| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109 | package mainimport (	"crypto/rand"	"log"	"net/http"	auth "imuslab.com/arozos/mod/auth"	"imuslab.com/arozos/mod/common"	prout "imuslab.com/arozos/mod/prouter")func AuthInit() {	//Generate session key for authentication module if empty	sysdb.NewTable("auth")	if *session_key == "" {		//Check if the key was generated already. If not, generate a new one		if !sysdb.KeyExists("auth", "sessionkey") {			key := make([]byte, 32)			rand.Read(key)			newSessionKey := string(key)			sysdb.Write("auth", "sessionkey", newSessionKey)			log.Println("New authentication session key generated")		} else {			log.Println("Authentication session key loaded from database")		}		skeyString := ""		sysdb.Read("auth", "sessionkey", &skeyString)		session_key = &skeyString	}	//Create an Authentication Agent	authAgent = auth.NewAuthenticationAgent("ao_auth", []byte(*session_key), sysdb, *allow_public_registry, func(w http.ResponseWriter, r *http.Request) {		//Login Redirection Handler, redirect it login.system		w.Header().Set("Cache-Control", "no-cache, no-store, no-transform, must-revalidate, private, max-age=0")		http.Redirect(w, r, common.ConstructRelativePathFromRequestURL(r.RequestURI, "login.system")+"?redirect="+r.URL.Path, 307)	})	if *allow_autologin == true {		authAgent.AllowAutoLogin = true	} else {		//Default is false. But just in case		authAgent.AllowAutoLogin = false	}	//Register the API endpoints for the authentication UI	http.HandleFunc("/system/auth/login", authAgent.HandleLogin)	http.HandleFunc("/system/auth/logout", authAgent.HandleLogout)	http.HandleFunc("/system/auth/register", authAgent.HandleRegister)	http.HandleFunc("/system/auth/checkLogin", authAgent.CheckLogin)	http.HandleFunc("/api/auth/login", authAgent.HandleAutologinTokenLogin)	authAgent.LoadAutologinTokenFromDB()}func AuthSettingsInit() {	//Authentication related settings	adminRouter := prout.NewModuleRouter(prout.RouterOption{		ModuleName:  "System Setting",		AdminOnly:   true,		UserHandler: userHandler,		DeniedHandler: func(w http.ResponseWriter, r *http.Request) {			common.SendErrorResponse(w, "Permission Denied")		},	})	//Handle additional batch operations	adminRouter.HandleFunc("/system/auth/csvimport", authAgent.HandleCreateUserAccountsFromCSV)	adminRouter.HandleFunc("/system/auth/groupdel", authAgent.HandleUserDeleteByGroup)	//System for logging and displaying login user information	registerSetting(settingModule{		Name:         "Connection Log",		Desc:         "Logs for login attempts",		IconPath:     "SystemAO/security/img/small_icon.png",		Group:        "Security",		StartDir:     "SystemAO/security/connlog.html",		RequireAdmin: true,	})	adminRouter.HandleFunc("/system/auth/logger/index", authAgent.Logger.HandleIndexListing)	adminRouter.HandleFunc("/system/auth/logger/list", authAgent.Logger.HandleTableListing)	//Blacklist Management	registerSetting(settingModule{		Name:         "Access Control",		Desc:         "Prevent / Allow certain IP ranges from logging in",		IconPath:     "SystemAO/security/img/small_icon.png",		Group:        "Security",		StartDir:     "SystemAO/security/accesscontrol.html",		RequireAdmin: true,	})	//Whitelist API	adminRouter.HandleFunc("/system/auth/whitelist/enable", authAgent.WhitelistManager.HandleSetWhitelistEnable)	adminRouter.HandleFunc("/system/auth/whitelist/list", authAgent.WhitelistManager.HandleListWhitelistedIPs)	adminRouter.HandleFunc("/system/auth/whitelist/set", authAgent.WhitelistManager.HandleAddWhitelistedIP)	adminRouter.HandleFunc("/system/auth/whitelist/unset", authAgent.WhitelistManager.HandleRemoveWhitelistedIP)	//Blacklist API	adminRouter.HandleFunc("/system/auth/blacklist/enable", authAgent.BlacklistManager.HandleSetBlacklistEnable)	adminRouter.HandleFunc("/system/auth/blacklist/list", authAgent.BlacklistManager.HandleListBannedIPs)	adminRouter.HandleFunc("/system/auth/blacklist/ban", authAgent.BlacklistManager.HandleAddBannedIP)	adminRouter.HandleFunc("/system/auth/blacklist/unban", authAgent.BlacklistManager.HandleRemoveBannedIP)	//Register nightly task for clearup all user retry counter	nightlyManager.RegisterNightlyTask(authAgent.ExpDelayHandler.ResetAllUserRetryCounter)}
 |