2023-03-14 16:22:52 +01:00
|
|
|
package web
|
|
|
|
|
|
|
|
import (
|
2023-03-19 16:29:14 +01:00
|
|
|
"crypto/md5"
|
|
|
|
"fmt"
|
2024-01-01 23:45:19 +01:00
|
|
|
"github.com/thomiceli/opengist/internal/config"
|
2024-01-05 22:56:04 +01:00
|
|
|
"github.com/thomiceli/opengist/internal/git"
|
2024-05-05 00:24:25 +02:00
|
|
|
"github.com/thomiceli/opengist/internal/i18n"
|
2024-01-30 01:02:28 +01:00
|
|
|
"github.com/thomiceli/opengist/internal/utils"
|
2024-01-01 23:45:19 +01:00
|
|
|
"os"
|
|
|
|
"path/filepath"
|
2023-03-14 16:22:52 +01:00
|
|
|
"strconv"
|
2023-03-19 16:29:14 +01:00
|
|
|
"strings"
|
|
|
|
"time"
|
2023-12-14 19:14:59 -06:00
|
|
|
|
|
|
|
"github.com/labstack/echo/v4"
|
|
|
|
"github.com/thomiceli/opengist/internal/db"
|
|
|
|
"golang.org/x/crypto/ssh"
|
2023-03-14 16:22:52 +01:00
|
|
|
)
|
|
|
|
|
2023-03-19 16:29:14 +01:00
|
|
|
func userSettings(ctx echo.Context) error {
|
2023-03-14 16:22:52 +01:00
|
|
|
user := getUserLogged(ctx)
|
|
|
|
|
2023-09-03 00:30:57 +02:00
|
|
|
keys, err := db.GetSSHKeysByUserID(user.ID)
|
2023-03-14 16:22:52 +01:00
|
|
|
if err != nil {
|
|
|
|
return errorRes(500, "Cannot get SSH keys", err)
|
|
|
|
}
|
|
|
|
|
2024-10-07 23:56:32 +02:00
|
|
|
passkeys, err := db.GetAllCredentialsForUser(user.ID)
|
|
|
|
if err != nil {
|
|
|
|
return errorRes(500, "Cannot get WebAuthn credentials", err)
|
|
|
|
}
|
|
|
|
|
2024-10-24 23:23:00 +02:00
|
|
|
_, hasTotp, err := user.HasMFA()
|
|
|
|
if err != nil {
|
|
|
|
return errorRes(500, "Cannot get MFA status", err)
|
|
|
|
}
|
|
|
|
|
2023-03-19 16:29:14 +01:00
|
|
|
setData(ctx, "email", user.Email)
|
2023-03-14 16:22:52 +01:00
|
|
|
setData(ctx, "sshKeys", keys)
|
2024-10-07 23:56:32 +02:00
|
|
|
setData(ctx, "passkeys", passkeys)
|
2024-10-24 23:23:00 +02:00
|
|
|
setData(ctx, "hasTotp", hasTotp)
|
2023-11-21 02:03:28 +09:00
|
|
|
setData(ctx, "hasPassword", user.Password != "")
|
2024-09-03 17:48:45 +02:00
|
|
|
setData(ctx, "disableForm", getData(ctx, "DisableLoginForm"))
|
2024-05-05 00:24:25 +02:00
|
|
|
setData(ctx, "htmlTitle", trH(ctx, "settings"))
|
2023-03-19 16:29:14 +01:00
|
|
|
return html(ctx, "settings.html")
|
2023-03-14 16:22:52 +01:00
|
|
|
}
|
|
|
|
|
2023-03-19 16:29:14 +01:00
|
|
|
func emailProcess(ctx echo.Context) error {
|
|
|
|
user := getUserLogged(ctx)
|
|
|
|
email := ctx.FormValue("email")
|
|
|
|
var hash string
|
|
|
|
|
|
|
|
if email == "" {
|
|
|
|
// generate random md5 string
|
|
|
|
hash = fmt.Sprintf("%x", md5.Sum([]byte(time.Now().String())))
|
|
|
|
} else {
|
|
|
|
hash = fmt.Sprintf("%x", md5.Sum([]byte(strings.ToLower(strings.TrimSpace(email)))))
|
|
|
|
}
|
2023-03-14 16:22:52 +01:00
|
|
|
|
2023-05-26 09:15:37 +02:00
|
|
|
user.Email = strings.ToLower(email)
|
2023-03-19 16:29:14 +01:00
|
|
|
user.MD5Hash = hash
|
|
|
|
|
|
|
|
if err := user.Update(); err != nil {
|
|
|
|
return errorRes(500, "Cannot update email", err)
|
|
|
|
}
|
|
|
|
|
2024-05-05 00:24:25 +02:00
|
|
|
addFlash(ctx, tr(ctx, "flash.user.email-updated"), "success")
|
2023-03-19 16:29:14 +01:00
|
|
|
return redirect(ctx, "/settings")
|
|
|
|
}
|
|
|
|
|
|
|
|
func accountDeleteProcess(ctx echo.Context) error {
|
|
|
|
user := getUserLogged(ctx)
|
|
|
|
|
|
|
|
if err := user.Delete(); err != nil {
|
|
|
|
return errorRes(500, "Cannot delete this user", err)
|
|
|
|
}
|
|
|
|
|
|
|
|
return redirect(ctx, "/all")
|
|
|
|
}
|
|
|
|
|
|
|
|
func sshKeysProcess(ctx echo.Context) error {
|
2023-03-14 16:22:52 +01:00
|
|
|
user := getUserLogged(ctx)
|
|
|
|
|
2023-12-14 19:14:59 -06:00
|
|
|
dto := new(db.SSHKeyDTO)
|
2023-03-17 14:56:39 +01:00
|
|
|
if err := ctx.Bind(dto); err != nil {
|
2024-05-05 00:24:25 +02:00
|
|
|
return errorRes(400, tr(ctx, "error.cannot-bind-data"), err)
|
2023-03-14 16:22:52 +01:00
|
|
|
}
|
|
|
|
|
2023-03-17 14:56:39 +01:00
|
|
|
if err := ctx.Validate(dto); err != nil {
|
2024-05-05 00:24:25 +02:00
|
|
|
addFlash(ctx, utils.ValidationMessages(&err, getData(ctx, "locale").(*i18n.Locale)), "error")
|
2023-03-19 16:29:14 +01:00
|
|
|
return redirect(ctx, "/settings")
|
2023-03-14 16:22:52 +01:00
|
|
|
}
|
2023-03-17 14:56:39 +01:00
|
|
|
key := dto.ToSSHKey()
|
2023-03-14 16:22:52 +01:00
|
|
|
|
|
|
|
key.UserID = user.ID
|
|
|
|
|
2023-05-01 02:55:34 +02:00
|
|
|
pubKey, _, _, _, err := ssh.ParseAuthorizedKey([]byte(key.Content))
|
2023-03-14 16:22:52 +01:00
|
|
|
if err != nil {
|
2024-05-05 00:24:25 +02:00
|
|
|
addFlash(ctx, tr(ctx, "flash.user.invalid-ssh-key"), "error")
|
2023-03-19 16:29:14 +01:00
|
|
|
return redirect(ctx, "/settings")
|
2023-03-14 16:22:52 +01:00
|
|
|
}
|
2023-05-01 02:55:34 +02:00
|
|
|
key.Content = strings.TrimSpace(string(ssh.MarshalAuthorizedKey(pubKey)))
|
2023-03-14 16:22:52 +01:00
|
|
|
|
2024-05-28 01:30:08 +02:00
|
|
|
if exists, err := db.SSHKeyDoesExists(key.Content); exists {
|
|
|
|
if err != nil {
|
|
|
|
return errorRes(500, "Cannot check if SSH key exists", err)
|
|
|
|
}
|
|
|
|
addFlash(ctx, tr(ctx, "settings.ssh-key-exists"), "error")
|
|
|
|
return redirect(ctx, "/settings")
|
|
|
|
}
|
|
|
|
|
2023-03-17 14:56:39 +01:00
|
|
|
if err := key.Create(); err != nil {
|
2023-03-14 16:22:52 +01:00
|
|
|
return errorRes(500, "Cannot add SSH key", err)
|
|
|
|
}
|
|
|
|
|
2024-05-05 00:24:25 +02:00
|
|
|
addFlash(ctx, tr(ctx, "flash.user.ssh-key-added"), "success")
|
2023-03-19 16:29:14 +01:00
|
|
|
return redirect(ctx, "/settings")
|
2023-03-14 16:22:52 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
func sshKeysDelete(ctx echo.Context) error {
|
|
|
|
user := getUserLogged(ctx)
|
|
|
|
keyId, err := strconv.Atoi(ctx.Param("id"))
|
|
|
|
if err != nil {
|
2023-03-19 16:29:14 +01:00
|
|
|
return redirect(ctx, "/settings")
|
2023-03-14 16:22:52 +01:00
|
|
|
}
|
|
|
|
|
2023-09-03 00:30:57 +02:00
|
|
|
key, err := db.GetSSHKeyByID(uint(keyId))
|
2023-03-14 16:22:52 +01:00
|
|
|
|
|
|
|
if err != nil || key.UserID != user.ID {
|
2023-03-19 16:29:14 +01:00
|
|
|
return redirect(ctx, "/settings")
|
2023-03-14 16:22:52 +01:00
|
|
|
}
|
|
|
|
|
2023-03-17 14:56:39 +01:00
|
|
|
if err := key.Delete(); err != nil {
|
2023-03-14 16:22:52 +01:00
|
|
|
return errorRes(500, "Cannot delete SSH key", err)
|
|
|
|
}
|
|
|
|
|
2024-05-05 00:24:25 +02:00
|
|
|
addFlash(ctx, tr(ctx, "flash.user.ssh-key-deleted"), "success")
|
2023-03-19 16:29:14 +01:00
|
|
|
return redirect(ctx, "/settings")
|
2023-03-14 16:22:52 +01:00
|
|
|
}
|
2023-11-21 02:03:28 +09:00
|
|
|
|
2024-10-07 23:56:32 +02:00
|
|
|
func passkeyDelete(ctx echo.Context) error {
|
|
|
|
user := getUserLogged(ctx)
|
|
|
|
keyId, err := strconv.Atoi(ctx.Param("id"))
|
|
|
|
if err != nil {
|
|
|
|
return redirect(ctx, "/settings")
|
|
|
|
}
|
|
|
|
|
|
|
|
passkey, err := db.GetCredentialByIDDB(uint(keyId))
|
|
|
|
if err != nil || passkey.UserID != user.ID {
|
|
|
|
return redirect(ctx, "/settings")
|
|
|
|
}
|
|
|
|
|
|
|
|
if err := passkey.Delete(); err != nil {
|
|
|
|
return errorRes(500, "Cannot delete passkey", err)
|
|
|
|
}
|
|
|
|
|
|
|
|
addFlash(ctx, tr(ctx, "flash.auth.passkey-deleted"), "success")
|
|
|
|
return redirect(ctx, "/settings")
|
|
|
|
}
|
|
|
|
|
2023-11-21 02:03:28 +09:00
|
|
|
func passwordProcess(ctx echo.Context) error {
|
|
|
|
user := getUserLogged(ctx)
|
|
|
|
|
|
|
|
dto := new(db.UserDTO)
|
|
|
|
if err := ctx.Bind(dto); err != nil {
|
2024-05-05 00:24:25 +02:00
|
|
|
return errorRes(400, tr(ctx, "error.cannot-bind-data"), err)
|
2023-11-21 02:03:28 +09:00
|
|
|
}
|
|
|
|
dto.Username = user.Username
|
|
|
|
|
|
|
|
if err := ctx.Validate(dto); err != nil {
|
2024-05-05 00:24:25 +02:00
|
|
|
addFlash(ctx, utils.ValidationMessages(&err, getData(ctx, "locale").(*i18n.Locale)), "error")
|
2023-11-21 02:03:28 +09:00
|
|
|
return html(ctx, "settings.html")
|
|
|
|
}
|
|
|
|
|
2024-02-24 18:45:36 +01:00
|
|
|
password, err := utils.Argon2id.Hash(dto.Password)
|
2023-11-21 02:03:28 +09:00
|
|
|
if err != nil {
|
|
|
|
return errorRes(500, "Cannot hash password", err)
|
|
|
|
}
|
|
|
|
user.Password = password
|
|
|
|
|
|
|
|
if err = user.Update(); err != nil {
|
|
|
|
return errorRes(500, "Cannot update password", err)
|
|
|
|
}
|
|
|
|
|
2024-05-05 00:24:25 +02:00
|
|
|
addFlash(ctx, tr(ctx, "flash.user.password-updated"), "success")
|
2023-11-21 02:03:28 +09:00
|
|
|
return redirect(ctx, "/settings")
|
|
|
|
}
|
2024-01-01 23:45:19 +01:00
|
|
|
|
|
|
|
func usernameProcess(ctx echo.Context) error {
|
|
|
|
user := getUserLogged(ctx)
|
|
|
|
|
|
|
|
dto := new(db.UserDTO)
|
|
|
|
if err := ctx.Bind(dto); err != nil {
|
2024-05-05 00:24:25 +02:00
|
|
|
return errorRes(400, tr(ctx, "error.cannot-bind-data"), err)
|
2024-01-01 23:45:19 +01:00
|
|
|
}
|
|
|
|
dto.Password = user.Password
|
|
|
|
|
|
|
|
if err := ctx.Validate(dto); err != nil {
|
2024-05-05 00:24:25 +02:00
|
|
|
addFlash(ctx, utils.ValidationMessages(&err, getData(ctx, "locale").(*i18n.Locale)), "error")
|
2024-01-01 23:45:19 +01:00
|
|
|
return redirect(ctx, "/settings")
|
|
|
|
}
|
|
|
|
|
|
|
|
if exists, err := db.UserExists(dto.Username); err != nil || exists {
|
2024-05-05 00:24:25 +02:00
|
|
|
addFlash(ctx, tr(ctx, "flash.auth.username-exists"), "error")
|
2024-01-01 23:45:19 +01:00
|
|
|
return redirect(ctx, "/settings")
|
|
|
|
}
|
|
|
|
|
2024-01-23 20:24:01 +01:00
|
|
|
sourceDir := filepath.Join(config.GetHomeDir(), git.ReposDirectory, strings.ToLower(user.Username))
|
|
|
|
destinationDir := filepath.Join(config.GetHomeDir(), git.ReposDirectory, strings.ToLower(dto.Username))
|
2024-01-05 22:56:04 +01:00
|
|
|
|
|
|
|
if _, err := os.Stat(sourceDir); !os.IsNotExist(err) {
|
|
|
|
err := os.Rename(sourceDir, destinationDir)
|
|
|
|
if err != nil {
|
|
|
|
return errorRes(500, "Cannot rename user directory", err)
|
|
|
|
}
|
2024-01-01 23:45:19 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
user.Username = dto.Username
|
|
|
|
|
|
|
|
if err := user.Update(); err != nil {
|
|
|
|
return errorRes(500, "Cannot update username", err)
|
|
|
|
}
|
|
|
|
|
2024-05-05 00:24:25 +02:00
|
|
|
addFlash(ctx, tr(ctx, "flash.user.username-updated"), "success")
|
2024-01-01 23:45:19 +01:00
|
|
|
return redirect(ctx, "/settings")
|
|
|
|
}
|