Author: Adam <git@apiote.xyz>
fix týr database and config
main.go | 5 - tyr.go | 135 +++++++++++++++++++++++++++-------------------------------
diff --git a/main.go b/main.go index 57d7d0c61c9afefffefe477ca8d122352314e336..d0d3ad53b74e035571e57a7e33cbd8c4d2f1781d 100644 --- a/main.go +++ b/main.go @@ -2,7 +2,6 @@ package main import ( "errors" - "fmt" "log" "net/http" "os" @@ -115,7 +114,7 @@ configPath string dbPath string ) getopt.StringVar(&configPath, "c", "", "path to config file") - getopt.StringVar(&dbPath, "d", "asgard.db", "path to database file") + getopt.StringVar(&dbPath, "b", "asgard.db", "path to database file") getopt.Parse() config, err := readConfig(configPath) @@ -203,7 +202,7 @@ case "gersemi": log.Println(gersemi(config)) case "serve": - http.HandleFunc("/tyr", tyr_serve) + http.HandleFunc("/tyr", tyr_serve(db, config)) http.HandleFunc("/mimir", mimir_serve(db)) http.HandleFunc("/mimir/", mimir_serve(db)) e := http.ListenAndServe(":8081", nil) diff --git a/tyr.go b/tyr.go index 40150cc316956d3922cf2f57706c5cd6da7e2d35..c4f2459c9bb2cf2ff20ee7044d21e7ecf9521bb6 100644 --- a/tyr.go +++ b/tyr.go @@ -287,52 +287,69 @@ moveFromQuarantine(c, mbox, lock.address, dest) return nil } -func tyr_serve(w http.ResponseWriter, r *http.Request) { - config, err := readConfig("") // fixme shouldn’t read config every time - if err != nil { - log.Fatalln(err) - } - r.ParseForm() - formAddress := r.Form.Get("address") - formToken := r.Form.Get("token") - formError := r.Form.Get("error") - if r.Method == "GET" { - tyrData := TyrData{ - Address: formAddress, - Token: formToken, - Captcha: "$696a04444feea781aeca9c546e220e0981aff4a8db0b2998decdf13265a95c31", // todo with salt and randomised time - Error: formError, - } - t, _ := template.ParseFiles("templates/tyr.html") - b := bytes.NewBuffer([]byte{}) - _ = t.Execute(b, tyrData) - io.Copy(w, b) - } else if r.Method == "POST" { - formCaptcha := r.Form.Get("captcha") - captchaResult := strings.Split(r.Form.Get("captcha_result"), "$") - shaCaptcha := sha256.Sum256([]byte(formCaptcha + captchaResult[0])) - hexCaptcha := fmt.Sprintf("%x", shaCaptcha) - if hexCaptcha != captchaResult[1] { - w.Header().Add("Location", "?error=captcha") - w.WriteHeader(303) - return - } +func tyr_serve(db *sql.DB, config Config) func(w http.ResponseWriter, r *http.Request) { + return func(w http.ResponseWriter, r *http.Request) { + r.ParseForm() + formAddress := r.Form.Get("address") + formToken := r.Form.Get("token") + formError := r.Form.Get("error") + if r.Method == "GET" { + tyrData := TyrData{ + Address: formAddress, + Token: formToken, + Captcha: "$696a04444feea781aeca9c546e220e0981aff4a8db0b2998decdf13265a95c31", // todo with salt and randomised time + Error: formError, + } + t, _ := template.ParseFiles("templates/tyr.html") + b := bytes.NewBuffer([]byte{}) + _ = t.Execute(b, tyrData) + io.Copy(w, b) + } else if r.Method == "POST" { + formCaptcha := r.Form.Get("captcha") + captchaResult := strings.Split(r.Form.Get("captcha_result"), "$") + shaCaptcha := sha256.Sum256([]byte(formCaptcha + captchaResult[0])) + hexCaptcha := fmt.Sprintf("%x", shaCaptcha) + if hexCaptcha != captchaResult[1] { + w.Header().Add("Location", "?error=captcha") + w.WriteHeader(303) + return + } + + lock, err := getAddressLock(db, "*") + if err != nil { + w.WriteHeader(500) + w.Write([]byte(err.Error())) + return + } + if lock.token != "" && lock.token == formToken { + lock.address = formAddress + err = releaseQuarantine(db, config, lock, "*", config.Tyr.ImapFolderInbox) + if err != nil { + w.WriteHeader(500) + w.Write([]byte(err.Error())) + } else { + w.Header().Add("Location", "?error=success") + w.WriteHeader(303) + } + return + } - db, err := open() - if err != nil { - w.WriteHeader(500) - w.Write([]byte(err.Error())) - return - } - defer db.Close() - lock, err := getAddressLock(db, "*") - if err != nil { - w.WriteHeader(500) - w.Write([]byte(err.Error())) - return - } - if lock.token != "" && lock.token == formToken { - lock.address = formAddress + lock, err = getAddressLock(db, formAddress) + if err != nil { + w.WriteHeader(500) + w.Write([]byte(err.Error())) + return + } + if lock.token == "" { + w.Header().Add("Location", "?error=address&address="+formAddress) + w.WriteHeader(303) + return + } + if lock.token != formToken { + w.Header().Add("Location", "?error=token&address="+formAddress) + w.WriteHeader(303) + return + } err = releaseQuarantine(db, config, lock, "*", config.Tyr.ImapFolderInbox) if err != nil { w.WriteHeader(500) @@ -342,34 +359,8 @@ w.Header().Add("Location", "?error=success") w.WriteHeader(303) } return - } - - lock, err = getAddressLock(db, formAddress) - if err != nil { - w.WriteHeader(500) - w.Write([]byte(err.Error())) - return - } - if lock.token == "" { - w.Header().Add("Location", "?error=address&address="+formAddress) - w.WriteHeader(303) - return - } - if lock.token != formToken { - w.Header().Add("Location", "?error=token&address="+formAddress) - w.WriteHeader(303) - return - } - err = releaseQuarantine(db, config, lock, "*", config.Tyr.ImapFolderInbox) - if err != nil { - w.WriteHeader(500) - w.Write([]byte(err.Error())) } else { - w.Header().Add("Location", "?error=success") - w.WriteHeader(303) + w.WriteHeader(405) } - return - } else { - w.WriteHeader(405) } }