github
/
statping
mirror of https://github.com/statping/statping
1
0
Fork 0
Code Issues Releases Wiki Activity

ssl - forms

pull/116/head
Hunter Long 2018-12-06 15:20:20 -08:00
parent 0a22788385
commit 890de5b50d
10 changed files with 84 additions and 32 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

0
Dockerfile.test → dev/Dockerfile.test
View File

0
docker-compose.test.yml → dev/docker-compose.test.yml
View File

67
handlers/handlers.go
View File

@ -16,6 +16,7 @@
package handlers package handlers
import ( import (
"crypto/tls"
"encoding/json" "encoding/json"
"fmt" "fmt"
"github.com/gorilla/sessions" "github.com/gorilla/sessions"
@ -33,35 +34,66 @@ import (
const ( const (
cookieKey = "statping_auth" cookieKey = "statping_auth"
timeout = time.Second * 60
) )
var ( var (
sessionStore *sessions.CookieStore sessionStore *sessions.CookieStore
httpServer *http.Server httpServer *http.Server
usingSSL bool
) )
// RunHTTPServer will start a HTTP server on a specific IP and port // RunHTTPServer will start a HTTP server on a specific IP and port
func RunHTTPServer(ip string, port int) error { func RunHTTPServer(ip string, port int) error {
host := fmt.Sprintf("%v:%v", ip, port) host := fmt.Sprintf("%v:%v", ip, port)
key := utils.FileExists(utils.Directory + "/server.key")
cert := utils.FileExists(utils.Directory + "/server.crt")
if key && cert {
utils.Log(1, "server.cert and server.key was found in root directory! Starting in SSL mode.")
utils.Log(1, fmt.Sprintf("Statping Secure HTTPS Server running on https://%v:%v", ip, 443))
usingSSL = true
} else {
utils.Log(1, "Statping HTTP Server running on http://"+host) utils.Log(1, "Statping HTTP Server running on http://"+host)
//for _, p := range core.CoreApp.AllPlugins { }
// info := p.GetInfo()
// for _, route := range p.Routes() {
// path := fmt.Sprintf("%v", route.URL)
// router.Handle(path, http.HandlerFunc(route.Handler)).Methods(route.Method)
// utils.Log(1, fmt.Sprintf("Added Route %v for plugin %v\n", path, info.Name))
// }
//}
router = Router() router = Router()
resetCookies()
if usingSSL {
cfg := &tls.Config{
MinVersion: tls.VersionTLS12,
CurvePreferences: []tls.CurveID{tls.CurveP521, tls.CurveP384, tls.CurveP256},
PreferServerCipherSuites: true,
CipherSuites: []uint16{
tls.TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
tls.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,
tls.TLS_RSA_WITH_AES_256_GCM_SHA384,
tls.TLS_RSA_WITH_AES_256_CBC_SHA,
},
}
srv := &http.Server{
Addr: fmt.Sprintf("%v:%v", ip, 443),
Handler: router,
TLSConfig: cfg,
TLSNextProto: make(map[string]func(*http.Server, *tls.Conn, http.Handler), 0),
WriteTimeout: timeout,
ReadTimeout: timeout,
IdleTimeout: timeout,
}
return srv.ListenAndServeTLS(utils.Directory+"/server.crt", utils.Directory+"/server.key")
} else {
httpServer = &http.Server{ httpServer = &http.Server{
Addr: host, Addr: host,
WriteTimeout: time.Second * 60, WriteTimeout: timeout,
ReadTimeout: time.Second * 60, ReadTimeout: timeout,
IdleTimeout: time.Second * 60, IdleTimeout: timeout,
Handler: router, Handler: router,
} }
resetCookies()
return httpServer.ListenAndServe() return httpServer.ListenAndServe()
}
return nil
} }
// IsAuthenticated returns true if the HTTP request is authenticated. You can set the environment variable GO_ENV=test // IsAuthenticated returns true if the HTTP request is authenticated. You can set the environment variable GO_ENV=test
@ -198,8 +230,11 @@ func ExecuteResponse(w http.ResponseWriter, r *http.Request, file string, data i
return return
} }
templates := []string{"base.gohtml", "head.gohtml", "nav.gohtml", "footer.gohtml", "scripts.gohtml", "form_service.gohtml", "form_notifier.gohtml", "form_user.gohtml", "form_checkin.gohtml", "form_message.gohtml"} if usingSSL {
w.Header().Add("Strict-Transport-Security", "max-age=63072000; includeSubDomains")
}
templates := []string{"base.gohtml", "head.gohtml", "nav.gohtml", "footer.gohtml", "scripts.gohtml", "form_service.gohtml", "form_notifier.gohtml", "form_user.gohtml", "form_checkin.gohtml", "form_message.gohtml"}
javascripts := []string{"charts.js", "chart_index.js"} javascripts := []string{"charts.js", "chart_index.js"}
render, err := source.TmplBox.String(file) render, err := source.TmplBox.String(file)
@ -252,6 +287,9 @@ func executeJSResponse(w http.ResponseWriter, r *http.Request, file string, data
if err != nil { if err != nil {
utils.Log(4, err) utils.Log(4, err)
} }
if usingSSL {
w.Header().Add("Strict-Transport-Security", "max-age=63072000; includeSubDomains")
}
t := template.New("charts") t := template.New("charts")
t.Funcs(template.FuncMap{ t.Funcs(template.FuncMap{
"safe": func(html string) template.HTML { "safe": func(html string) template.HTML {
@ -274,6 +312,9 @@ func executeJSResponse(w http.ResponseWriter, r *http.Request, file string, data
// error404Handler is a HTTP handler for 404 error pages // error404Handler is a HTTP handler for 404 error pages
func error404Handler(w http.ResponseWriter, r *http.Request) { func error404Handler(w http.ResponseWriter, r *http.Request) {
if usingSSL {
w.Header().Add("Strict-Transport-Security", "max-age=63072000; includeSubDomains")
}
w.WriteHeader(http.StatusNotFound) w.WriteHeader(http.StatusNotFound)
ExecuteResponse(w, r, "error_404.gohtml", nil, nil) ExecuteResponse(w, r, "error_404.gohtml", nil, nil)
} }

3
source/css/base.css
View File

@ -6,7 +6,8 @@
/* Mobile Settings */ /* Mobile Settings */
/* Mobile Service Container */ /* Mobile Service Container */
HTML, BODY { HTML, BODY {
background-color: #fcfcfc; } background-color: #fcfcfc;
padding-bottom: 10px; }
.container { .container {
padding-top: 20px; padding-top: 20px;

1
source/scss/base.scss
View File

@ -3,6 +3,7 @@
HTML,BODY { HTML,BODY {
background-color: $background-color; background-color: $background-color;
padding-bottom: 10px;
} }
.container { .container {

2
source/tmpl/form_notifier.gohtml
View File

@ -24,7 +24,7 @@
<div class="input-group-prepend"> <div class="input-group-prepend">
<div class="input-group-text">Limit</div> <div class="input-group-text">Limit</div>
</div> </div>
<input type="text" class="form-control" name="limits" min="1" max="60" id="limits_per_hour_{{underscore $n.Method }}" value="{{$n.Limits}}" placeholder="7"> <input type="number" class="form-control" name="limits" min="1" max="60" id="limits_per_hour_{{underscore $n.Method }}" value="{{$n.Limits}}" placeholder="7">
<div class="input-group-append"> <div class="input-group-append">
<div class="input-group-text">Per Minute</div> <div class="input-group-text">Per Minute</div>
</div> </div>

8
source/tmpl/form_service.gohtml
View File

@ -9,7 +9,7 @@
<div class="form-group row"> <div class="form-group row">
<label for="service_name" class="col-sm-4 col-form-label">Service Name</label> <label for="service_name" class="col-sm-4 col-form-label">Service Name</label>
<div class="col-sm-8"> <div class="col-sm-8">
<input type="text" name="name" class="form-control" id="service_name" value="{{.Name}}" placeholder="Name" required spellcheck="false"> <input type="text" name="name" class="form-control" id="service_name" value="{{.Name}}" placeholder="Name" required spellcheck="false" autocorrect="off">
<small class="form-text text-muted">Give your service a name you can recognize</small> <small class="form-text text-muted">Give your service a name you can recognize</small>
</div> </div>
</div> </div>
@ -27,7 +27,7 @@
<div class="form-group row"> <div class="form-group row">
<label for="service_url" class="col-sm-4 col-form-label">{{if (eq .Type "tcp") or (eq .Type "udp")}}Host/IP Address{{else}}Application Endpoint (URL){{end}}</label> <label for="service_url" class="col-sm-4 col-form-label">{{if (eq .Type "tcp") or (eq .Type "udp")}}Host/IP Address{{else}}Application Endpoint (URL){{end}}</label>
<div class="col-sm-8"> <div class="col-sm-8">
<input type="text" name="domain" class="form-control" id="service_url" value="{{.Domain}}" placeholder="https://google.com" required autocapitalize="false" spellcheck="false"> <input type="url" name="domain" class="form-control" id="service_url" value="{{.Domain}}" placeholder="https://google.com" required autocapitalize="none" spellcheck="false">
<small class="form-text text-muted">Statping will attempt to connect to this URL</small> <small class="form-text text-muted">Statping will attempt to connect to this URL</small>
</div> </div>
</div> </div>
@ -47,14 +47,14 @@
<div class="form-group row{{if ne .Method "POST"}} d-none{{end}}"> <div class="form-group row{{if ne .Method "POST"}} d-none{{end}}">
<label for="post_data" class="col-sm-4 col-form-label">Optional Post Data (JSON)</label> <label for="post_data" class="col-sm-4 col-form-label">Optional Post Data (JSON)</label>
<div class="col-sm-8"> <div class="col-sm-8">
<textarea name="post_data" class="form-control" id="post_data" rows="3" autocapitalize="false" spellcheck="false" placeholder='{"data": { "method": "success", "id": 148923 } }'>{{.PostData.String}}</textarea> <textarea name="post_data" class="form-control" id="post_data" rows="3" autocapitalize="none" spellcheck="false" placeholder='{"data": { "method": "success", "id": 148923 } }'>{{.PostData.String}}</textarea>
<small class="form-text text-muted">Insert a JSON string to send data to the endpoint.</small> <small class="form-text text-muted">Insert a JSON string to send data to the endpoint.</small>
</div> </div>
</div> </div>
<div class="form-group row{{if (eq .Type "tcp") or (eq .Type "udp")}} d-none{{end}}"> <div class="form-group row{{if (eq .Type "tcp") or (eq .Type "udp")}} d-none{{end}}">
<label for="service_response" class="col-sm-4 col-form-label">Expected Response (Regex)</label> <label for="service_response" class="col-sm-4 col-form-label">Expected Response (Regex)</label>
<div class="col-sm-8"> <div class="col-sm-8">
<textarea name="expected" class="form-control" id="service_response" rows="3" autocapitalize="false" spellcheck="false" placeholder='(method)": "((\\"|[success])*)"'>{{.Expected.String}}</textarea> <textarea name="expected" class="form-control" id="service_response" rows="3" autocapitalize="none" spellcheck="false" placeholder='(method)": "((\\"|[success])*)"'>{{.Expected.String}}</textarea>
<small class="form-text text-muted">You can use plain text or insert <a target="_blank" href="https://regex101.com/r/I5bbj9/1">Regex</a> to validate the response</small> <small class="form-text text-muted">You can use plain text or insert <a target="_blank" href="https://regex101.com/r/I5bbj9/1">Regex</a> to validate the response</small>
</div> </div>
</div> </div>

4
source/tmpl/form_user.gohtml
View File

@ -9,7 +9,7 @@
<div class="form-group row"> <div class="form-group row">
<label for="username" class="col-sm-4 col-form-label">Username</label> <label for="username" class="col-sm-4 col-form-label">Username</label>
<div class="col-6 col-md-4"> <div class="col-6 col-md-4">
<input type="text" name="username" class="form-control" value="{{.Username}}" id="username" placeholder="Username" required> <input type="text" name="username" class="form-control" value="{{.Username}}" id="username" placeholder="Username" required autocorrect="off" autocapitalize="none">
</div> </div>
<div class="col-6 col-md-4"> <div class="col-6 col-md-4">
<span class="switch"> <span class="switch">
@ -21,7 +21,7 @@
<div class="form-group row"> <div class="form-group row">
<label for="email" class="col-sm-4 col-form-label">Email Address</label> <label for="email" class="col-sm-4 col-form-label">Email Address</label>
<div class="col-sm-8"> <div class="col-sm-8">
<input type="email" name="email" class="form-control" id="email" value="{{.Email}}" placeholder="user@domain.com" required autocapitalize="false" spellcheck="false"> <input type="email" name="email" class="form-control" id="email" value="{{.Email}}" placeholder="user@domain.com" required autocapitalize="none" spellcheck="false">
</div> </div>
</div> </div>
<div class="form-group row"> <div class="form-group row">

2
source/tmpl/login.gohtml
View File

@ -14,7 +14,7 @@
<div class="form-group row"> <div class="form-group row">
<label for="username" class="col-sm-2 col-form-label">Username</label> <label for="username" class="col-sm-2 col-form-label">Username</label>
<div class="col-sm-10"> <div class="col-sm-10">
<input type="text" name="username" class="form-control" id="username" placeholder="Username" autocapitalize="false" spellcheck="false"> <input type="text" name="username" class="form-control" id="username" placeholder="Username" autocorrect="off" autocapitalize="none">
</div> </div>
</div> </div>
<div class="form-group row"> <div class="form-group row">

13
source/tmpl/settings.gohtml
View File

@ -39,7 +39,7 @@
<div class="form-group row"> <div class="form-group row">
<div class="col-8 col-sm-9"> <div class="col-8 col-sm-9">
<label for="domain">Domain</label> <label for="domain">Domain</label>
<input type="text" name="domain" class="form-control" value="{{ .Domain }}" id="domain"> <input type="url" name="domain" class="form-control" value="{{ .Domain }}" id="domain">
</div> </div>
<div class="col-4 col-sm-3 mt-sm-1 mt-0"> <div class="col-4 col-sm-3 mt-sm-1 mt-0">
<label for="enable_cdn" class="d-inline d-sm-none">Enable CDN</label> <label for="enable_cdn" class="d-inline d-sm-none">Enable CDN</label>
@ -49,9 +49,14 @@
<label for="switch-normal" class="mt-2 mt-sm-0"></label> <label for="switch-normal" class="mt-2 mt-sm-0"></label>
</span> </span>
</div> </div>
</div> </div>
{{if not .Domain}}
<div class="alert alert-danger" role="alert">
Your Statup server does not have a dedicated URL!
</div>
{{end}}
<div class="form-group"> <div class="form-group">
<label for="footer">Custom Footer</label> <label for="footer">Custom Footer</label>
<textarea rows="4" name="footer" class="form-control" id="footer">{{ .Footer.String }}</textarea> <textarea rows="4" name="footer" class="form-control" id="footer">{{ .Footer.String }}</textarea>
@ -113,13 +118,17 @@
<div class="row"> <div class="row">
<a href="/settings/export" class="btn btn-sm btn-secondary float-right">Export Settings</a> <a href="/settings/export" class="btn btn-sm btn-secondary float-right">Export Settings</a>
{{if .Domain}}
<a href="#" class="btn btn-sm btn-secondary float-right ml-1">Authentication QR Code</a> <a href="#" class="btn btn-sm btn-secondary float-right ml-1">Authentication QR Code</a>
{{end}}
</div> </div>
{{if .Domain}}
<div class="row align-content-center"> <div class="row align-content-center">
<img class="rounded text-center" width="300" height="300" src="https://chart.googleapis.com/chart?chs=500x500&cht=qr&chl={{ QrAuth }}"> <img class="rounded text-center" width="300" height="300" src="https://chart.googleapis.com/chart?chs=500x500&cht=qr&chl={{ QrAuth }}">
</div> </div>
<a class="btn btn-sm btn-primary" href={{safeURL QrAuth}}>Open in Statping App</a> <a class="btn btn-sm btn-primary" href={{safeURL QrAuth}}>Open in Statping App</a>
{{end}}
</form> </form>