Compare commits

..

No commits in common. "e398cf05402c010d594cea4e2dea307ca1a36dbe" and "c32ca84e8a1a87994d5233a2d51c640a368b88bc" have entirely different histories.

12 changed files with 238 additions and 491 deletions

View File

@ -14,20 +14,15 @@ type CloudflareDNSResponse struct {
Result database.DNSRecord `json:"result"`
}
type CloudflareExternalDNSAdapter struct {
ZoneId string
APIToken string
}
func (adapter *CloudflareExternalDNSAdapter) CreateDNSRecord(record *database.DNSRecord) (string, error) {
url := fmt.Sprintf("https://api.cloudflare.com/client/v4/zones/%s/dns_records", adapter.ZoneId)
func CreateDNSRecord(zoneId string, apiToken string, record *database.DNSRecord) (string, error) {
url := fmt.Sprintf("https://api.cloudflare.com/client/v4/zones/%s/dns_records", zoneId)
reqBody := fmt.Sprintf(`{"type":"%s","name":"%s","content":"%s","ttl":%d,"proxied":false}`, record.Type, record.Name, record.Content, record.TTL)
payload := strings.NewReader(reqBody)
req, _ := http.NewRequest("POST", url, payload)
req.Header.Add("Authorization", "Bearer "+adapter.APIToken)
req.Header.Add("Authorization", "Bearer "+apiToken)
req.Header.Add("Content-Type", "application/json")
res, err := http.DefaultClient.Do(req)
@ -53,12 +48,12 @@ func (adapter *CloudflareExternalDNSAdapter) CreateDNSRecord(record *database.DN
return result.ID, nil
}
func (adapter *CloudflareExternalDNSAdapter) DeleteDNSRecord(id string) error {
url := fmt.Sprintf("https://api.cloudflare.com/client/v4/zones/%s/dns_records/%s", adapter.ZoneId, id)
func DeleteDNSRecord(zoneId string, apiToken string, id string) error {
url := fmt.Sprintf("https://api.cloudflare.com/client/v4/zones/%s/dns_records/%s", zoneId, id)
req, _ := http.NewRequest("DELETE", url, nil)
req.Header.Add("Authorization", "Bearer "+adapter.APIToken)
req.Header.Add("Authorization", "Bearer "+apiToken)
res, err := http.DefaultClient.Do(req)
if err != nil {

View File

@ -1,8 +0,0 @@
package external_dns
import "git.hatecomputers.club/hatecomputers/hatecomputers.club/database"
type ExternalDNSAdapter interface {
CreateDNSRecord(record *database.DNSRecord) (string, error)
DeleteDNSRecord(id string) error
}

View File

@ -50,7 +50,7 @@ func StartSessionContinuation(context *RequestContext, req *http.Request, resp h
}
}
func InterceptOauthCodeContinuation(context *RequestContext, req *http.Request, resp http.ResponseWriter) ContinuationChain {
func InterceptCodeContinuation(context *RequestContext, req *http.Request, resp http.ResponseWriter) ContinuationChain {
return func(success Continuation, failure Continuation) ContinuationChain {
state := req.URL.Query().Get("state")
code := req.URL.Query().Get("code")

View File

@ -1,37 +0,0 @@
package api_test
import (
"database/sql"
"os"
"testing"
"git.hatecomputers.club/hatecomputers/hatecomputers.club/api"
"git.hatecomputers.club/hatecomputers/hatecomputers.club/args"
"git.hatecomputers.club/hatecomputers/hatecomputers.club/database"
"git.hatecomputers.club/hatecomputers/hatecomputers.club/utils"
)
func setup() (*sql.DB, *api.RequestContext, func()) {
randomDb := utils.RandomId()
testDb := database.MakeConn(&randomDb)
database.Migrate(testDb)
context := &api.RequestContext{
DBConn: testDb,
Args: &args.Arguments{},
TemplateData: &(map[string]interface{}{}),
}
return testDb, context, func() {
testDb.Close()
os.Remove(randomDb)
}
}
/*
todo: test api key creation
+ api key attached to user
+ user session is unique
+ goLogin goes to page in cookie
*/

View File

@ -8,25 +8,30 @@ import (
"strconv"
"strings"
"git.hatecomputers.club/hatecomputers/hatecomputers.club/adapters"
"git.hatecomputers.club/hatecomputers/hatecomputers.club/adapters/cloudflare"
"git.hatecomputers.club/hatecomputers/hatecomputers.club/database"
"git.hatecomputers.club/hatecomputers/hatecomputers.club/utils"
)
const MAX_USER_RECORDS = 65
var USER_OWNED_INTERNAL_FMT_DOMAINS = []string{"%s", "%s.endpoints"}
type FormError struct {
Errors []string
}
func userCanFuckWithDNSRecord(dbConn *sql.DB, user *database.User, record *database.DNSRecord, ownedInternalDomainFormats []string) bool {
func userCanFuckWithDNSRecord(dbConn *sql.DB, user *database.User, record *database.DNSRecord) bool {
ownedByUser := (user.ID == record.UserID)
if !ownedByUser {
return false
}
if !record.Internal {
for _, format := range ownedInternalDomainFormats {
domain := fmt.Sprintf(format, user.Username)
userOwnedDomains := []string{
fmt.Sprintf("%s", user.Username),
fmt.Sprintf("%s.endpoints", user.Username),
}
for _, domain := range userOwnedDomains {
isInSubDomain := strings.HasSuffix(record.Name, "."+domain)
if domain == record.Name || isInSubDomain {
return true
@ -59,119 +64,116 @@ func ListDNSRecordsContinuation(context *RequestContext, req *http.Request, resp
}
}
func CreateDNSRecordContinuation(dnsAdapter external_dns.ExternalDNSAdapter) func(context *RequestContext, req *http.Request, resp http.ResponseWriter) ContinuationChain {
return func(context *RequestContext, req *http.Request, resp http.ResponseWriter) ContinuationChain {
return func(success Continuation, failure Continuation) ContinuationChain {
formErrors := FormError{
Errors: []string{},
}
func CreateDNSRecordContinuation(context *RequestContext, req *http.Request, resp http.ResponseWriter) ContinuationChain {
return func(success Continuation, failure Continuation) ContinuationChain {
formErrors := FormError{
Errors: []string{},
}
internal := req.FormValue("internal") == "on"
name := req.FormValue("name")
if internal && !strings.HasSuffix(name, ".") {
name += "."
}
internal := req.FormValue("internal") == "on"
name := req.FormValue("name")
if internal && !strings.HasSuffix(name, ".") {
name += "."
}
recordType := req.FormValue("type")
recordType = strings.ToUpper(recordType)
recordType := req.FormValue("type")
recordType = strings.ToUpper(recordType)
recordContent := req.FormValue("content")
ttl := req.FormValue("ttl")
ttlNum, err := strconv.Atoi(ttl)
if err != nil {
formErrors.Errors = append(formErrors.Errors, "invalid ttl")
}
recordContent := req.FormValue("content")
ttl := req.FormValue("ttl")
ttlNum, err := strconv.Atoi(ttl)
if err != nil {
formErrors.Errors = append(formErrors.Errors, "invalid ttl")
}
dnsRecordCount, err := database.CountUserDNSRecords(context.DBConn, context.User.ID)
if err != nil {
log.Println(err)
resp.WriteHeader(http.StatusInternalServerError)
return failure(context, req, resp)
}
if dnsRecordCount >= MAX_USER_RECORDS {
formErrors.Errors = append(formErrors.Errors, "max records reached")
}
dnsRecord := &database.DNSRecord{
UserID: context.User.ID,
Name: name,
Type: recordType,
Content: recordContent,
TTL: ttlNum,
Internal: internal,
}
if !userCanFuckWithDNSRecord(context.DBConn, context.User, dnsRecord, USER_OWNED_INTERNAL_FMT_DOMAINS) {
formErrors.Errors = append(formErrors.Errors, "'name' must end with "+context.User.Username+" or you must be a domain owner for internal domains")
}
if len(formErrors.Errors) == 0 {
if dnsRecord.Internal {
dnsRecord.ID = utils.RandomId()
} else {
dnsRecord.ID, err = dnsAdapter.CreateDNSRecord(dnsRecord)
if err != nil {
log.Println(err)
formErrors.Errors = append(formErrors.Errors, err.Error())
}
}
}
if len(formErrors.Errors) == 0 {
_, err := database.SaveDNSRecord(context.DBConn, dnsRecord)
if err != nil {
log.Println(err)
formErrors.Errors = append(formErrors.Errors, "error saving record")
}
}
if len(formErrors.Errors) == 0 {
http.Redirect(resp, req, "/dns", http.StatusFound)
return success(context, req, resp)
}
(*context.TemplateData)["FormError"] = &formErrors
(*context.TemplateData)["RecordForm"] = dnsRecord
resp.WriteHeader(http.StatusBadRequest)
dnsRecordCount, err := database.CountUserDNSRecords(context.DBConn, context.User.ID)
if err != nil {
log.Println(err)
resp.WriteHeader(http.StatusInternalServerError)
return failure(context, req, resp)
}
}
}
if dnsRecordCount >= MAX_USER_RECORDS {
formErrors.Errors = append(formErrors.Errors, "max records reached")
}
func DeleteDNSRecordContinuation(dnsAdapter external_dns.ExternalDNSAdapter) func(context *RequestContext, req *http.Request, resp http.ResponseWriter) ContinuationChain {
return func(context *RequestContext, req *http.Request, resp http.ResponseWriter) ContinuationChain {
return func(success Continuation, failure Continuation) ContinuationChain {
recordId := req.FormValue("id")
record, err := database.GetDNSRecord(context.DBConn, recordId)
if err != nil {
log.Println(err)
resp.WriteHeader(http.StatusInternalServerError)
return failure(context, req, resp)
}
dnsRecord := &database.DNSRecord{
UserID: context.User.ID,
Name: name,
Type: recordType,
Content: recordContent,
TTL: ttlNum,
Internal: internal,
}
if !userCanFuckWithDNSRecord(context.DBConn, context.User, dnsRecord) {
formErrors.Errors = append(formErrors.Errors, "'name' must end with "+context.User.Username+" or you must be a domain owner for internal domains")
}
if !userCanFuckWithDNSRecord(context.DBConn, context.User, record, USER_OWNED_INTERNAL_FMT_DOMAINS) {
resp.WriteHeader(http.StatusUnauthorized)
return failure(context, req, resp)
}
if !record.Internal {
err = dnsAdapter.DeleteDNSRecord(recordId)
if len(formErrors.Errors) == 0 {
if dnsRecord.Internal {
dnsRecord.ID = utils.RandomId()
} else {
cloudflareRecordId, err := cloudflare.CreateDNSRecord(context.Args.CloudflareZone, context.Args.CloudflareToken, dnsRecord)
if err != nil {
log.Println(err)
resp.WriteHeader(http.StatusInternalServerError)
return failure(context, req, resp)
formErrors.Errors = append(formErrors.Errors, err.Error())
}
}
err = database.DeleteDNSRecord(context.DBConn, recordId)
dnsRecord.ID = cloudflareRecordId
}
}
if len(formErrors.Errors) == 0 {
_, err := database.SaveDNSRecord(context.DBConn, dnsRecord)
if err != nil {
resp.WriteHeader(http.StatusInternalServerError)
return failure(context, req, resp)
log.Println(err)
formErrors.Errors = append(formErrors.Errors, "error saving record")
}
}
if len(formErrors.Errors) == 0 {
http.Redirect(resp, req, "/dns", http.StatusFound)
return success(context, req, resp)
}
(*context.TemplateData)["FormError"] = &formErrors
(*context.TemplateData)["RecordForm"] = dnsRecord
resp.WriteHeader(http.StatusBadRequest)
return failure(context, req, resp)
}
}
func DeleteDNSRecordContinuation(context *RequestContext, req *http.Request, resp http.ResponseWriter) ContinuationChain {
return func(success Continuation, failure Continuation) ContinuationChain {
recordId := req.FormValue("id")
record, err := database.GetDNSRecord(context.DBConn, recordId)
if err != nil {
log.Println(err)
resp.WriteHeader(http.StatusInternalServerError)
return failure(context, req, resp)
}
if !userCanFuckWithDNSRecord(context.DBConn, context.User, record) {
resp.WriteHeader(http.StatusUnauthorized)
return failure(context, req, resp)
}
if !record.Internal {
err = cloudflare.DeleteDNSRecord(context.Args.CloudflareZone, context.Args.CloudflareToken, recordId)
if err != nil {
log.Println(err)
resp.WriteHeader(http.StatusInternalServerError)
return failure(context, req, resp)
}
}
err = database.DeleteDNSRecord(context.DBConn, recordId)
if err != nil {
resp.WriteHeader(http.StatusInternalServerError)
return failure(context, req, resp)
}
http.Redirect(resp, req, "/dns", http.StatusFound)
return success(context, req, resp)
}
}

View File

@ -1,56 +0,0 @@
package api_test
import (
"database/sql"
"net/http"
"net/http/httptest"
"os"
"testing"
"git.hatecomputers.club/hatecomputers/hatecomputers.club/api"
"git.hatecomputers.club/hatecomputers/hatecomputers.club/args"
"git.hatecomputers.club/hatecomputers/hatecomputers.club/database"
"git.hatecomputers.club/hatecomputers/hatecomputers.club/utils"
)
func setup() (*sql.DB, *api.RequestContext, func()) {
randomDb := utils.RandomId()
testDb := database.MakeConn(&randomDb)
database.Migrate(testDb)
context := &api.RequestContext{
DBConn: testDb,
Args: &args.Arguments{},
TemplateData: &(map[string]interface{}{}),
}
return testDb, context, func() {
testDb.Close()
os.Remove(randomDb)
}
}
func TestThatOwnerCanPutRecordInDomain(t *testing.T) {
db, context, cleanup := setup()
defer cleanup()
testUser := &database.User{
ID: "test",
Username: "test",
}
records, err := database.GetUserDNSRecords(db, context.User.ID)
if err != nil {
t.Fatal(err)
}
if len(records) > 0 {
t.Errorf("expected no records, got records")
}
ts := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
api.PutDNSRecordContinuation(context, r, w)(api.IdContinuation, api.IdContinuation)
}))
defer ts.Close()
}

View File

@ -1,6 +1,8 @@
package api
import (
"encoding/json"
"fmt"
"log"
"net/http"
"strings"
@ -41,11 +43,16 @@ func SignGuestbookContinuation(context *RequestContext, req *http.Request, resp
return func(success Continuation, failure Continuation) ContinuationChain {
name := req.FormValue("name")
message := req.FormValue("message")
hCaptchaResponse := req.FormValue("h-captcha-response")
formErrors := FormError{
Errors: []string{},
}
if hCaptchaResponse == "" {
formErrors.Errors = append(formErrors.Errors, "hCaptcha is required")
}
entry := &database.GuestbookEntry{
ID: utils.RandomId(),
Name: name,
@ -53,19 +60,22 @@ func SignGuestbookContinuation(context *RequestContext, req *http.Request, resp
}
formErrors.Errors = append(formErrors.Errors, validateGuestbookEntry(entry)...)
if len(formErrors.Errors) == 0 {
_, err := database.SaveGuestbookEntry(context.DBConn, entry)
if err != nil {
log.Println(err)
formErrors.Errors = append(formErrors.Errors, "failed to save entry")
}
}
err := verifyHCaptcha(context.Args.HcaptchaSecret, hCaptchaResponse)
if err != nil {
log.Println(err)
formErrors.Errors = append(formErrors.Errors, "hCaptcha verification failed")
}
if len(formErrors.Errors) > 0 {
(*context.TemplateData)["FormError"] = formErrors
(*context.TemplateData)["EntryForm"] = entry
resp.WriteHeader(http.StatusBadRequest)
return failure(context, req, resp)
}
_, err = database.SaveGuestbookEntry(context.DBConn, entry)
if err != nil {
log.Println(err)
resp.WriteHeader(http.StatusInternalServerError)
return failure(context, req, resp)
}
@ -86,3 +96,46 @@ func ListGuestbookContinuation(context *RequestContext, req *http.Request, resp
return success(context, req, resp)
}
}
func HcaptchaArgsContinuation(context *RequestContext, req *http.Request, resp http.ResponseWriter) ContinuationChain {
return func(success Continuation, failure Continuation) ContinuationChain {
(*context.TemplateData)["HcaptchaArgs"] = HcaptchaArgs{
SiteKey: context.Args.HcaptchaSiteKey,
}
log.Println(context.Args.HcaptchaSiteKey)
return success(context, req, resp)
}
}
func verifyHCaptcha(secret, response string) error {
verifyURL := "https://hcaptcha.com/siteverify"
body := strings.NewReader("secret=" + secret + "&response=" + response)
req, err := http.NewRequest("POST", verifyURL, body)
if err != nil {
return err
}
req.Header.Set("Content-Type", "application/x-www-form-urlencoded")
client := &http.Client{}
resp, err := client.Do(req)
if err != nil {
return err
}
jsonResponse := struct {
Success bool `json:"success"`
}{}
err = json.NewDecoder(resp.Body).Decode(&jsonResponse)
if err != nil {
return err
}
if !jsonResponse.Success {
return fmt.Errorf("hcaptcha verification failed")
}
defer resp.Body.Close()
return nil
}

View File

@ -1,129 +0,0 @@
package api_test
import (
"database/sql"
"net/http"
"net/http/httptest"
"os"
"testing"
"git.hatecomputers.club/hatecomputers/hatecomputers.club/api"
"git.hatecomputers.club/hatecomputers/hatecomputers.club/args"
"git.hatecomputers.club/hatecomputers/hatecomputers.club/database"
"git.hatecomputers.club/hatecomputers/hatecomputers.club/utils"
)
func setup() (*sql.DB, *api.RequestContext, func()) {
randomDb := utils.RandomId()
testDb := database.MakeConn(&randomDb)
database.Migrate(testDb)
context := &api.RequestContext{
DBConn: testDb,
Args: &args.Arguments{},
TemplateData: &(map[string]interface{}{}),
}
return testDb, context, func() {
testDb.Close()
os.Remove(randomDb)
}
}
func TestValidGuestbookPutsInDatabase(t *testing.T) {
db, context, cleanup := setup()
defer cleanup()
entries, err := database.GetGuestbookEntries(db)
if err != nil {
t.Fatal(err)
}
if len(entries) > 0 {
t.Errorf("expected no entries, got entries")
}
ts := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
api.SignGuestbookContinuation(context, r, w)(api.IdContinuation, api.IdContinuation)
}))
defer ts.Close()
req := httptest.NewRequest("POST", ts.URL, nil)
req.Form = map[string][]string{
"name": {"test"},
"message": {"test"},
}
w := httptest.NewRecorder()
ts.Config.Handler.ServeHTTP(w, req)
if w.Code != http.StatusOK {
t.Errorf("expected status code 200, got %d", w.Code)
}
entries, err = database.GetGuestbookEntries(db)
if err != nil {
t.Fatal(err)
}
if len(entries) != 1 {
t.Errorf("expected 1 entry, got %d", len(entries))
}
if entries[0].Name != req.FormValue("name") {
t.Errorf("expected name %s, got %s", req.FormValue("name"), entries[0].Name)
}
}
func TestInvalidGuestbookNotFoundInDatabase(t *testing.T) {
db, context, cleanup := setup()
defer cleanup()
entries, err := database.GetGuestbookEntries(db)
if err != nil {
t.Fatal(err)
}
if len(entries) > 0 {
t.Errorf("expected no entries, got entries")
}
testServer := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
api.SignGuestbookContinuation(context, r, w)(api.IdContinuation, api.IdContinuation)
}))
defer testServer.Close()
reallyLongStringThatWouldTakeTooMuchSpace := "a\na\na\na\na\na\na\na\na\na\na\n"
invalidRequests := []struct {
name string
message string
}{
{"", "test"},
{"test", ""},
{"", ""},
{"test", reallyLongStringThatWouldTakeTooMuchSpace},
}
for _, form := range invalidRequests {
req := httptest.NewRequest("POST", testServer.URL, nil)
req.Form = map[string][]string{
"name": {form.name},
"message": {form.message},
}
responseRecorder := httptest.NewRecorder()
testServer.Config.Handler.ServeHTTP(responseRecorder, req)
if responseRecorder.Code != http.StatusBadRequest {
t.Errorf("expected status code 400, got %d", responseRecorder.Code)
}
}
entries, err = database.GetGuestbookEntries(db)
if err != nil {
t.Fatal(err)
}
if len(entries) != 0 {
t.Errorf("expected 0 entries, got %d", len(entries))
}
}

View File

@ -1,69 +0,0 @@
package api
import (
"encoding/json"
"fmt"
"net/http"
"strings"
)
func verifyCaptcha(secret, response string) error {
verifyURL := "https://hcaptcha.com/siteverify"
body := strings.NewReader("secret=" + secret + "&response=" + response)
req, err := http.NewRequest("POST", verifyURL, body)
if err != nil {
return err
}
req.Header.Set("Content-Type", "application/x-www-form-urlencoded")
client := &http.Client{}
resp, err := client.Do(req)
if err != nil {
return err
}
jsonResponse := struct {
Success bool `json:"success"`
}{}
err = json.NewDecoder(resp.Body).Decode(&jsonResponse)
if err != nil {
return err
}
if !jsonResponse.Success {
return fmt.Errorf("hcaptcha verification failed")
}
defer resp.Body.Close()
return nil
}
func CaptchaArgsContinuation(context *RequestContext, req *http.Request, resp http.ResponseWriter) ContinuationChain {
return func(success Continuation, failure Continuation) ContinuationChain {
(*context.TemplateData)["HcaptchaArgs"] = HcaptchaArgs{
SiteKey: context.Args.HcaptchaSiteKey,
}
return success(context, req, resp)
}
}
func CaptchaVerificationContinuation(context *RequestContext, req *http.Request, resp http.ResponseWriter) ContinuationChain {
return func(success Continuation, failure Continuation) ContinuationChain {
hCaptchaResponse := req.FormValue("h-captcha-response")
secretKey := context.Args.HcaptchaSecret
err := verifyCaptcha(secretKey, hCaptchaResponse)
if err != nil {
(*context.TemplateData)["FormError"] = FormError{
Errors: []string{"hCaptcha verification failed"},
}
resp.WriteHeader(http.StatusBadRequest)
return failure(context, req, resp)
}
return success(context, req, resp)
}
}

View File

@ -7,7 +7,6 @@ import (
"net/http"
"time"
"git.hatecomputers.club/hatecomputers/hatecomputers.club/adapters/cloudflare"
"git.hatecomputers.club/hatecomputers/hatecomputers.club/args"
"git.hatecomputers.club/hatecomputers/hatecomputers.club/database"
"git.hatecomputers.club/hatecomputers/hatecomputers.club/utils"
@ -24,10 +23,6 @@ type RequestContext struct {
User *database.User
}
type FormError struct {
Errors []string
}
type Continuation func(*RequestContext, *http.Request, http.ResponseWriter) ContinuationChain
type ContinuationChain func(Continuation, Continuation) ContinuationChain
@ -85,15 +80,11 @@ func MakeServer(argv *args.Arguments, dbConn *sql.DB) *http.Server {
fileServer := http.FileServer(http.Dir(argv.StaticPath))
mux.Handle("GET /static/", http.StripPrefix("/static/", CacheControlMiddleware(fileServer, 3600)))
cloudflareAdapter := &cloudflare.CloudflareExternalDNSAdapter{
APIToken: argv.CloudflareToken,
ZoneId: argv.CloudflareZone,
}
makeRequestContext := func() *RequestContext {
return &RequestContext{
DBConn: dbConn,
Args: argv,
DBConn: dbConn,
Args: argv,
TemplateData: &map[string]interface{}{},
}
}
@ -103,7 +94,7 @@ func MakeServer(argv *args.Arguments, dbConn *sql.DB) *http.Server {
LogRequestContinuation(requestContext, r, w)(VerifySessionContinuation, FailurePassingContinuation)(IdContinuation, IdContinuation)(TemplateContinuation("home.html", true), FailurePassingContinuation)(LogExecutionTimeContinuation, LogExecutionTimeContinuation)(IdContinuation, IdContinuation)
})
mux.HandleFunc("GET /health", func(w http.ResponseWriter, r *http.Request) {
mux.HandleFunc("GET /api/health", func(w http.ResponseWriter, r *http.Request) {
requestContext := makeRequestContext()
LogRequestContinuation(requestContext, r, w)(HealthCheckContinuation, FailurePassingContinuation)(LogExecutionTimeContinuation, LogExecutionTimeContinuation)(IdContinuation, IdContinuation)
})
@ -115,7 +106,12 @@ func MakeServer(argv *args.Arguments, dbConn *sql.DB) *http.Server {
mux.HandleFunc("GET /auth", func(w http.ResponseWriter, r *http.Request) {
requestContext := makeRequestContext()
LogRequestContinuation(requestContext, r, w)(InterceptOauthCodeContinuation, FailurePassingContinuation)(LogExecutionTimeContinuation, LogExecutionTimeContinuation)(IdContinuation, IdContinuation)
LogRequestContinuation(requestContext, r, w)(InterceptCodeContinuation, FailurePassingContinuation)(LogExecutionTimeContinuation, LogExecutionTimeContinuation)(IdContinuation, IdContinuation)
})
mux.HandleFunc("GET /me", func(w http.ResponseWriter, r *http.Request) {
requestContext := makeRequestContext()
LogRequestContinuation(requestContext, r, w)(VerifySessionContinuation, FailurePassingContinuation)(RefreshSessionContinuation, GoLoginContinuation)(LogExecutionTimeContinuation, LogExecutionTimeContinuation)(IdContinuation, IdContinuation)
})
mux.HandleFunc("GET /logout", func(w http.ResponseWriter, r *http.Request) {
@ -130,12 +126,12 @@ func MakeServer(argv *args.Arguments, dbConn *sql.DB) *http.Server {
mux.HandleFunc("POST /dns", func(w http.ResponseWriter, r *http.Request) {
requestContext := makeRequestContext()
LogRequestContinuation(requestContext, r, w)(VerifySessionContinuation, FailurePassingContinuation)(ListDNSRecordsContinuation, GoLoginContinuation)(CreateDNSRecordContinuation(cloudflareAdapter), FailurePassingContinuation)(TemplateContinuation("dns.html", true), TemplateContinuation("dns.html", true))(LogExecutionTimeContinuation, LogExecutionTimeContinuation)(IdContinuation, IdContinuation)
LogRequestContinuation(requestContext, r, w)(VerifySessionContinuation, FailurePassingContinuation)(ListDNSRecordsContinuation, GoLoginContinuation)(CreateDNSRecordContinuation, FailurePassingContinuation)(TemplateContinuation("dns.html", true), TemplateContinuation("dns.html", true))(LogExecutionTimeContinuation, LogExecutionTimeContinuation)(IdContinuation, IdContinuation)
})
mux.HandleFunc("POST /dns/delete", func(w http.ResponseWriter, r *http.Request) {
requestContext := makeRequestContext()
LogRequestContinuation(requestContext, r, w)(VerifySessionContinuation, FailurePassingContinuation)(DeleteDNSRecordContinuation(cloudflareAdapter), GoLoginContinuation)(LogExecutionTimeContinuation, LogExecutionTimeContinuation)(IdContinuation, IdContinuation)
LogRequestContinuation(requestContext, r, w)(VerifySessionContinuation, FailurePassingContinuation)(DeleteDNSRecordContinuation, GoLoginContinuation)(LogExecutionTimeContinuation, LogExecutionTimeContinuation)(IdContinuation, IdContinuation)
})
mux.HandleFunc("GET /keys", func(w http.ResponseWriter, r *http.Request) {
@ -155,12 +151,12 @@ func MakeServer(argv *args.Arguments, dbConn *sql.DB) *http.Server {
mux.HandleFunc("GET /guestbook", func(w http.ResponseWriter, r *http.Request) {
requestContext := makeRequestContext()
LogRequestContinuation(requestContext, r, w)(VerifySessionContinuation, FailurePassingContinuation)(CaptchaArgsContinuation, CaptchaArgsContinuation)(ListGuestbookContinuation, ListGuestbookContinuation)(TemplateContinuation("guestbook.html", true), FailurePassingContinuation)(LogExecutionTimeContinuation, LogExecutionTimeContinuation)(IdContinuation, IdContinuation)
LogRequestContinuation(requestContext, r, w)(VerifySessionContinuation, FailurePassingContinuation)(HcaptchaArgsContinuation, HcaptchaArgsContinuation)(ListGuestbookContinuation, ListGuestbookContinuation)(TemplateContinuation("guestbook.html", true), FailurePassingContinuation)(LogExecutionTimeContinuation, LogExecutionTimeContinuation)(IdContinuation, IdContinuation)
})
mux.HandleFunc("POST /guestbook", func(w http.ResponseWriter, r *http.Request) {
requestContext := makeRequestContext()
LogRequestContinuation(requestContext, r, w)(VerifySessionContinuation, FailurePassingContinuation)(CaptchaVerificationContinuation, CaptchaVerificationContinuation)(SignGuestbookContinuation, FailurePassingContinuation)(ListGuestbookContinuation, ListGuestbookContinuation)(CaptchaArgsContinuation, CaptchaArgsContinuation)(TemplateContinuation("guestbook.html", true), TemplateContinuation("guestbook.html", true))(LogExecutionTimeContinuation, LogExecutionTimeContinuation)(IdContinuation, IdContinuation)
LogRequestContinuation(requestContext, r, w)(VerifySessionContinuation, FailurePassingContinuation)(HcaptchaArgsContinuation, HcaptchaArgsContinuation)(SignGuestbookContinuation, FailurePassingContinuation)(ListGuestbookContinuation, ListGuestbookContinuation)(TemplateContinuation("guestbook.html", true), TemplateContinuation("guestbook.html", true))(LogExecutionTimeContinuation, LogExecutionTimeContinuation)(IdContinuation, IdContinuation)
})
mux.HandleFunc("GET /{name}", func(w http.ResponseWriter, r *http.Request) {

View File

@ -66,6 +66,7 @@ func TemplateContinuation(path string, showBase bool) Continuation {
return failure(context, req, resp)
}
resp.WriteHeader(200)
resp.Header().Set("Content-Type", "text/html")
resp.Write(html.Bytes())
return success(context, req, resp)

View File

@ -1,4 +1,4 @@
package hcdns_test
package hcdns
import (
"database/sql"
@ -16,7 +16,7 @@ import (
)
func randomPort() int {
return rand.Intn(3000) + 5192
return rand.Intn(3000) + 1024
}
func setup() (*sql.DB, *dns.Server, *string, *sync.Mutex, func()) {
@ -60,74 +60,73 @@ func TestWhenCNAMEIsResolved(t *testing.T) {
defer cleanup()
defer lock.Unlock()
records := []*database.DNSRecord{
{
ID: "0",
UserID: "test",
Name: "cname.internal.example.com.",
Type: "CNAME",
Content: "next.internal.example.com.",
TTL: 300,
Internal: true,
}, {
ID: "1",
UserID: "test",
Name: "next.internal.example.com.",
Type: "CNAME",
Content: "res.example.com.",
TTL: 300,
Internal: true,
},
{
ID: "2",
UserID: "test",
Name: "res.example.com.",
Type: "A",
Content: "1.2.3.2",
TTL: 300,
Internal: true,
},
cname := &database.DNSRecord{
ID: "1",
UserID: "test",
Name: "cname.internal.example.com.",
Type: "CNAME",
Content: "res.example.com.",
TTL: 300,
Internal: true,
}
for _, record := range records {
database.SaveDNSRecord(testDb, record)
a := &database.DNSRecord{
ID: "2",
UserID: "test",
Name: "res.example.com.",
Type: "A",
Content: "127.0.0.1",
TTL: 300,
Internal: true,
}
database.SaveDNSRecord(testDb, cname)
database.SaveDNSRecord(testDb, a)
qtype := dns.TypeA
domain := dns.Fqdn("cname.internal.example.com.")
domain := dns.Fqdn(cname.Name)
client := &dns.Client{}
message := &dns.Msg{}
message.SetQuestion(domain, qtype)
in, _, err := client.Exchange(message, *addr)
if err != nil {
t.Fatal(err)
}
if len(in.Answer) != 3 {
t.Fatalf("expected 3 answers, got %d", len(in.Answer))
if len(in.Answer) != 2 {
t.Fatalf("expected 2 answers, got %d", len(in.Answer))
}
for i, record := range records {
if in.Answer[i].Header().Name != record.Name {
t.Fatalf("expected %s, got %s", record.Name, in.Answer[i].Header().Name)
}
if in.Answer[i].Header().Rrtype != dns.StringToType[record.Type] {
t.Fatalf("expected %s, got %d", record.Type, in.Answer[i].Header().Rrtype)
}
if int(in.Answer[i].Header().Ttl) != record.TTL {
t.Fatalf("expected %d, got %d", record.TTL, in.Answer[i].Header().Ttl)
}
if !in.Authoritative {
t.Fatalf("expected authoritative response")
}
if in.Answer[0].Header().Name != cname.Name {
t.Fatalf("expected cname.internal.example.com., got %s", in.Answer[0].Header().Name)
}
if in.Answer[2].(*dns.A).A.String() != "1.2.3.2" {
t.Fatalf("expected final record to be the A record with correct IP")
if in.Answer[1].Header().Name != a.Name {
t.Fatalf("expected res.example.com., got %s", in.Answer[1].Header().Name)
}
if in.Answer[0].(*dns.CNAME).Target != a.Name {
t.Fatalf("expected res.example.com., got %s", in.Answer[0].(*dns.CNAME).Target)
}
if in.Answer[1].(*dns.A).A.String() != a.Content {
t.Fatalf("expected %s, got %s", a.Content, in.Answer[1].(*dns.A).A.String())
}
if in.Answer[0].Header().Rrtype != dns.TypeCNAME {
t.Fatalf("expected CNAME, got %d", in.Answer[0].Header().Rrtype)
}
if in.Answer[1].Header().Rrtype != dns.TypeA {
t.Fatalf("expected A, got %d", in.Answer[1].Header().Rrtype)
}
if int(in.Answer[0].Header().Ttl) != cname.TTL {
t.Fatalf("expected %d, got %d", cname.TTL, in.Answer[0].Header().Ttl)
}
if !in.Authoritative {
t.Fatalf("expected authoritative response")
}
}