Compare commits

..

No commits in common. "e398cf05402c010d594cea4e2dea307ca1a36dbe" and "c32ca84e8a1a87994d5233a2d51c640a368b88bc" have entirely different histories.

12 changed files with 238 additions and 491 deletions

View File

@ -14,20 +14,15 @@ type CloudflareDNSResponse struct {
Result database.DNSRecord `json:"result"` Result database.DNSRecord `json:"result"`
} }
type CloudflareExternalDNSAdapter struct { func CreateDNSRecord(zoneId string, apiToken string, record *database.DNSRecord) (string, error) {
ZoneId string url := fmt.Sprintf("https://api.cloudflare.com/client/v4/zones/%s/dns_records", zoneId)
APIToken string
}
func (adapter *CloudflareExternalDNSAdapter) CreateDNSRecord(record *database.DNSRecord) (string, error) {
url := fmt.Sprintf("https://api.cloudflare.com/client/v4/zones/%s/dns_records", adapter.ZoneId)
reqBody := fmt.Sprintf(`{"type":"%s","name":"%s","content":"%s","ttl":%d,"proxied":false}`, record.Type, record.Name, record.Content, record.TTL) reqBody := fmt.Sprintf(`{"type":"%s","name":"%s","content":"%s","ttl":%d,"proxied":false}`, record.Type, record.Name, record.Content, record.TTL)
payload := strings.NewReader(reqBody) payload := strings.NewReader(reqBody)
req, _ := http.NewRequest("POST", url, payload) req, _ := http.NewRequest("POST", url, payload)
req.Header.Add("Authorization", "Bearer "+adapter.APIToken) req.Header.Add("Authorization", "Bearer "+apiToken)
req.Header.Add("Content-Type", "application/json") req.Header.Add("Content-Type", "application/json")
res, err := http.DefaultClient.Do(req) res, err := http.DefaultClient.Do(req)
@ -53,12 +48,12 @@ func (adapter *CloudflareExternalDNSAdapter) CreateDNSRecord(record *database.DN
return result.ID, nil return result.ID, nil
} }
func (adapter *CloudflareExternalDNSAdapter) DeleteDNSRecord(id string) error { func DeleteDNSRecord(zoneId string, apiToken string, id string) error {
url := fmt.Sprintf("https://api.cloudflare.com/client/v4/zones/%s/dns_records/%s", adapter.ZoneId, id) url := fmt.Sprintf("https://api.cloudflare.com/client/v4/zones/%s/dns_records/%s", zoneId, id)
req, _ := http.NewRequest("DELETE", url, nil) req, _ := http.NewRequest("DELETE", url, nil)
req.Header.Add("Authorization", "Bearer "+adapter.APIToken) req.Header.Add("Authorization", "Bearer "+apiToken)
res, err := http.DefaultClient.Do(req) res, err := http.DefaultClient.Do(req)
if err != nil { if err != nil {

View File

@ -1,8 +0,0 @@
package external_dns
import "git.hatecomputers.club/hatecomputers/hatecomputers.club/database"
type ExternalDNSAdapter interface {
CreateDNSRecord(record *database.DNSRecord) (string, error)
DeleteDNSRecord(id string) error
}

View File

@ -50,7 +50,7 @@ func StartSessionContinuation(context *RequestContext, req *http.Request, resp h
} }
} }
func InterceptOauthCodeContinuation(context *RequestContext, req *http.Request, resp http.ResponseWriter) ContinuationChain { func InterceptCodeContinuation(context *RequestContext, req *http.Request, resp http.ResponseWriter) ContinuationChain {
return func(success Continuation, failure Continuation) ContinuationChain { return func(success Continuation, failure Continuation) ContinuationChain {
state := req.URL.Query().Get("state") state := req.URL.Query().Get("state")
code := req.URL.Query().Get("code") code := req.URL.Query().Get("code")

View File

@ -1,37 +0,0 @@
package api_test
import (
"database/sql"
"os"
"testing"
"git.hatecomputers.club/hatecomputers/hatecomputers.club/api"
"git.hatecomputers.club/hatecomputers/hatecomputers.club/args"
"git.hatecomputers.club/hatecomputers/hatecomputers.club/database"
"git.hatecomputers.club/hatecomputers/hatecomputers.club/utils"
)
func setup() (*sql.DB, *api.RequestContext, func()) {
randomDb := utils.RandomId()
testDb := database.MakeConn(&randomDb)
database.Migrate(testDb)
context := &api.RequestContext{
DBConn: testDb,
Args: &args.Arguments{},
TemplateData: &(map[string]interface{}{}),
}
return testDb, context, func() {
testDb.Close()
os.Remove(randomDb)
}
}
/*
todo: test api key creation
+ api key attached to user
+ user session is unique
+ goLogin goes to page in cookie
*/

View File

@ -8,25 +8,30 @@ import (
"strconv" "strconv"
"strings" "strings"
"git.hatecomputers.club/hatecomputers/hatecomputers.club/adapters" "git.hatecomputers.club/hatecomputers/hatecomputers.club/adapters/cloudflare"
"git.hatecomputers.club/hatecomputers/hatecomputers.club/database" "git.hatecomputers.club/hatecomputers/hatecomputers.club/database"
"git.hatecomputers.club/hatecomputers/hatecomputers.club/utils" "git.hatecomputers.club/hatecomputers/hatecomputers.club/utils"
) )
const MAX_USER_RECORDS = 65 const MAX_USER_RECORDS = 65
var USER_OWNED_INTERNAL_FMT_DOMAINS = []string{"%s", "%s.endpoints"} type FormError struct {
Errors []string
}
func userCanFuckWithDNSRecord(dbConn *sql.DB, user *database.User, record *database.DNSRecord, ownedInternalDomainFormats []string) bool { func userCanFuckWithDNSRecord(dbConn *sql.DB, user *database.User, record *database.DNSRecord) bool {
ownedByUser := (user.ID == record.UserID) ownedByUser := (user.ID == record.UserID)
if !ownedByUser { if !ownedByUser {
return false return false
} }
if !record.Internal { if !record.Internal {
for _, format := range ownedInternalDomainFormats { userOwnedDomains := []string{
domain := fmt.Sprintf(format, user.Username) fmt.Sprintf("%s", user.Username),
fmt.Sprintf("%s.endpoints", user.Username),
}
for _, domain := range userOwnedDomains {
isInSubDomain := strings.HasSuffix(record.Name, "."+domain) isInSubDomain := strings.HasSuffix(record.Name, "."+domain)
if domain == record.Name || isInSubDomain { if domain == record.Name || isInSubDomain {
return true return true
@ -59,8 +64,7 @@ func ListDNSRecordsContinuation(context *RequestContext, req *http.Request, resp
} }
} }
func CreateDNSRecordContinuation(dnsAdapter external_dns.ExternalDNSAdapter) func(context *RequestContext, req *http.Request, resp http.ResponseWriter) ContinuationChain { func CreateDNSRecordContinuation(context *RequestContext, req *http.Request, resp http.ResponseWriter) ContinuationChain {
return func(context *RequestContext, req *http.Request, resp http.ResponseWriter) ContinuationChain {
return func(success Continuation, failure Continuation) ContinuationChain { return func(success Continuation, failure Continuation) ContinuationChain {
formErrors := FormError{ formErrors := FormError{
Errors: []string{}, Errors: []string{},
@ -100,8 +104,7 @@ func CreateDNSRecordContinuation(dnsAdapter external_dns.ExternalDNSAdapter) fun
TTL: ttlNum, TTL: ttlNum,
Internal: internal, Internal: internal,
} }
if !userCanFuckWithDNSRecord(context.DBConn, context.User, dnsRecord) {
if !userCanFuckWithDNSRecord(context.DBConn, context.User, dnsRecord, USER_OWNED_INTERNAL_FMT_DOMAINS) {
formErrors.Errors = append(formErrors.Errors, "'name' must end with "+context.User.Username+" or you must be a domain owner for internal domains") formErrors.Errors = append(formErrors.Errors, "'name' must end with "+context.User.Username+" or you must be a domain owner for internal domains")
} }
@ -109,11 +112,13 @@ func CreateDNSRecordContinuation(dnsAdapter external_dns.ExternalDNSAdapter) fun
if dnsRecord.Internal { if dnsRecord.Internal {
dnsRecord.ID = utils.RandomId() dnsRecord.ID = utils.RandomId()
} else { } else {
dnsRecord.ID, err = dnsAdapter.CreateDNSRecord(dnsRecord) cloudflareRecordId, err := cloudflare.CreateDNSRecord(context.Args.CloudflareZone, context.Args.CloudflareToken, dnsRecord)
if err != nil { if err != nil {
log.Println(err) log.Println(err)
formErrors.Errors = append(formErrors.Errors, err.Error()) formErrors.Errors = append(formErrors.Errors, err.Error())
} }
dnsRecord.ID = cloudflareRecordId
} }
} }
@ -137,10 +142,8 @@ func CreateDNSRecordContinuation(dnsAdapter external_dns.ExternalDNSAdapter) fun
return failure(context, req, resp) return failure(context, req, resp)
} }
} }
}
func DeleteDNSRecordContinuation(dnsAdapter external_dns.ExternalDNSAdapter) func(context *RequestContext, req *http.Request, resp http.ResponseWriter) ContinuationChain { func DeleteDNSRecordContinuation(context *RequestContext, req *http.Request, resp http.ResponseWriter) ContinuationChain {
return func(context *RequestContext, req *http.Request, resp http.ResponseWriter) ContinuationChain {
return func(success Continuation, failure Continuation) ContinuationChain { return func(success Continuation, failure Continuation) ContinuationChain {
recordId := req.FormValue("id") recordId := req.FormValue("id")
record, err := database.GetDNSRecord(context.DBConn, recordId) record, err := database.GetDNSRecord(context.DBConn, recordId)
@ -150,13 +153,13 @@ func DeleteDNSRecordContinuation(dnsAdapter external_dns.ExternalDNSAdapter) fun
return failure(context, req, resp) return failure(context, req, resp)
} }
if !userCanFuckWithDNSRecord(context.DBConn, context.User, record, USER_OWNED_INTERNAL_FMT_DOMAINS) { if !userCanFuckWithDNSRecord(context.DBConn, context.User, record) {
resp.WriteHeader(http.StatusUnauthorized) resp.WriteHeader(http.StatusUnauthorized)
return failure(context, req, resp) return failure(context, req, resp)
} }
if !record.Internal { if !record.Internal {
err = dnsAdapter.DeleteDNSRecord(recordId) err = cloudflare.DeleteDNSRecord(context.Args.CloudflareZone, context.Args.CloudflareToken, recordId)
if err != nil { if err != nil {
log.Println(err) log.Println(err)
resp.WriteHeader(http.StatusInternalServerError) resp.WriteHeader(http.StatusInternalServerError)
@ -174,4 +177,3 @@ func DeleteDNSRecordContinuation(dnsAdapter external_dns.ExternalDNSAdapter) fun
return success(context, req, resp) return success(context, req, resp)
} }
} }
}

View File

@ -1,56 +0,0 @@
package api_test
import (
"database/sql"
"net/http"
"net/http/httptest"
"os"
"testing"
"git.hatecomputers.club/hatecomputers/hatecomputers.club/api"
"git.hatecomputers.club/hatecomputers/hatecomputers.club/args"
"git.hatecomputers.club/hatecomputers/hatecomputers.club/database"
"git.hatecomputers.club/hatecomputers/hatecomputers.club/utils"
)
func setup() (*sql.DB, *api.RequestContext, func()) {
randomDb := utils.RandomId()
testDb := database.MakeConn(&randomDb)
database.Migrate(testDb)
context := &api.RequestContext{
DBConn: testDb,
Args: &args.Arguments{},
TemplateData: &(map[string]interface{}{}),
}
return testDb, context, func() {
testDb.Close()
os.Remove(randomDb)
}
}
func TestThatOwnerCanPutRecordInDomain(t *testing.T) {
db, context, cleanup := setup()
defer cleanup()
testUser := &database.User{
ID: "test",
Username: "test",
}
records, err := database.GetUserDNSRecords(db, context.User.ID)
if err != nil {
t.Fatal(err)
}
if len(records) > 0 {
t.Errorf("expected no records, got records")
}
ts := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
api.PutDNSRecordContinuation(context, r, w)(api.IdContinuation, api.IdContinuation)
}))
defer ts.Close()
}

View File

@ -1,6 +1,8 @@
package api package api
import ( import (
"encoding/json"
"fmt"
"log" "log"
"net/http" "net/http"
"strings" "strings"
@ -41,11 +43,16 @@ func SignGuestbookContinuation(context *RequestContext, req *http.Request, resp
return func(success Continuation, failure Continuation) ContinuationChain { return func(success Continuation, failure Continuation) ContinuationChain {
name := req.FormValue("name") name := req.FormValue("name")
message := req.FormValue("message") message := req.FormValue("message")
hCaptchaResponse := req.FormValue("h-captcha-response")
formErrors := FormError{ formErrors := FormError{
Errors: []string{}, Errors: []string{},
} }
if hCaptchaResponse == "" {
formErrors.Errors = append(formErrors.Errors, "hCaptcha is required")
}
entry := &database.GuestbookEntry{ entry := &database.GuestbookEntry{
ID: utils.RandomId(), ID: utils.RandomId(),
Name: name, Name: name,
@ -53,19 +60,22 @@ func SignGuestbookContinuation(context *RequestContext, req *http.Request, resp
} }
formErrors.Errors = append(formErrors.Errors, validateGuestbookEntry(entry)...) formErrors.Errors = append(formErrors.Errors, validateGuestbookEntry(entry)...)
if len(formErrors.Errors) == 0 { err := verifyHCaptcha(context.Args.HcaptchaSecret, hCaptchaResponse)
_, err := database.SaveGuestbookEntry(context.DBConn, entry)
if err != nil { if err != nil {
log.Println(err) log.Println(err)
formErrors.Errors = append(formErrors.Errors, "failed to save entry")
}
}
formErrors.Errors = append(formErrors.Errors, "hCaptcha verification failed")
}
if len(formErrors.Errors) > 0 { if len(formErrors.Errors) > 0 {
(*context.TemplateData)["FormError"] = formErrors (*context.TemplateData)["FormError"] = formErrors
(*context.TemplateData)["EntryForm"] = entry (*context.TemplateData)["EntryForm"] = entry
resp.WriteHeader(http.StatusBadRequest) return failure(context, req, resp)
}
_, err = database.SaveGuestbookEntry(context.DBConn, entry)
if err != nil {
log.Println(err)
resp.WriteHeader(http.StatusInternalServerError)
return failure(context, req, resp) return failure(context, req, resp)
} }
@ -86,3 +96,46 @@ func ListGuestbookContinuation(context *RequestContext, req *http.Request, resp
return success(context, req, resp) return success(context, req, resp)
} }
} }
func HcaptchaArgsContinuation(context *RequestContext, req *http.Request, resp http.ResponseWriter) ContinuationChain {
return func(success Continuation, failure Continuation) ContinuationChain {
(*context.TemplateData)["HcaptchaArgs"] = HcaptchaArgs{
SiteKey: context.Args.HcaptchaSiteKey,
}
log.Println(context.Args.HcaptchaSiteKey)
return success(context, req, resp)
}
}
func verifyHCaptcha(secret, response string) error {
verifyURL := "https://hcaptcha.com/siteverify"
body := strings.NewReader("secret=" + secret + "&response=" + response)
req, err := http.NewRequest("POST", verifyURL, body)
if err != nil {
return err
}
req.Header.Set("Content-Type", "application/x-www-form-urlencoded")
client := &http.Client{}
resp, err := client.Do(req)
if err != nil {
return err
}
jsonResponse := struct {
Success bool `json:"success"`
}{}
err = json.NewDecoder(resp.Body).Decode(&jsonResponse)
if err != nil {
return err
}
if !jsonResponse.Success {
return fmt.Errorf("hcaptcha verification failed")
}
defer resp.Body.Close()
return nil
}

View File

@ -1,129 +0,0 @@
package api_test
import (
"database/sql"
"net/http"
"net/http/httptest"
"os"
"testing"
"git.hatecomputers.club/hatecomputers/hatecomputers.club/api"
"git.hatecomputers.club/hatecomputers/hatecomputers.club/args"
"git.hatecomputers.club/hatecomputers/hatecomputers.club/database"
"git.hatecomputers.club/hatecomputers/hatecomputers.club/utils"
)
func setup() (*sql.DB, *api.RequestContext, func()) {
randomDb := utils.RandomId()
testDb := database.MakeConn(&randomDb)
database.Migrate(testDb)
context := &api.RequestContext{
DBConn: testDb,
Args: &args.Arguments{},
TemplateData: &(map[string]interface{}{}),
}
return testDb, context, func() {
testDb.Close()
os.Remove(randomDb)
}
}
func TestValidGuestbookPutsInDatabase(t *testing.T) {
db, context, cleanup := setup()
defer cleanup()
entries, err := database.GetGuestbookEntries(db)
if err != nil {
t.Fatal(err)
}
if len(entries) > 0 {
t.Errorf("expected no entries, got entries")
}
ts := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
api.SignGuestbookContinuation(context, r, w)(api.IdContinuation, api.IdContinuation)
}))
defer ts.Close()
req := httptest.NewRequest("POST", ts.URL, nil)
req.Form = map[string][]string{
"name": {"test"},
"message": {"test"},
}
w := httptest.NewRecorder()
ts.Config.Handler.ServeHTTP(w, req)
if w.Code != http.StatusOK {
t.Errorf("expected status code 200, got %d", w.Code)
}
entries, err = database.GetGuestbookEntries(db)
if err != nil {
t.Fatal(err)
}
if len(entries) != 1 {
t.Errorf("expected 1 entry, got %d", len(entries))
}
if entries[0].Name != req.FormValue("name") {
t.Errorf("expected name %s, got %s", req.FormValue("name"), entries[0].Name)
}
}
func TestInvalidGuestbookNotFoundInDatabase(t *testing.T) {
db, context, cleanup := setup()
defer cleanup()
entries, err := database.GetGuestbookEntries(db)
if err != nil {
t.Fatal(err)
}
if len(entries) > 0 {
t.Errorf("expected no entries, got entries")
}
testServer := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
api.SignGuestbookContinuation(context, r, w)(api.IdContinuation, api.IdContinuation)
}))
defer testServer.Close()
reallyLongStringThatWouldTakeTooMuchSpace := "a\na\na\na\na\na\na\na\na\na\na\n"
invalidRequests := []struct {
name string
message string
}{
{"", "test"},
{"test", ""},
{"", ""},
{"test", reallyLongStringThatWouldTakeTooMuchSpace},
}
for _, form := range invalidRequests {
req := httptest.NewRequest("POST", testServer.URL, nil)
req.Form = map[string][]string{
"name": {form.name},
"message": {form.message},
}
responseRecorder := httptest.NewRecorder()
testServer.Config.Handler.ServeHTTP(responseRecorder, req)
if responseRecorder.Code != http.StatusBadRequest {
t.Errorf("expected status code 400, got %d", responseRecorder.Code)
}
}
entries, err = database.GetGuestbookEntries(db)
if err != nil {
t.Fatal(err)
}
if len(entries) != 0 {
t.Errorf("expected 0 entries, got %d", len(entries))
}
}

View File

@ -1,69 +0,0 @@
package api
import (
"encoding/json"
"fmt"
"net/http"
"strings"
)
func verifyCaptcha(secret, response string) error {
verifyURL := "https://hcaptcha.com/siteverify"
body := strings.NewReader("secret=" + secret + "&response=" + response)
req, err := http.NewRequest("POST", verifyURL, body)
if err != nil {
return err
}
req.Header.Set("Content-Type", "application/x-www-form-urlencoded")
client := &http.Client{}
resp, err := client.Do(req)
if err != nil {
return err
}
jsonResponse := struct {
Success bool `json:"success"`
}{}
err = json.NewDecoder(resp.Body).Decode(&jsonResponse)
if err != nil {
return err
}
if !jsonResponse.Success {
return fmt.Errorf("hcaptcha verification failed")
}
defer resp.Body.Close()
return nil
}
func CaptchaArgsContinuation(context *RequestContext, req *http.Request, resp http.ResponseWriter) ContinuationChain {
return func(success Continuation, failure Continuation) ContinuationChain {
(*context.TemplateData)["HcaptchaArgs"] = HcaptchaArgs{
SiteKey: context.Args.HcaptchaSiteKey,
}
return success(context, req, resp)
}
}
func CaptchaVerificationContinuation(context *RequestContext, req *http.Request, resp http.ResponseWriter) ContinuationChain {
return func(success Continuation, failure Continuation) ContinuationChain {
hCaptchaResponse := req.FormValue("h-captcha-response")
secretKey := context.Args.HcaptchaSecret
err := verifyCaptcha(secretKey, hCaptchaResponse)
if err != nil {
(*context.TemplateData)["FormError"] = FormError{
Errors: []string{"hCaptcha verification failed"},
}
resp.WriteHeader(http.StatusBadRequest)
return failure(context, req, resp)
}
return success(context, req, resp)
}
}

View File

@ -7,7 +7,6 @@ import (
"net/http" "net/http"
"time" "time"
"git.hatecomputers.club/hatecomputers/hatecomputers.club/adapters/cloudflare"
"git.hatecomputers.club/hatecomputers/hatecomputers.club/args" "git.hatecomputers.club/hatecomputers/hatecomputers.club/args"
"git.hatecomputers.club/hatecomputers/hatecomputers.club/database" "git.hatecomputers.club/hatecomputers/hatecomputers.club/database"
"git.hatecomputers.club/hatecomputers/hatecomputers.club/utils" "git.hatecomputers.club/hatecomputers/hatecomputers.club/utils"
@ -24,10 +23,6 @@ type RequestContext struct {
User *database.User User *database.User
} }
type FormError struct {
Errors []string
}
type Continuation func(*RequestContext, *http.Request, http.ResponseWriter) ContinuationChain type Continuation func(*RequestContext, *http.Request, http.ResponseWriter) ContinuationChain
type ContinuationChain func(Continuation, Continuation) ContinuationChain type ContinuationChain func(Continuation, Continuation) ContinuationChain
@ -85,15 +80,11 @@ func MakeServer(argv *args.Arguments, dbConn *sql.DB) *http.Server {
fileServer := http.FileServer(http.Dir(argv.StaticPath)) fileServer := http.FileServer(http.Dir(argv.StaticPath))
mux.Handle("GET /static/", http.StripPrefix("/static/", CacheControlMiddleware(fileServer, 3600))) mux.Handle("GET /static/", http.StripPrefix("/static/", CacheControlMiddleware(fileServer, 3600)))
cloudflareAdapter := &cloudflare.CloudflareExternalDNSAdapter{
APIToken: argv.CloudflareToken,
ZoneId: argv.CloudflareZone,
}
makeRequestContext := func() *RequestContext { makeRequestContext := func() *RequestContext {
return &RequestContext{ return &RequestContext{
DBConn: dbConn, DBConn: dbConn,
Args: argv, Args: argv,
TemplateData: &map[string]interface{}{}, TemplateData: &map[string]interface{}{},
} }
} }
@ -103,7 +94,7 @@ func MakeServer(argv *args.Arguments, dbConn *sql.DB) *http.Server {
LogRequestContinuation(requestContext, r, w)(VerifySessionContinuation, FailurePassingContinuation)(IdContinuation, IdContinuation)(TemplateContinuation("home.html", true), FailurePassingContinuation)(LogExecutionTimeContinuation, LogExecutionTimeContinuation)(IdContinuation, IdContinuation) LogRequestContinuation(requestContext, r, w)(VerifySessionContinuation, FailurePassingContinuation)(IdContinuation, IdContinuation)(TemplateContinuation("home.html", true), FailurePassingContinuation)(LogExecutionTimeContinuation, LogExecutionTimeContinuation)(IdContinuation, IdContinuation)
}) })
mux.HandleFunc("GET /health", func(w http.ResponseWriter, r *http.Request) { mux.HandleFunc("GET /api/health", func(w http.ResponseWriter, r *http.Request) {
requestContext := makeRequestContext() requestContext := makeRequestContext()
LogRequestContinuation(requestContext, r, w)(HealthCheckContinuation, FailurePassingContinuation)(LogExecutionTimeContinuation, LogExecutionTimeContinuation)(IdContinuation, IdContinuation) LogRequestContinuation(requestContext, r, w)(HealthCheckContinuation, FailurePassingContinuation)(LogExecutionTimeContinuation, LogExecutionTimeContinuation)(IdContinuation, IdContinuation)
}) })
@ -115,7 +106,12 @@ func MakeServer(argv *args.Arguments, dbConn *sql.DB) *http.Server {
mux.HandleFunc("GET /auth", func(w http.ResponseWriter, r *http.Request) { mux.HandleFunc("GET /auth", func(w http.ResponseWriter, r *http.Request) {
requestContext := makeRequestContext() requestContext := makeRequestContext()
LogRequestContinuation(requestContext, r, w)(InterceptOauthCodeContinuation, FailurePassingContinuation)(LogExecutionTimeContinuation, LogExecutionTimeContinuation)(IdContinuation, IdContinuation) LogRequestContinuation(requestContext, r, w)(InterceptCodeContinuation, FailurePassingContinuation)(LogExecutionTimeContinuation, LogExecutionTimeContinuation)(IdContinuation, IdContinuation)
})
mux.HandleFunc("GET /me", func(w http.ResponseWriter, r *http.Request) {
requestContext := makeRequestContext()
LogRequestContinuation(requestContext, r, w)(VerifySessionContinuation, FailurePassingContinuation)(RefreshSessionContinuation, GoLoginContinuation)(LogExecutionTimeContinuation, LogExecutionTimeContinuation)(IdContinuation, IdContinuation)
}) })
mux.HandleFunc("GET /logout", func(w http.ResponseWriter, r *http.Request) { mux.HandleFunc("GET /logout", func(w http.ResponseWriter, r *http.Request) {
@ -130,12 +126,12 @@ func MakeServer(argv *args.Arguments, dbConn *sql.DB) *http.Server {
mux.HandleFunc("POST /dns", func(w http.ResponseWriter, r *http.Request) { mux.HandleFunc("POST /dns", func(w http.ResponseWriter, r *http.Request) {
requestContext := makeRequestContext() requestContext := makeRequestContext()
LogRequestContinuation(requestContext, r, w)(VerifySessionContinuation, FailurePassingContinuation)(ListDNSRecordsContinuation, GoLoginContinuation)(CreateDNSRecordContinuation(cloudflareAdapter), FailurePassingContinuation)(TemplateContinuation("dns.html", true), TemplateContinuation("dns.html", true))(LogExecutionTimeContinuation, LogExecutionTimeContinuation)(IdContinuation, IdContinuation) LogRequestContinuation(requestContext, r, w)(VerifySessionContinuation, FailurePassingContinuation)(ListDNSRecordsContinuation, GoLoginContinuation)(CreateDNSRecordContinuation, FailurePassingContinuation)(TemplateContinuation("dns.html", true), TemplateContinuation("dns.html", true))(LogExecutionTimeContinuation, LogExecutionTimeContinuation)(IdContinuation, IdContinuation)
}) })
mux.HandleFunc("POST /dns/delete", func(w http.ResponseWriter, r *http.Request) { mux.HandleFunc("POST /dns/delete", func(w http.ResponseWriter, r *http.Request) {
requestContext := makeRequestContext() requestContext := makeRequestContext()
LogRequestContinuation(requestContext, r, w)(VerifySessionContinuation, FailurePassingContinuation)(DeleteDNSRecordContinuation(cloudflareAdapter), GoLoginContinuation)(LogExecutionTimeContinuation, LogExecutionTimeContinuation)(IdContinuation, IdContinuation) LogRequestContinuation(requestContext, r, w)(VerifySessionContinuation, FailurePassingContinuation)(DeleteDNSRecordContinuation, GoLoginContinuation)(LogExecutionTimeContinuation, LogExecutionTimeContinuation)(IdContinuation, IdContinuation)
}) })
mux.HandleFunc("GET /keys", func(w http.ResponseWriter, r *http.Request) { mux.HandleFunc("GET /keys", func(w http.ResponseWriter, r *http.Request) {
@ -155,12 +151,12 @@ func MakeServer(argv *args.Arguments, dbConn *sql.DB) *http.Server {
mux.HandleFunc("GET /guestbook", func(w http.ResponseWriter, r *http.Request) { mux.HandleFunc("GET /guestbook", func(w http.ResponseWriter, r *http.Request) {
requestContext := makeRequestContext() requestContext := makeRequestContext()
LogRequestContinuation(requestContext, r, w)(VerifySessionContinuation, FailurePassingContinuation)(CaptchaArgsContinuation, CaptchaArgsContinuation)(ListGuestbookContinuation, ListGuestbookContinuation)(TemplateContinuation("guestbook.html", true), FailurePassingContinuation)(LogExecutionTimeContinuation, LogExecutionTimeContinuation)(IdContinuation, IdContinuation) LogRequestContinuation(requestContext, r, w)(VerifySessionContinuation, FailurePassingContinuation)(HcaptchaArgsContinuation, HcaptchaArgsContinuation)(ListGuestbookContinuation, ListGuestbookContinuation)(TemplateContinuation("guestbook.html", true), FailurePassingContinuation)(LogExecutionTimeContinuation, LogExecutionTimeContinuation)(IdContinuation, IdContinuation)
}) })
mux.HandleFunc("POST /guestbook", func(w http.ResponseWriter, r *http.Request) { mux.HandleFunc("POST /guestbook", func(w http.ResponseWriter, r *http.Request) {
requestContext := makeRequestContext() requestContext := makeRequestContext()
LogRequestContinuation(requestContext, r, w)(VerifySessionContinuation, FailurePassingContinuation)(CaptchaVerificationContinuation, CaptchaVerificationContinuation)(SignGuestbookContinuation, FailurePassingContinuation)(ListGuestbookContinuation, ListGuestbookContinuation)(CaptchaArgsContinuation, CaptchaArgsContinuation)(TemplateContinuation("guestbook.html", true), TemplateContinuation("guestbook.html", true))(LogExecutionTimeContinuation, LogExecutionTimeContinuation)(IdContinuation, IdContinuation) LogRequestContinuation(requestContext, r, w)(VerifySessionContinuation, FailurePassingContinuation)(HcaptchaArgsContinuation, HcaptchaArgsContinuation)(SignGuestbookContinuation, FailurePassingContinuation)(ListGuestbookContinuation, ListGuestbookContinuation)(TemplateContinuation("guestbook.html", true), TemplateContinuation("guestbook.html", true))(LogExecutionTimeContinuation, LogExecutionTimeContinuation)(IdContinuation, IdContinuation)
}) })
mux.HandleFunc("GET /{name}", func(w http.ResponseWriter, r *http.Request) { mux.HandleFunc("GET /{name}", func(w http.ResponseWriter, r *http.Request) {

View File

@ -66,6 +66,7 @@ func TemplateContinuation(path string, showBase bool) Continuation {
return failure(context, req, resp) return failure(context, req, resp)
} }
resp.WriteHeader(200)
resp.Header().Set("Content-Type", "text/html") resp.Header().Set("Content-Type", "text/html")
resp.Write(html.Bytes()) resp.Write(html.Bytes())
return success(context, req, resp) return success(context, req, resp)

View File

@ -1,4 +1,4 @@
package hcdns_test package hcdns
import ( import (
"database/sql" "database/sql"
@ -16,7 +16,7 @@ import (
) )
func randomPort() int { func randomPort() int {
return rand.Intn(3000) + 5192 return rand.Intn(3000) + 1024
} }
func setup() (*sql.DB, *dns.Server, *string, *sync.Mutex, func()) { func setup() (*sql.DB, *dns.Server, *string, *sync.Mutex, func()) {
@ -60,65 +60,69 @@ func TestWhenCNAMEIsResolved(t *testing.T) {
defer cleanup() defer cleanup()
defer lock.Unlock() defer lock.Unlock()
records := []*database.DNSRecord{ cname := &database.DNSRecord{
{
ID: "0",
UserID: "test",
Name: "cname.internal.example.com.",
Type: "CNAME",
Content: "next.internal.example.com.",
TTL: 300,
Internal: true,
}, {
ID: "1", ID: "1",
UserID: "test", UserID: "test",
Name: "next.internal.example.com.", Name: "cname.internal.example.com.",
Type: "CNAME", Type: "CNAME",
Content: "res.example.com.", Content: "res.example.com.",
TTL: 300, TTL: 300,
Internal: true, Internal: true,
}, }
{ a := &database.DNSRecord{
ID: "2", ID: "2",
UserID: "test", UserID: "test",
Name: "res.example.com.", Name: "res.example.com.",
Type: "A", Type: "A",
Content: "1.2.3.2", Content: "127.0.0.1",
TTL: 300, TTL: 300,
Internal: true, Internal: true,
},
}
for _, record := range records {
database.SaveDNSRecord(testDb, record)
} }
database.SaveDNSRecord(testDb, cname)
database.SaveDNSRecord(testDb, a)
qtype := dns.TypeA qtype := dns.TypeA
domain := dns.Fqdn("cname.internal.example.com.") domain := dns.Fqdn(cname.Name)
client := &dns.Client{} client := &dns.Client{}
message := &dns.Msg{} message := &dns.Msg{}
message.SetQuestion(domain, qtype) message.SetQuestion(domain, qtype)
in, _, err := client.Exchange(message, *addr) in, _, err := client.Exchange(message, *addr)
if err != nil { if err != nil {
t.Fatal(err) t.Fatal(err)
} }
if len(in.Answer) != 3 { if len(in.Answer) != 2 {
t.Fatalf("expected 3 answers, got %d", len(in.Answer)) t.Fatalf("expected 2 answers, got %d", len(in.Answer))
} }
for i, record := range records { if in.Answer[0].Header().Name != cname.Name {
if in.Answer[i].Header().Name != record.Name { t.Fatalf("expected cname.internal.example.com., got %s", in.Answer[0].Header().Name)
t.Fatalf("expected %s, got %s", record.Name, in.Answer[i].Header().Name)
} }
if in.Answer[i].Header().Rrtype != dns.StringToType[record.Type] { if in.Answer[1].Header().Name != a.Name {
t.Fatalf("expected %s, got %d", record.Type, in.Answer[i].Header().Rrtype) t.Fatalf("expected res.example.com., got %s", in.Answer[1].Header().Name)
} }
if int(in.Answer[i].Header().Ttl) != record.TTL { if in.Answer[0].(*dns.CNAME).Target != a.Name {
t.Fatalf("expected %d, got %d", record.TTL, in.Answer[i].Header().Ttl) t.Fatalf("expected res.example.com., got %s", in.Answer[0].(*dns.CNAME).Target)
}
if in.Answer[1].(*dns.A).A.String() != a.Content {
t.Fatalf("expected %s, got %s", a.Content, in.Answer[1].(*dns.A).A.String())
}
if in.Answer[0].Header().Rrtype != dns.TypeCNAME {
t.Fatalf("expected CNAME, got %d", in.Answer[0].Header().Rrtype)
}
if in.Answer[1].Header().Rrtype != dns.TypeA {
t.Fatalf("expected A, got %d", in.Answer[1].Header().Rrtype)
}
if int(in.Answer[0].Header().Ttl) != cname.TTL {
t.Fatalf("expected %d, got %d", cname.TTL, in.Answer[0].Header().Ttl)
} }
if !in.Authoritative { if !in.Authoritative {
@ -126,11 +130,6 @@ func TestWhenCNAMEIsResolved(t *testing.T) {
} }
} }
if in.Answer[2].(*dns.A).A.String() != "1.2.3.2" {
t.Fatalf("expected final record to be the A record with correct IP")
}
}
func TestWhenNoRecordNxDomain(t *testing.T) { func TestWhenNoRecordNxDomain(t *testing.T) {
t.Log("TestWhenNoRecordNxDomain") t.Log("TestWhenNoRecordNxDomain")