publapi/pages/signup.go

package pages

import (
	"encoding/json"
	"io"
	"net/http"
	"net/url"
	"os"
	"strings"

	"github.com/ProjectSegfault/publapi/utils"
	"github.com/containrrr/shoutrrr"
	"github.com/gofiber/fiber/v2"
	log "github.com/sirupsen/logrus"
)

// SignupPage is the signup page handler

func SignupPage(c *fiber.Ctx) error {
	SignupIP, SignupIPExists := os.LookupEnv("PUBLAPI_SIGNUP_IP")
	if SignupIPExists == true {
		if c.IP() != SignupIP {
			log.Info("Request made from invalid IP: ", c.IP())
			return c.SendStatus(fiber.StatusForbidden)
		}
	}
	username := c.FormValue("username")
	email := c.FormValue("email")
	ssh := c.FormValue("ssh")
	ip := c.FormValue("ip")
	captchaResp := c.FormValue("h-captcha-response")

	if captchaResp == "" {
		log.Error("Nice try, but the registration won't work unless you answer the captcha.")
		return c.SendStatus(fiber.StatusBadRequest)
	}

	if username == "" || email == "" || ssh == "" || ip == "" {
		log.Error("username, email, ssh and ip must be filled", username, email, ssh, ip)
		return c.SendStatus(fiber.StatusBadRequest)
	}
	raid, ok := os.LookupEnv("PUBLAPI_RAID_MODE")
	if !ok || raid == "1" {
		log.Warn(
			"PUBLAPI_RAID_MODE is on, accepting every request as OK and not doing anything...\n User info: ",
			username,
			" ",
			email,
			" ",
			ip,
			" ",
		)
		return c.SendStatus(fiber.StatusOK)
	}

	// Check the captcha validation.

	captchaSecret, ok := os.LookupEnv("PUBLAPI_CAPTCHA_SECRET")

	params := url.Values{}
	params.Add("response", captchaResp)
	params.Add("secret", captchaSecret)
	body := strings.NewReader(params.Encode())

	req, err := http.NewRequest("POST", "https://hcaptcha.com/siteverify", body)
	if err != nil {
		// handle err
	}

	req.Header.Set("Content-Type", "application/x-www-form-urlencoded")

	resp, err := http.DefaultClient.Do(req)
	if err != nil {
		log.Error("Something went wrong fetching the HCatpcha API: ", err)
	}
	defer resp.Body.Close()

	bod, err := io.ReadAll(resp.Body)
	if err != nil {
		log.Error("Error reading captcha response body", err)
	}
	sb := string(bod)
	log.Info("Captcha response: ", sb)

	type CaptchaResponse struct {
		Success bool `json:"success"`
	}
	var captchaResponse CaptchaResponse
	err = json.Unmarshal([]byte(sb), &captchaResponse)
	if err != nil {
		log.Error("Error unmarshalling captcha response", err)
	}

	if captchaResponse.Success == false {
		log.Error("Captcha validation failed")
		return c.JSON(fiber.Map{
			"username": username,
			"message":  "Sorry! But the captcha validation failed. Please try again.",
			"status":   c.Response().StatusCode(),
		})
	} else {
		// Check if user already exists
		// We'll check the home folder and see if the username folder exists.
		_, err := os.Stat("/home/" + username)
		if err == nil {
			log.Error("User already exists : ", username)
			return c.JSON(fiber.Map{
				"username": username,
				"message":  "User already exists. Please choose a different username.",
				"status":   c.Response().StatusCode(),
			})
		}

		// create user file

		f, err := os.Create("/var/publapi/users/" + username + ".sh")
		if err != nil {
			log.Error("Error creating user file", err)
			return c.SendStatus(fiber.StatusInternalServerError)
		}
		defer f.Close()
		chmoderr := os.Chmod("/var/publapi/users/"+username+".sh", 0700)
		if chmoderr != nil {
			log.Error(err)
		}
		Bashscript := strings.ReplaceAll(utils.Bashscript, "{{sshkey}}", ssh)
		Bashscript = strings.ReplaceAll(Bashscript, "{{email}}", email)
		Bashscript = strings.ReplaceAll(Bashscript, "{{username}}", username)
		// write to file
		_, err = f.WriteString(Bashscript)
		if err != nil {
			log.Error("Error writing to user file", err)
			return c.SendStatus(fiber.StatusInternalServerError)
		}

		log.Info(
			"Registration request for " + username + " has been submitted by the frontend and has been written to /var/publapi/users/" + username + ".sh",
		)

		// send notification to user that their reg request was sent

		// err = shoutrrr.Send(os.Getenv("PUBLAPI_EMAIL_SHOUTRRRURL")+email, "Hello "+username+",\nYour registration request has been sent.\nIt will take a maximum of 48 hours for the request to be processed.\nThank you for being part of the Project Segfault Pubnix.")
		// if err != nil {
		// 	log.Error("Error sending email to user", err)
		// 	return c.SendStatus(fiber.StatusInternalServerError)
		// }

		// send notification to admins

		shoutrrrUrl := os.Getenv("PUBLAPI_NOTIFY_SHOUTRRRURL") + os.Getenv("PUBLAPI_NOTIFY_ROOMS")
		err = shoutrrr.Send(
			shoutrrrUrl,
			"New user signup! Please review /var/publapi/users/"+username+".sh to approve or deny the user. IP: "+ip+" Email: "+email,
		)
		if err != nil {
			log.Error("Error sending notification to admins", err)
			//return c.SendStatus(fiber.StatusInternalServerError)
		}
		return c.JSON(fiber.Map{
			"username": username,
			"message":  "User created! Please allow us 24 hours or more to review your account.",
			"status":   c.Response().StatusCode(),
		})
	}
}
Arya fix it Signed-off-by: Odyssey <odyssey346@disroot.org> 2023-01-07 21:03:51 +05:30			`package pages`

			`import (`
Require a captcha on the backend 2023-07-11 02:53:29 +05:30			`"encoding/json"`
Add a failsafe if the user is created twice (It just happaned, this is just to prevent further damages.) 2024-02-27 19:35:13 +05:30			`"io"`
Require a captcha on the backend 2023-07-11 02:53:29 +05:30			`"net/http"`
			`"net/url"`
			`"os"`
			`"strings"`

make signup script a template 2023-01-21 22:19:17 +05:30			`"github.com/ProjectSegfault/publapi/utils"`
Arya fix it Signed-off-by: Odyssey <odyssey346@disroot.org> 2023-01-07 21:03:51 +05:30			`"github.com/containrrr/shoutrrr"`
send user email once registration is sent 2023-02-05 19:00:47 +05:30			`"github.com/gofiber/fiber/v2"`
Switch logger Signed-off-by: Odyssey <odyssey346@disroot.org> 2023-01-07 22:24:04 +05:30			`log "github.com/sirupsen/logrus"`
Arya fix it Signed-off-by: Odyssey <odyssey346@disroot.org> 2023-01-07 21:03:51 +05:30			`)`

			`// SignupPage is the signup page handler`
Require a captcha on the backend 2023-07-11 02:53:29 +05:30
Arya fix it Signed-off-by: Odyssey <odyssey346@disroot.org> 2023-01-07 21:03:51 +05:30			`func SignupPage(c *fiber.Ctx) error {`
add signup ip support 2023-02-18 15:20:24 +05:30			`SignupIP, SignupIPExists := os.LookupEnv("PUBLAPI_SIGNUP_IP")`
			`if SignupIPExists == true {`
			`if c.IP() != SignupIP {`
			`log.Info("Request made from invalid IP: ", c.IP())`
			`return c.SendStatus(fiber.StatusForbidden)`
			`}`
			`}`
Arya fix it Signed-off-by: Odyssey <odyssey346@disroot.org> 2023-01-07 21:03:51 +05:30			`username := c.FormValue("username")`
			`email := c.FormValue("email")`
add ssh key value for signup 2023-01-17 20:36:47 +05:30			`ssh := c.FormValue("ssh")`
add ip option to signup 2023-01-21 21:54:33 +05:30			`ip := c.FormValue("ip")`
Require a captcha on the backend 2023-07-11 02:53:29 +05:30			`captchaResp := c.FormValue("h-captcha-response")`

			`if captchaResp == "" {`
			`log.Error("Nice try, but the registration won't work unless you answer the captcha.")`
			`return c.SendStatus(fiber.StatusBadRequest)`
			`}`

add ip option to signup 2023-01-21 21:54:33 +05:30			`if username == "" \|\| email == "" \|\| ssh == "" \|\| ip == "" {`
			`log.Error("username, email, ssh and ip must be filled", username, email, ssh, ip)`
add ssh key value for signup 2023-01-17 20:36:47 +05:30			`return c.SendStatus(fiber.StatusBadRequest)`
			`}`
raid mode 2023-05-27 15:54:23 +05:30			`raid, ok := os.LookupEnv("PUBLAPI_RAID_MODE")`
			`if !ok \|\| raid == "1" {`
Require a captcha on the backend 2023-07-11 02:53:29 +05:30			`log.Warn(`
			`"PUBLAPI_RAID_MODE is on, accepting every request as OK and not doing anything...\n User info: ",`
			`username,`
			`" ",`
			`email,`
			`" ",`
			`ip,`
			`" ",`
			`)`
raid mode 2023-05-27 15:54:23 +05:30			`return c.SendStatus(fiber.StatusOK)`
			`}`
Arya fix it Signed-off-by: Odyssey <odyssey346@disroot.org> 2023-01-07 21:03:51 +05:30
Require a captcha on the backend 2023-07-11 02:53:29 +05:30			`// Check the captcha validation.`

			`captchaSecret, ok := os.LookupEnv("PUBLAPI_CAPTCHA_SECRET")`

			`params := url.Values{}`
			`params.Add("response", captchaResp)`
			`params.Add("secret", captchaSecret)`
			`body := strings.NewReader(params.Encode())`

			`req, err := http.NewRequest("POST", "https://hcaptcha.com/siteverify", body)`
Arya fix it Signed-off-by: Odyssey <odyssey346@disroot.org> 2023-01-07 21:03:51 +05:30			`if err != nil {`
Require a captcha on the backend 2023-07-11 02:53:29 +05:30			`// handle err`
make signup script executable (700) 2023-01-21 14:26:07 +05:30			`}`
Require a captcha on the backend 2023-07-11 02:53:29 +05:30
			`req.Header.Set("Content-Type", "application/x-www-form-urlencoded")`

			`resp, err := http.DefaultClient.Do(req)`
Arya fix it Signed-off-by: Odyssey <odyssey346@disroot.org> 2023-01-07 21:03:51 +05:30			`if err != nil {`
Require a captcha on the backend 2023-07-11 02:53:29 +05:30			`log.Error("Something went wrong fetching the HCatpcha API: ", err)`
Arya fix it Signed-off-by: Odyssey <odyssey346@disroot.org> 2023-01-07 21:03:51 +05:30			`}`
Require a captcha on the backend 2023-07-11 02:53:29 +05:30			`defer resp.Body.Close()`
Arya fix it Signed-off-by: Odyssey <odyssey346@disroot.org> 2023-01-07 21:03:51 +05:30
Add a failsafe if the user is created twice (It just happaned, this is just to prevent further damages.) 2024-02-27 19:35:13 +05:30			`bod, err := io.ReadAll(resp.Body)`
send user email once registration is sent 2023-02-05 19:00:47 +05:30			`if err != nil {`
Require a captcha on the backend 2023-07-11 02:53:29 +05:30			`log.Error("Error reading captcha response body", err)`
send user email once registration is sent 2023-02-05 19:00:47 +05:30			`}`
Require a captcha on the backend 2023-07-11 02:53:29 +05:30			`sb := string(bod)`
			`log.Info("Captcha response: ", sb)`

			`type CaptchaResponse struct {`
			Success bool `json:"success"`
			`}`
			`var captchaResponse CaptchaResponse`
			`err = json.Unmarshal([]byte(sb), &captchaResponse)`
Fix syntax Signed-off-by: Odyssey <odyssey346@disroot.org> 2023-01-07 21:32:06 +05:30			`if err != nil {`
Require a captcha on the backend 2023-07-11 02:53:29 +05:30			`log.Error("Error unmarshalling captcha response", err)`
Fix syntax Signed-off-by: Odyssey <odyssey346@disroot.org> 2023-01-07 21:32:06 +05:30			`}`
Arya fix it Signed-off-by: Odyssey <odyssey346@disroot.org> 2023-01-07 21:03:51 +05:30
Require a captcha on the backend 2023-07-11 02:53:29 +05:30			`if captchaResponse.Success == false {`
			`log.Error("Captcha validation failed")`
Replace the error code with an actual response for the end user. 2023-07-11 03:38:46 +05:30			`return c.JSON(fiber.Map{`
			`"username": username,`
			`"message": "Sorry! But the captcha validation failed. Please try again.",`
			`"status": c.Response().StatusCode(),`
			`})`
Require a captcha on the backend 2023-07-11 02:53:29 +05:30			`} else {`
Add a failsafe if the user is created twice (It just happaned, this is just to prevent further damages.) 2024-02-27 19:35:13 +05:30			`// Check if user already exists`
			`// We'll check the home folder and see if the username folder exists.`
			`_, err := os.Stat("/home/" + username)`
			`if err == nil {`
Reformulate some words to be better looking, also the logs should look better now. 2024-02-27 19:59:50 +05:30			`log.Error("User already exists : ", username)`
Add a failsafe if the user is created twice (It just happaned, this is just to prevent further damages.) 2024-02-27 19:35:13 +05:30			`return c.JSON(fiber.Map{`
			`"username": username,`
Reformulate some words to be better looking, also the logs should look better now. 2024-02-27 19:59:50 +05:30			`"message": "User already exists. Please choose a different username.",`
Add a failsafe if the user is created twice (It just happaned, this is just to prevent further damages.) 2024-02-27 19:35:13 +05:30			`"status": c.Response().StatusCode(),`
			`})`
			`}`
Whoops, extra unused bracked got lost in there and made the program fail to compile. 2024-02-27 19:37:27 +05:30
Require a captcha on the backend 2023-07-11 02:53:29 +05:30			`// create user file`

			`f, err := os.Create("/var/publapi/users/" + username + ".sh")`
			`if err != nil {`
			`log.Error("Error creating user file", err)`
			`return c.SendStatus(fiber.StatusInternalServerError)`
			`}`
			`defer f.Close()`
			`chmoderr := os.Chmod("/var/publapi/users/"+username+".sh", 0700)`
			`if chmoderr != nil {`
			`log.Error(err)`
			`}`
			`Bashscript := strings.ReplaceAll(utils.Bashscript, "{{sshkey}}", ssh)`
			`Bashscript = strings.ReplaceAll(Bashscript, "{{email}}", email)`
			`Bashscript = strings.ReplaceAll(Bashscript, "{{username}}", username)`
			`// write to file`
			`_, err = f.WriteString(Bashscript)`
			`if err != nil {`
			`log.Error("Error writing to user file", err)`
			`return c.SendStatus(fiber.StatusInternalServerError)`
			`}`

			`log.Info(`
			`"Registration request for " + username + " has been submitted by the frontend and has been written to /var/publapi/users/" + username + ".sh",`
			`)`

			`// send notification to user that their reg request was sent`

i fixed matrix notifs This reverts commit af0022c30d396f58f237c3b19f88e95fce84ca01. 2023-08-13 15:58:34 +05:30			`// err = shoutrrr.Send(os.Getenv("PUBLAPI_EMAIL_SHOUTRRRURL")+email, "Hello "+username+",\nYour registration request has been sent.\nIt will take a maximum of 48 hours for the request to be processed.\nThank you for being part of the Project Segfault Pubnix.")`
			`// if err != nil {`
			`// log.Error("Error sending email to user", err)`
			`// return c.SendStatus(fiber.StatusInternalServerError)`
			`// }`
Require a captcha on the backend 2023-07-11 02:53:29 +05:30
			`// send notification to admins`

i fixed matrix notifs This reverts commit af0022c30d396f58f237c3b19f88e95fce84ca01. 2023-08-13 15:58:34 +05:30			`shoutrrrUrl := os.Getenv("PUBLAPI_NOTIFY_SHOUTRRRURL") + os.Getenv("PUBLAPI_NOTIFY_ROOMS")`
Require a captcha on the backend 2023-07-11 02:53:29 +05:30			`err = shoutrrr.Send(`
			`shoutrrrUrl,`
			`"New user signup! Please review /var/publapi/users/"+username+".sh to approve or deny the user. IP: "+ip+" Email: "+email,`
			`)`
			`if err != nil {`
			`log.Error("Error sending notification to admins", err)`
dont give error to the user if internal notif fails 2024-05-22 11:16:10 +05:30			`//return c.SendStatus(fiber.StatusInternalServerError)`
Require a captcha on the backend 2023-07-11 02:53:29 +05:30			`}`
			`return c.JSON(fiber.Map{`
			`"username": username,`
			`"message": "User created! Please allow us 24 hours or more to review your account.",`
			`"status": c.Response().StatusCode(),`
			`})`
			`}`
Arya fix it Signed-off-by: Odyssey <odyssey346@disroot.org> 2023-01-07 21:03:51 +05:30			`}`