Browse Source

Working on setting up Login functionality

Introduced working with SQLite DB - working on setting up database on first run
Added "dbpath" to config
pull/24/head
Jordan 7 years ago
parent
commit
e6343292be
8 changed files with 100 additions and 22 deletions
  1. +1
    -0
      .gitignore
  2. +13
    -1
      api.go
  3. +2
    -1
      config.json
  4. +18
    -3
      gophish.go
  5. +4
    -12
      models.go
  6. +22
    -4
      route.go
  7. +39
    -0
      setup.go
  8. +1
    -1
      templates/login.html

+ 1
- 0
.gitignore View File

@ -20,3 +20,4 @@ _cgo_export.*
_testmain.go
*.exe
*.db

+ 13
- 1
api.go View File

@ -2,24 +2,36 @@ package main
import (
"fmt"
"github.com/gorilla/mux"
"net/http"
"github.com/gorilla/mux"
)
func API(w http.ResponseWriter, r *http.Request) {
fmt.Fprintf(w, "Hello api")
}
//API_Campaigns returns a list of campaigns if requested via GET.
//If requested via POST, API_Campaigns creates a new campaign and returns a reference to it.
func API_Campaigns(w http.ResponseWriter, r *http.Request) {
switch {
case r.Method == "GET":
case r.Method == "POST":
fmt.Fprintf(w, "Hello POST!")
}
fmt.Fprintf(w, "Hello api")
}
//API_Campaigns_Id returns details about the requested campaign. If the campaign is not
//valid, API_Campaigns_Id returns null.
func API_Campaigns_Id(w http.ResponseWriter, r *http.Request) {
w.Header().Set("Content-Type", "application/json")
vars := mux.Vars(r)
fmt.Fprintf(w, "{\"method\" : \""+r.Method+"\", \"id\" : "+vars["id"]+"}")
}
//API_Doc renders a template describing the API documentation.
func API_Doc(w http.ResponseWriter, r *http.Request) {
renderTemplate(w, "api_doc")
}

+ 2
- 1
config.json View File

@ -4,5 +4,6 @@
"host" : "smtp.example.com:25",
"user" : "username",
"pass" : "password"
}
},
"dbpath" : "db/gophish.db"
}

+ 18
- 3
gophish.go View File

@ -26,7 +26,10 @@ OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
THE SOFTWARE.
*/
import (
"database/sql"
"encoding/gob"
"encoding/json"
"flag"
"fmt"
"io/ioutil"
"net/http"
@ -34,15 +37,27 @@ import (
)
var config Config
var db sql.DB
var setupFlag = flag.Bool("setup", false, "Starts the initial setup process for Gophish")
//init registers the necessary models to be saved in the session later
func init() {
gob.Register(&User{})
}
func main() {
// Get the config file
config_file, e := ioutil.ReadFile("./config.json")
if e != nil {
fmt.Printf("File error: %v\n", e)
config_file, err := ioutil.ReadFile("./config.json")
defer db.Close()
if err != nil {
fmt.Printf("File error: %v\n", err)
os.Exit(1)
}
json.Unmarshal(config_file, &config)
_, err = Setup()
if err != nil {
fmt.Println(err)
}
fmt.Printf("Gophish server started at http://%s\n", config.URL)
http.Handle("/", createRouter())
http.ListenAndServe(config.URL, nil)

+ 4
- 12
models.go View File

@ -6,22 +6,14 @@ type SMTPServer struct {
Password string `json:"password"`
}
type Email struct {
Subject string
Body string
To []string
Bcc []string
Cc []string
From string
}
type Config struct {
URL string `json:"url"`
SMTP SMTPServer `json:"smtp"`
URL string `json:"url"`
SMTP SMTPServer `json:"smtp"`
DBPath string `json:"dbpath"`
}
type User struct {
Id string
Id int
Username string
Hash string
APIKey string

+ 22
- 4
route.go View File

@ -27,11 +27,12 @@ THE SOFTWARE.
*/
import (
"html/template"
"net/http"
"github.com/gorilla/mux"
"github.com/gorilla/securecookie"
"github.com/gorilla/sessions"
"html/template"
"net/http"
)
var store = sessions.NewCookieStore([]byte(securecookie.GenerateRandomKey(64)))
@ -66,7 +67,7 @@ func Register(w http.ResponseWriter, r *http.Request) {
func Base(w http.ResponseWriter, r *http.Request) {
session, _ := store.Get(r, "gophish")
// Example of saving session - will be removed.
// Example of using session - will be removed.
session.Save(r, w)
renderTemplate(w, "dashboard")
}
@ -85,10 +86,27 @@ func Base_Campaigns(w http.ResponseWriter, r *http.Request) {
}
func Login(w http.ResponseWriter, r *http.Request) {
renderTemplate(w, "login")
switch {
case r.Method == "GET":
renderTemplate(w, "login")
case r.Method == "POST":
//Attempt to login
if login(r) {
session, _ := store.Get(r, "gophish")
session.Save(r, w)
http.Redirect(w, r, "/", 302)
}
}
}
func renderTemplate(w http.ResponseWriter, tmpl string) {
t := template.Must(template.New("template").ParseFiles("templates/base.html", "templates/nav.html", "templates/"+tmpl+".html"))
t.ExecuteTemplate(w, "base", "T")
}
func login(r *http.Request) bool {
//session, _ := store.Get(r, "gophish")
//session.Values["user"] = User{1, "jordan", "hash", "key"}
//user := session.Values["user"].(*User)
return true
}

+ 39
- 0
setup.go View File

@ -0,0 +1,39 @@
package main
import (
"database/sql"
"fmt"
"os"
_ "github.com/mattn/go-sqlite3"
)
//Setup creates and returns the database needed by Gophish
func Setup() (*sql.DB, error) {
//If the file already exists, delete it and recreate it
if _, err := os.Stat(config.DBPath); err == nil {
os.Remove(config.DBPath)
}
fmt.Println("Creating db at " + config.DBPath)
db, err := sql.Open("sqlite3", config.DBPath)
if err != nil {
return nil, err
}
//Create the tables needed
_, err = db.Exec(
`CREATE TABLE Users (id INTEGER PRIMARY KEY AUTOINCREMENT, username TEXT, hash VARCHAR(32), apikey VARCHAR(32));`)
if err != nil {
return nil, err
}
//Create the default user
stmt, err := db.Prepare(`INSERT INTO Users (username, hash, apikey) VALUES (?, ?, ?);`)
defer stmt.Close()
if err != nil {
return nil, err
}
_, err = stmt.Exec("jordan", "12345678901234567890123456789012", "12345678901234567890123456789012")
if err != nil {
return nil, err
}
return db, nil
}

+ 1
- 1
templates/login.html View File

@ -1,6 +1,6 @@
{{define "content"}}
<div class="container">
<form class="form-signin">
<form class="form-signin" action="/login" method="POST">
<img id="logo" src="/images/logo.png" />
<h2 class="form-signin-heading">Please sign in</h2>
<input type="text" class="form-control" placeholder="Username" required autofocus>

Loading…
Cancel
Save