Merge branch 'beta'

gentee · Feb 19, 2021 · 421e46f · 421e46f
2 parents b29dba2 + 0f30f7f
commit 421e46f
Show file tree

Hide file tree

Showing 23 changed files with 1,097 additions and 616 deletions.
diff --git a/api.go b/api.go
@@ -133,6 +133,7 @@ func runHandle(c echo.Context) error {
 			title = val
 		}
 	}
+	user := c.(*Auth).User
 	header := script.Header{
 		Name:         name,
 		Title:        title,
@@ -142,7 +143,9 @@ func runHandle(c echo.Context) error {
 		Console:      console,
 		IsPlayground: cfg.playground,
 		IP:           c.RealIP(),
-		UserID:       c.(*Auth).User.ID,
+		User:         *user,
+		ClaimKey:     cfg.HTTP.JWTKey + sessionKey,
+		IsPro:        storage.Trial.Mode > TrialOff,
 		Constants:    storage.Settings.Constants,
 		Lang:         langCode,
 		TaskID:       lib.RndNum(),

diff --git a/assets.go b/assets.go
diff --git a/auth.go b/auth.go
@@ -5,20 +5,31 @@
 package main
 
 import (
-	"eonza/lib"
 	"net"
 	"net/http"
 	"strings"
 	"time"
 
+	"eonza/lib"
+	"eonza/users"
+
 	"github.com/dgrijalva/jwt-go"
 	"github.com/labstack/echo/v4"
 	"golang.org/x/crypto/bcrypt"
 )
 
+/*type Auth struct {
+	echo.Context
+	User *users.User
+	Lang string
+}*/
+
+type Auth = users.Auth
+
 type Claims struct {
-	Counter  int64
-	Username string
+	Counter uint32
+	UserID  uint32
+	RoleID  uint32
 	jwt.StandardClaims
 }
 
@@ -56,8 +67,8 @@ func accessIP(curIP, originalIP string) bool {
 func AuthHandle(next echo.HandlerFunc) echo.HandlerFunc {
 	return func(c echo.Context) (err error) {
 		var (
-			access   string
-			isAccess bool
+			access       string
+			isAccess, ok bool
 		)
 		ip := c.RealIP()
 		if len(cfg.Whitelist) > 0 {
@@ -106,71 +117,95 @@ func AuthHandle(next echo.HandlerFunc) echo.HandlerFunc {
 		mutex.Lock()
 		defer mutex.Unlock()
 
-		if len(storage.Settings.PasswordHash) > 0 && (url == `/` || strings.HasPrefix(url, `/api`) ||
-			strings.HasPrefix(url, `/ws`) || strings.HasPrefix(url, `/task`)) {
-			hashid := getCookie(c, "hashid")
-			jwtData := getCookie(c, "jwt")
-			if len(hashid) > 0 {
-				if item, ok := sessions[hashid]; ok {
-					c.SetCookie(&http.Cookie{
-						Name:     "jwt",
-						Value:    item.Token,
-						Expires:  time.Now().Add(30 * 24 * time.Hour),
-						HttpOnly: true,
-					})
-					jwtData = item.Token
-					delete(sessions, hashid)
-				}
-				c.SetCookie(&http.Cookie{
-					Name:    "hashid",
-					Value:   "",
-					Path:    "/",
-					Expires: time.Unix(0, 0),
-				})
-			}
-			var valid bool
-			if len(jwtData) > 0 {
-				claims := &Claims{}
-				token, err := jwt.ParseWithClaims(jwtData, claims,
-					func(token *jwt.Token) (interface{}, error) {
-						/*	if _, ok := token.Method.(*jwt.SigningMethodHMAC); !ok {
-							return nil, fmt.Errorf("Unexpected signing method: %v", token.Header["alg"])
-						*/
-						return []byte(cfg.HTTP.JWTKey + sessionKey), nil
-					})
-				if err == nil {
-					if claims.Counter == storage.PassCounter {
-						valid = token.Valid
+		var (
+			userID uint32
+			user   users.User
+			valid  bool
+		)
+		lang := LangDefCode
+		claims := &Claims{}
+		if IsScript {
+			user = scriptTask.Header.User
+			if len(user.PasswordHash) > 0 {
+				jwtData := getCookie(c, "jwt")
+				if len(jwtData) > 0 {
+					token, err := jwt.ParseWithClaims(jwtData, claims,
+						func(token *jwt.Token) (interface{}, error) {
+							return []byte(scriptTask.Header.ClaimKey), nil
+						})
+					if err == nil {
+						if (claims.UserID == user.ID && claims.Counter == user.PassCounter) ||
+							claims.RoleID == users.XAdminID {
+							valid = token.Valid
+						}
 					}
 				}
-			}
-			if !valid {
-				if url == `/` {
-					c.Request().URL.Path = `login`
-				} else if url != `/api/login` && url != `/api/taskstatus` && url != `/api/sys` {
+				if !valid {
 					return echo.NewHTTPError(http.StatusUnauthorized, "Unauthorized")
 				}
 			}
-		}
-		if firstRun && url == `/` {
-			c.Request().URL.Path = `install`
-		}
-		// TODO: JWT user
-		var user *User
-		for _, user = range storage.Users {
-			break
-		}
-		lang := LangDefCode
-		if IsScript {
 			lang = scriptTask.Header.Lang
 		} else {
+			userID = uint32(users.XRootID)
+			if len(storage.Settings.PasswordHash) > 0 && (url == `/` || strings.HasPrefix(url, `/api`) ||
+				strings.HasPrefix(url, `/ws`) || strings.HasPrefix(url, `/task`)) {
+				hashid := getCookie(c, "hashid")
+				jwtData := getCookie(c, "jwt")
+				if len(hashid) > 0 {
+					if item, ok := sessions[hashid]; ok {
+						c.SetCookie(&http.Cookie{
+							Name:     "jwt",
+							Value:    item.Token,
+							Expires:  time.Now().Add(30 * 24 * time.Hour),
+							HttpOnly: true,
+						})
+						jwtData = item.Token
+						delete(sessions, hashid)
+					}
+					c.SetCookie(&http.Cookie{
+						Name:    "hashid",
+						Value:   "",
+						Path:    "/",
+						Expires: time.Unix(0, 0),
+					})
+				}
+				if len(jwtData) > 0 {
+					token, err := jwt.ParseWithClaims(jwtData, claims,
+						func(token *jwt.Token) (interface{}, error) {
+							/*	if _, ok := token.Method.(*jwt.SigningMethodHMAC); !ok {
+								return nil, fmt.Errorf("Unexpected signing method: %v", token.Header["alg"])
+							*/
+							return []byte(cfg.HTTP.JWTKey + sessionKey), nil
+						})
+					if err == nil {
+						if user, ok = GetUser(claims.UserID); ok && claims.Counter == user.PassCounter {
+							valid = token.Valid
+							userID = claims.UserID
+						}
+					}
+				}
+				if !valid {
+					if url == `/` {
+						c.Request().URL.Path = `login`
+					} else if url != `/api/login` && url != `/api/taskstatus` && url != `/api/sys` &&
+						url != `/api/notification` {
+						return echo.NewHTTPError(http.StatusUnauthorized, "Unauthorized")
+					}
+				}
+			}
+			if firstRun && url == `/` {
+				c.Request().URL.Path = `install`
+			}
+			if user, ok = GetUser(userID); !ok {
+				return echo.NewHTTPError(http.StatusUnauthorized, "Unauthorized")
+			}
 			if u, ok := userSettings[user.ID]; ok {
 				lang = u.Lang
 			}
 		}
 		auth := &Auth{
 			Context: c,
-			User:    user,
+			User:    &user,
 			Lang:    lang,
 		}
 		err = next(auth)
@@ -187,28 +222,35 @@ func clearSessions() {
 }
 
 func loginHandle(c echo.Context) error {
-	var response ResponseLogin
-
-	err := bcrypt.CompareHashAndPassword(storage.Settings.PasswordHash, []byte(c.FormValue("password")))
-	if err == nil {
-		expirationTime := time.Now().Add(30 * 24 * time.Hour)
-		claims := &Claims{
-			Counter:  storage.PassCounter,
-			Username: `root`,
-			StandardClaims: jwt.StandardClaims{
-				ExpiresAt: expirationTime.Unix(),
-			},
-		}
-		var token string
-		tok := jwt.NewWithClaims(jwt.SigningMethodHS256, claims)
-		token, err = tok.SignedString([]byte(cfg.HTTP.JWTKey + sessionKey))
+	var (
+		response ResponseLogin
+		err      error
+	)
+
+	for _, user := range GetUsers() {
+		err = bcrypt.CompareHashAndPassword(user.PasswordHash, []byte(c.FormValue("password")))
 		if err == nil {
-			response.ID = lib.UniqueName(12)
-			clearSessions()
-			sessions[response.ID] = session{
-				Token:   token,
-				Created: time.Now(),
+			expirationTime := time.Now().Add(30 * 24 * time.Hour)
+			claims := &Claims{
+				Counter: user.PassCounter,
+				UserID:  user.ID,
+				RoleID:  user.RoleID,
+				StandardClaims: jwt.StandardClaims{
+					ExpiresAt: expirationTime.Unix(),
+				},
+			}
+			var token string
+			tok := jwt.NewWithClaims(jwt.SigningMethodHS256, claims)
+			token, err = tok.SignedString([]byte(cfg.HTTP.JWTKey + sessionKey))
+			if err == nil {
+				response.ID = lib.UniqueName(12)
+				clearSessions()
+				sessions[response.ID] = session{
+					Token:   token,
+					Created: time.Now(),
+				}
 			}
+			break
 		}
 	}
 	if err != nil {

diff --git a/config.go b/config.go
@@ -6,6 +6,7 @@ package main
 
 import (
 	"eonza/lib"
+	"eonza/users"
 	"io/ioutil"
 	"os"
 	"path"
@@ -183,21 +184,20 @@ func Install() {
 	if err != nil {
 		golog.Fatal(err)
 	}
-	var userid uint32
-	if userid, err = NewUser(`root`); err != nil {
-		golog.Fatal(err)
+	ProInit(nil, 0)
+	userSettings[users.XRootID] = UserSettings{
+		ID:   users.XRootID,
+		Lang: appInfo.Lang,
+		Favs: []Fav{
+			{Name: `welcome`},
+			{Name: `tests`},
+			{Name: `Tools`, IsFolder: true, Children: []Fav{
+				{Name: `copy-files`},
+				{Name: `create-archive`},
+			}},
+		},
 	}
-	rootSettings := userSettings[userid]
-	rootSettings.Favs = []Fav{
-		{Name: `welcome`},
-		{Name: `tests`},
-		{Name: `Tools`, IsFolder: true, Children: []Fav{
-			{Name: `copy-files`},
-			{Name: `create-archive`},
-		}},
-	}
-	userSettings[userid] = rootSettings
-	if err = SaveUser(userid); err != nil {
+	if err = SaveUser(users.XRootID); err != nil {
 		golog.Fatal(err)
 	}
 	if err = SaveStorage(); err != nil {

diff --git a/const.go b/const.go
@@ -6,7 +6,7 @@ package main
 
 const (
 	// Version of the application
-	Version = "1.12.0"
+	Version = "1.13.0"
 	// DefPort is the default web-server port
 	DefPort = 3234
 	// DefTheme is the default web-server theme

diff --git a/deflists.go b/deflists.go
@@ -0,0 +1,45 @@
+// Copyright 2020 Alexey Krivonogov. All rights reserved.
+// Use of this source code is governed by a MIT license
+// that can be found in the LICENSE file.
+
+package main
+
+import "html/template"
+
+type DefItem struct {
+	Title string
+	Value string
+}
+
+type DefList struct {
+	Name  template.JS
+	Items []DefItem
+}
+
+var (
+	defaultList = []DefList{
+		{
+			Name: `charmaps`,
+			Items: []DefItem{
+				{`utf-8`, `utf-8`},
+				{`Big5 (Chinese - traditional)`, `Big5`},
+				{`cp437  (IBM PC US)`, `cp437`},
+				{`cp866  (MS-DOS Cyrillic Russian)`, `cp866`},
+				{`EUC-KR (Korean)`, `EUC-KR`},
+				{`GBK (Chinese - simplified)`, `GBK`},
+				{"KOI8-R", "KOI8-R"},
+				{"KOI8-U", "KOI8-U"},
+				{`Shift JIS (Japanese)`, `Shift_JIS`},
+				{`windows-1250 (Central European)`, `windows-1250`},
+				{`windows-1251 (Cyrillic)`, `windows-1251`},
+				{`windows-1252 (Western European)`, `windows-1252`},
+				{`windows-1253 (Greek)`, `windows-1253`},
+				{`windows-1254 (Turkish)`, `windows-1254`},
+				{`windows-1255 (Hebrew)`, `windows-1255`},
+				{`windows-1256 (Arabic)`, `windows-1256`},
+				{`windows-1257 (Baltic)`, `windows-1257`},
+				{`windows-1258 (Vietnamese)`, `windows-1258`},
+			},
+		},
+	}
+)
diff --git a/go.mod b/go.mod
@@ -26,7 +26,7 @@ require (
 	github.com/yuin/goldmark-highlighting v0.0.0-20200307114337-60d527fdb691
 	golang.org/x/crypto v0.0.0-20201217014255-9d1352758620
 	golang.org/x/net v0.0.0-20201216054612-986b41b23924 // indirect
-	golang.org/x/text v0.3.4 // indirect
+	golang.org/x/text v0.3.4
 	gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c // indirect
 	gopkg.in/yaml.v2 v2.4.0
 )