api.go 5.8 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164
  1. package main
  2. import (
  3. "encoding/json"
  4. "net/http"
  5. "imuslab.com/zoraxy/mod/auth"
  6. "imuslab.com/zoraxy/mod/netstat"
  7. "imuslab.com/zoraxy/mod/utils"
  8. )
  9. /*
  10. API.go
  11. This file contains all the API called by the web management interface
  12. */
  13. func initAPIs() {
  14. requireAuth := !(*noauth || handler.IsUsingExternalPermissionManager())
  15. authRouter := auth.NewManagedHTTPRouter(auth.RouterOption{
  16. AuthAgent: authAgent,
  17. RequireAuth: requireAuth,
  18. DeniedHandler: func(w http.ResponseWriter, r *http.Request) {
  19. http.Error(w, "401 - Unauthorized", http.StatusUnauthorized)
  20. },
  21. })
  22. //Register the standard web services urls
  23. fs := http.FileServer(http.Dir("./web"))
  24. if requireAuth {
  25. //Add a layer of middleware for auth control
  26. authHandler := AuthFsHandler(fs)
  27. http.Handle("/", authHandler)
  28. } else {
  29. http.Handle("/", fs)
  30. }
  31. //Authentication APIs
  32. registerAuthAPIs(requireAuth)
  33. //Reverse proxy
  34. authRouter.HandleFunc("/api/proxy/enable", ReverseProxyHandleOnOff)
  35. authRouter.HandleFunc("/api/proxy/add", ReverseProxyHandleAddEndpoint)
  36. authRouter.HandleFunc("/api/proxy/status", ReverseProxyStatus)
  37. authRouter.HandleFunc("/api/proxy/list", ReverseProxyList)
  38. authRouter.HandleFunc("/api/proxy/del", DeleteProxyEndpoint)
  39. authRouter.HandleFunc("/api/proxy/tlscheck", HandleCheckSiteSupportTLS)
  40. authRouter.HandleFunc("/api/proxy/setIncoming", HandleIncomingPortSet)
  41. authRouter.HandleFunc("/api/proxy/useHttpsRedirect", HandleUpdateHttpsRedirect)
  42. authRouter.HandleFunc("/api/proxy/requestIsProxied", HandleManagementProxyCheck)
  43. //TLS / SSL config
  44. authRouter.HandleFunc("/api/cert/tls", handleToggleTLSProxy)
  45. authRouter.HandleFunc("/api/cert/upload", handleCertUpload)
  46. authRouter.HandleFunc("/api/cert/list", handleListCertificate)
  47. authRouter.HandleFunc("/api/cert/checkDefault", handleDefaultCertCheck)
  48. authRouter.HandleFunc("/api/cert/delete", handleCertRemove)
  49. //Redirection config
  50. authRouter.HandleFunc("/api/redirect/list", handleListRedirectionRules)
  51. authRouter.HandleFunc("/api/redirect/add", handleAddRedirectionRule)
  52. authRouter.HandleFunc("/api/redirect/delete", handleDeleteRedirectionRule)
  53. //Blacklist APIs
  54. authRouter.HandleFunc("/api/blacklist/list", handleListBlacklisted)
  55. authRouter.HandleFunc("/api/blacklist/country/add", handleCountryBlacklistAdd)
  56. authRouter.HandleFunc("/api/blacklist/country/remove", handleCountryBlacklistRemove)
  57. authRouter.HandleFunc("/api/blacklist/ip/add", handleIpBlacklistAdd)
  58. authRouter.HandleFunc("/api/blacklist/ip/remove", handleIpBlacklistRemove)
  59. authRouter.HandleFunc("/api/blacklist/enable", handleBlacklistEnable)
  60. //Statistic & uptime monitoring API
  61. authRouter.HandleFunc("/api/stats/summary", statisticCollector.HandleTodayStatLoad)
  62. authRouter.HandleFunc("/api/stats/countries", HandleCountryDistrSummary)
  63. authRouter.HandleFunc("/api/stats/netstat", netstat.HandleGetNetworkInterfaceStats)
  64. authRouter.HandleFunc("/api/stats/listnic", netstat.HandleListNetworkInterfaces)
  65. authRouter.HandleFunc("/api/utm/list", HandleUptimeMonitorListing)
  66. //mDNS APIs
  67. authRouter.HandleFunc("/api/mdns/list", HandleMdnsListing)
  68. authRouter.HandleFunc("/api/mdns/discover", HandleMdnsScanning)
  69. authRouter.HandleFunc("/api/ssdp/discover", HandleSsdpDiscovery)
  70. //Network utilities
  71. authRouter.HandleFunc("/api/tools/ipscan", HandleIpScan)
  72. //If you got APIs to add, append them here
  73. }
  74. //Function to renders Auth related APIs
  75. func registerAuthAPIs(requireAuth bool) {
  76. //Auth APIs
  77. http.HandleFunc("/api/auth/login", authAgent.HandleLogin)
  78. http.HandleFunc("/api/auth/logout", authAgent.HandleLogout)
  79. http.HandleFunc("/api/auth/checkLogin", func(w http.ResponseWriter, r *http.Request) {
  80. if requireAuth {
  81. authAgent.CheckLogin(w, r)
  82. } else {
  83. utils.SendJSONResponse(w, "true")
  84. }
  85. })
  86. http.HandleFunc("/api/auth/username", func(w http.ResponseWriter, r *http.Request) {
  87. username, err := authAgent.GetUserName(w, r)
  88. if err != nil {
  89. http.Error(w, http.StatusText(http.StatusUnauthorized), http.StatusUnauthorized)
  90. return
  91. }
  92. js, _ := json.Marshal(username)
  93. utils.SendJSONResponse(w, string(js))
  94. })
  95. http.HandleFunc("/api/auth/userCount", func(w http.ResponseWriter, r *http.Request) {
  96. uc := authAgent.GetUserCounts()
  97. js, _ := json.Marshal(uc)
  98. utils.SendJSONResponse(w, string(js))
  99. })
  100. http.HandleFunc("/api/auth/register", func(w http.ResponseWriter, r *http.Request) {
  101. if authAgent.GetUserCounts() == 0 {
  102. //Allow register root admin
  103. authAgent.HandleRegisterWithoutEmail(w, r, func(username, reserved string) {
  104. })
  105. } else {
  106. //This function is disabled
  107. utils.SendErrorResponse(w, "Root management account already exists")
  108. }
  109. })
  110. http.HandleFunc("/api/auth/changePassword", func(w http.ResponseWriter, r *http.Request) {
  111. username, err := authAgent.GetUserName(w, r)
  112. if err != nil {
  113. http.Error(w, "401 - Unauthorized", http.StatusUnauthorized)
  114. return
  115. }
  116. oldPassword, err := utils.PostPara(r, "oldPassword")
  117. if err != nil {
  118. utils.SendErrorResponse(w, "empty current password")
  119. return
  120. }
  121. newPassword, err := utils.PostPara(r, "newPassword")
  122. if err != nil {
  123. utils.SendErrorResponse(w, "empty new password")
  124. return
  125. }
  126. confirmPassword, _ := utils.PostPara(r, "confirmPassword")
  127. if newPassword != confirmPassword {
  128. utils.SendErrorResponse(w, "confirm password not match")
  129. return
  130. }
  131. //Check if the old password correct
  132. oldPasswordCorrect, _ := authAgent.ValidateUsernameAndPasswordWithReason(username, oldPassword)
  133. if !oldPasswordCorrect {
  134. utils.SendErrorResponse(w, "Invalid current password given")
  135. return
  136. }
  137. //Change the password of the root user
  138. authAgent.UnregisterUser(username)
  139. authAgent.CreateUserAccount(username, newPassword, "")
  140. })
  141. }