mirror of
https://github.com/Macrame-App/Macrame
synced 2025-12-29 15:29:26 +00:00
102 lines
2.3 KiB
Go
102 lines
2.3 KiB
Go
package helper
|
|
|
|
import (
|
|
"encoding/json"
|
|
"errors"
|
|
"net"
|
|
"net/http"
|
|
"strings"
|
|
|
|
"be/app/structs"
|
|
. "be/app/structs"
|
|
)
|
|
|
|
func EndpointAccess(w http.ResponseWriter, r *http.Request) (bool, string, error) {
|
|
ip, _, err := net.SplitHostPort(r.RemoteAddr)
|
|
|
|
if err != nil {
|
|
return false, "", errors.New(r.URL.Path + ": SplitHostPort error: " + err.Error())
|
|
}
|
|
|
|
if (isLocal(ip) && isEndpointAllowed("Local", r.URL.Path)) ||
|
|
(isLanRemote(ip) && isEndpointAllowed("Remote", r.URL.Path)) {
|
|
return true, "", nil
|
|
} else if isLanRemote(ip) && isEndpointAllowed("Auth", r.URL.Path) {
|
|
data, err := decryptAuth(r)
|
|
|
|
if err != nil {
|
|
return false, "", err
|
|
}
|
|
|
|
return data != "", data, nil
|
|
}
|
|
|
|
return false, "", errors.New(r.URL.Path + ": not authorized or accessible")
|
|
}
|
|
|
|
func isLocal(ip string) bool {
|
|
return ip == "127.0.0.1" || ip == "::1"
|
|
}
|
|
|
|
func isLanRemote(ip string) bool {
|
|
return strings.HasPrefix(ip, "192.168.")
|
|
}
|
|
|
|
func isEndpointAllowed(source string, endpoint string) bool {
|
|
var endpoints, err = getAllowedEndpoints(source)
|
|
if err != "" {
|
|
return false
|
|
}
|
|
|
|
if (endpoints != nil) && (len(endpoints) > 0) {
|
|
for _, e := range endpoints {
|
|
if e == endpoint {
|
|
return true
|
|
}
|
|
}
|
|
}
|
|
|
|
return false
|
|
}
|
|
|
|
func getAllowedEndpoints(source string) (endpoints []string, err string) {
|
|
if source == "Local" {
|
|
return Endpoints.Local, ""
|
|
}
|
|
if source == "Remote" {
|
|
return Endpoints.Remote, ""
|
|
}
|
|
if source == "Auth" {
|
|
return Endpoints.Auth, ""
|
|
}
|
|
|
|
return []string{}, "No allowed endpoints"
|
|
}
|
|
|
|
func decryptAuth(r *http.Request) (string, error) {
|
|
var req structs.Authcall
|
|
|
|
err := json.NewDecoder(r.Body).Decode(&req)
|
|
|
|
if err != nil || req.Uuid == "" || req.Data == "" {
|
|
return "", errors.New("DecryptAuth Error: " + err.Error() + "; UUID: " + req.Uuid + "; Data: " + req.Data)
|
|
}
|
|
|
|
deviceKey, errKey := GetKeyByUuid(req.Uuid)
|
|
decryptData, errDec := DecryptAES(deviceKey, req.Data)
|
|
|
|
if errKey != nil && errDec != nil || decryptData == "" {
|
|
return "", errors.New("DecryptAuth Error: " + errKey.Error() + "; " + errDec.Error() + "; UUID: " + req.Uuid + "; Data: " + req.Data)
|
|
}
|
|
|
|
return decryptData, nil
|
|
}
|
|
|
|
func ParseRequest(req interface{}, data string, r *http.Request) (d interface{}, err error) {
|
|
if data != "" {
|
|
dataBytes := []byte(data)
|
|
return req, json.Unmarshal(dataBytes, &req)
|
|
} else {
|
|
return req, json.NewDecoder(r.Body).Decode(&req)
|
|
}
|
|
}
|