefix("/cosmos").Subrouter()
|
2023-03-10 20:59:56 +00:00
|
|
|
|
2023-03-12 18:17:28 +00:00
|
|
|
srapi.HandleFunc("/api/login", user.UserLogin)
|
|
|
|
srapi.HandleFunc("/api/logout", user.UserLogout)
|
|
|
|
srapi.HandleFunc("/api/register", user.UserRegister)
|
|
|
|
srapi.HandleFunc("/api/invite", user.UserResendInviteLink)
|
|
|
|
srapi.HandleFunc("/api/me", user.Me)
|
2023-03-10 20:59:56 +00:00
|
|
|
|
2023-03-12 18:17:28 +00:00
|
|
|
srapi.HandleFunc("/api/users/{nickname}", user.UsersIdRoute)
|
|
|
|
srapi.HandleFunc("/api/users", user.UsersRoute)
|
2023-03-10 20:59:56 +00:00
|
|
|
|
2023-03-12 18:17:28 +00:00
|
|
|
// srapi.Use(utils.AcceptHeader("*/*"))
|
2023-03-10 20:59:56 +00:00
|
|
|
srapi.Use(utils.CORSHeader(utils.GetMainConfig().HTTPConfig.Hostname))
|
2023-03-13 00:49:27 +00:00
|
|
|
srapi.Use(utils.MiddlewareTimeout(20 * time.Second))
|
|
|
|
srapi.Use(httprate.Limit(60, 1*time.Minute,
|
2023-03-10 20:59:56 +00:00
|
|
|
httprate.WithKeyFuncs(httprate.KeyByIP),
|
|
|
|
httprate.WithLimitHandler(func(w http.ResponseWriter, r *http.Request) {
|
|
|
|
utils.Error("Too many requests. Throttling", nil)
|
|
|
|
utils.HTTPError(w, "Too many requests",
|
|
|
|
http.StatusTooManyRequests, "HTTP003")
|
|
|
|
return
|
|
|
|
}),
|
|
|
|
))
|
2023-03-12 18:17:28 +00:00
|
|
|
|
|
|
|
pwd,_ := os.Getwd()
|
|
|
|
utils.Log("Starting in " + pwd)
|
|
|
|
if _, err := os.Stat(pwd + "/static"); os.IsNotExist(err) {
|
|
|
|
utils.Fatal("Static folder not found at " + pwd + "/static", err)
|
|
|
|
}
|
|
|
|
fs := spa.SpaHandler(pwd + "/static", "index.html")
|
|
|
|
router.PathPrefix("/").Handler(fs)
|
|
|
|
|
|
|
|
router = proxy.BuildFromConfig(router, config.ProxyConfig)
|
2023-03-10 20:59:56 +00:00
|
|
|
|
|
|
|
if tlsCert != "" && tlsKey != "" {
|
|
|
|
utils.Log("TLS certificate exist, starting HTTPS servers and redirecting HTTP to HTTPS")
|
2023-02-26 22:26:09 +00:00
|
|
|
startHTTPSServer(router, tlsCert, tlsKey)
|
|
|
|
} else {
|
2023-03-10 20:59:56 +00:00
|
|
|
utils.Log("TLS certificate does not exist, starting HTTP server only")
|
2023-02-26 22:26:09 +00:00
|
|
|
startHTTPServer(router)
|
|
|
|
}
|
|
|
|
}
|