🎣 Open-Source Phishing Toolkit
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 
 
 
 
 

105 lines
3.1 KiB

package api
import (
"encoding/json"
"net/http"
"strconv"
log "github.com/gophish/gophish/logger"
"github.com/gophish/gophish/models"
"github.com/gophish/gophish/webhook"
"github.com/gorilla/mux"
)
// Webhooks returns a list of webhooks, both active and disabled
func (as *Server) Webhooks(w http.ResponseWriter, r *http.Request) {
switch {
case r.Method == "GET":
whs, err := models.GetWebhooks()
if err != nil {
log.Error(err)
JSONResponse(w, models.Response{Success: false, Message: err.Error()}, http.StatusInternalServerError)
return
}
JSONResponse(w, whs, http.StatusOK)
case r.Method == "POST":
wh := models.Webhook{}
err := json.NewDecoder(r.Body).Decode(&wh)
if err != nil {
JSONResponse(w, models.Response{Success: false, Message: "Invalid JSON structure"}, http.StatusBadRequest)
return
}
err = models.PostWebhook(&wh)
if err != nil {
JSONResponse(w, models.Response{Success: false, Message: err.Error()}, http.StatusBadRequest)
return
}
JSONResponse(w, wh, http.StatusCreated)
}
}
// Webhook returns details of a single webhook specified by "id" parameter
func (as *Server) Webhook(w http.ResponseWriter, r *http.Request) {
vars := mux.Vars(r)
id, _ := strconv.ParseInt(vars["id"], 0, 64)
wh, err := models.GetWebhook(id)
if err != nil {
JSONResponse(w, models.Response{Success: false, Message: "Webhook not found"}, http.StatusNotFound)
return
}
switch {
case r.Method == "GET":
JSONResponse(w, wh, http.StatusOK)
case r.Method == "DELETE":
err = models.DeleteWebhook(id)
if err != nil {
JSONResponse(w, models.Response{Success: false, Message: err.Error()}, http.StatusInternalServerError)
return
}
log.Infof("Deleted webhook with id: %d", id)
JSONResponse(w, models.Response{Success: true, Message: "Webhook deleted Successfully!"}, http.StatusOK)
case r.Method == "PUT":
wh = models.Webhook{}
err = json.NewDecoder(r.Body).Decode(&wh)
if err != nil {
log.Errorf("error decoding webhook: %v", err)
JSONResponse(w, models.Response{Success: false, Message: err.Error()}, http.StatusBadRequest)
return
}
wh.Id = id
err = models.PutWebhook(&wh)
if err != nil {
JSONResponse(w, models.Response{Success: false, Message: err.Error()}, http.StatusBadRequest)
return
}
JSONResponse(w, wh, http.StatusOK)
}
}
// ValidateWebhook makes an HTTP request to a specified remote url to ensure that it's valid.
func (as *Server) ValidateWebhook(w http.ResponseWriter, r *http.Request) {
type validationEvent struct {
Success bool `json:"success"`
}
switch {
case r.Method == "POST":
vars := mux.Vars(r)
id, _ := strconv.ParseInt(vars["id"], 0, 64)
wh, err := models.GetWebhook(id)
if err != nil {
log.Error(err)
JSONResponse(w, models.Response{Success: false, Message: err.Error()}, http.StatusInternalServerError)
return
}
payload := validationEvent{Success: true}
err = webhook.Send(webhook.EndPoint{URL: wh.URL, Secret: wh.Secret}, payload)
if err != nil {
JSONResponse(w, models.Response{Success: false, Message: err.Error()}, http.StatusBadRequest)
return
}
JSONResponse(w, wh, http.StatusOK)
}
}