gawells/Self-Service-Dashboard
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 7 Wiki Activity

Compare commits

base: gawells/Self-Service-Dashboard:6a985c1a84c9a3dfa711036f7ae15c4dc9bd28f4
Branches Tags
gawells/Self-Service-Dashboard:master
gawells/Self-Service-Dashboard:v0.0.7 gawells/Self-Service-Dashboard:v0.0.6 gawells/Self-Service-Dashboard:v0.0.5 gawells/Self-Service-Dashboard:v0.0.4 gawells/Self-Service-Dashboard:v0.0.3 gawells/Self-Service-Dashboard:v0.0.2 gawells/Self-Service-Dashboard:v0.0.1
...
compare: gawells/Self-Service-Dashboard:1ddc4daf02f6faf8adfbaf833dc931a1f60ba5b9
Branches Tags
gawells/Self-Service-Dashboard:master
gawells/Self-Service-Dashboard:v0.0.7 gawells/Self-Service-Dashboard:v0.0.6 gawells/Self-Service-Dashboard:v0.0.5 gawells/Self-Service-Dashboard:v0.0.4 gawells/Self-Service-Dashboard:v0.0.3 gawells/Self-Service-Dashboard:v0.0.2 gawells/Self-Service-Dashboard:v0.0.1

10 Commits
6a985c1a84 ... 1ddc4daf02

Author SHA1 Message Date
gawells 1ddc4daf02 bold name text 2026-04-17 08:32:53 -04:00
gawells e2fe714029 reset password page design 2026-04-16 14:53:02 -04:00
gawells 3e2541b411 add subtext modifier 2026-04-16 14:52:55 -04:00
gawells 561c33b1a9 move logo page to the master style.css file 2026-04-16 14:44:34 -04:00
gawells 33afca200d reset password page 2026-04-16 14:42:40 -04:00
gawells 812a40492f password expiry email 2026-04-16 14:23:07 -04:00
gawells 093b33db0d add more logging into the password expiry checks 2026-04-16 09:12:46 -04:00
gawells 8633309968 send password expired emails every 12 hours from the program start 2026-04-15 09:43:38 -04:00
gawells 093b258b84 expried password email template 2026-04-13 10:24:12 -04:00
gawells 5a80d61d9b remove old comment 2026-04-13 09:40:24 -04:00
12 changed files with 316 additions and 106 deletions
Expand all files Collapse all files
data/email-templates/expired-password.html
+106 -19
View File
@@ -1,25 +1,112 @@
<!doctype html> <!doctype html>
<html lang="en"> <html>
<head> <head>
<meta charset="UTF-8" /> <!-- Tell iOS we support light mode -->
<title>Hi</title> <meta name="color-scheme" content="light" />
<style> <meta name="supported-color-schemes" content="light" />
body {
font-family: Arial, sans-serif;
text-align: center;
margin-top: 50px;
}
img {
margin-top: 20px;
width: 150px;
height: 150px;
border-radius: 50%;
}
</style>
</head> </head>
<body>
<h1>Hi {{.Username}}</h1>
<img src="{{avatar .Username}}" alt="Profile Picture" /> <body
style="margin: 0; padding: 0; background-color: #f7fff7; color: #000000"
>
<table
width="100%"
cellpadding="0"
cellspacing="0"
border="0"
style="background-color: #f7fff7"
>
<tr>
<td align="center">
<!-- Outer container -->
<table
width="600"
cellpadding="0"
cellspacing="0"
border="0"
style="
background-color: #ffffff;
border: 1px solid #e2e8f0;
border-radius: 12px;
margin-top: 25px;
"
>
<tr>
<td
style="
padding: 30px;
font-family: Arial, sans-serif;
color: #000000;
"
>
<p style="margin: 0 0 15px 0">
Hi <strong>{{.Username}}</strong>,
</p>
<p style="margin: 0 0 15px 0">
Your account password has expired and needs
to be updated to continue accessing your
account.
</p>
<p style="margin: 0 0 15px 0">
<strong>Expiration Date:</strong><br />
{{.ExpiredAt}}
</p>
<p style="margin: 0 0 20px 0">
For security reasons, passwords must be
updated periodically. Please reset your
password as soon as possible.
</p>
<!-- Button -->
<table
align="center"
cellpadding="0"
cellspacing="0"
border="0"
>
<tr>
<td
bgcolor="#1a535c"
style="border-radius: 6px"
>
<a
href="{{.ResetURL}}"
style="
display: inline-block;
padding: 12px 20px;
font-weight: bold;
font-family:
Arial, sans-serif;
color: #ffffff;
text-decoration: none;
background-color: #1a535c;
border-radius: 6px;
-webkit-text-fill-color: #ffffff;
"
>
Reset Password
</a>
</td>
</tr>
</table>
<p style="margin: 20px 0 15px 0">
If you did not expect this, please contact
your system administrator.
</p>
<p style="margin: 0">
Thanks,<br />
<strong>{{.ServiceName}}</strong>
</p>
</td>
</tr>
</table>
</td>
</tr>
</table>
</body> </body>
</html> </html>
src/email/email.go
+2 -2
View File
@@ -33,9 +33,9 @@ func CreateEmailAccount(accountData EmailAccountData, smtpHost string, smtpPort
} }
func (account *EmailAccount) SendEmail(toEmails []string, subject string, message string) { func (account *EmailAccount) SendEmail(toEmails []string, subject string, message string) {
logging.Debugf("Sending an email from %s to %s", account.email, strings.Join(toEmails, "")) logging.Debugf("Sending an email from %s to %s", account.email, strings.Join(toEmails, ", "))
ToEmailList := strings.Join(toEmails, "") ToEmailList := strings.Join(toEmails, ", ")
mime := "MIME-version: 1.0;\r\nContent-Type: text/html; charset=\"UTF-8\";\r\n\r\n" mime := "MIME-version: 1.0;\r\nContent-Type: text/html; charset=\"UTF-8\";\r\n\r\n"
src/main/login.go
+58
View File
@@ -0,0 +1,58 @@
package main
import (
"html/template"
"net/http"
"strings"
"astraltech.xyz/accountmanager/src/logging"
)
type LoginPageData struct {
IsHiddenClassList string
}
func loginHandler(w http.ResponseWriter, r *http.Request) {
logging.Info("Handing login page")
w.Header().Set("Content-Type", "text/html; charset=utf-8")
tmpl := template.Must(template.ParseFiles("src/pages/login_page.html"))
if r.Method == http.MethodGet {
logging.Info("Rending login page")
tmpl.Execute(w, LoginPageData{IsHiddenClassList: "hidden"})
return
}
if r.Method == http.MethodPost {
username := r.FormValue("username")
if strings.Contains(username, "/") {
tmpl.Execute(w, LoginPageData{IsHiddenClassList: ""})
}
password := r.FormValue("password")
logging.Infof("New Login request for %s\n", username)
newUserData, err := authenticateUser(username, password)
userDataMutex.Lock()
userData[username] = newUserData
userDataMutex.Unlock()
if err == ErrPasswordExpired {
http.Redirect(w, r, "/reset-password?token=this_is_the_only_token_that_works", http.StatusFound)
} else if err != nil {
logging.Error(err.Error())
tmpl.Execute(w, LoginPageData{IsHiddenClassList: ""})
} else {
if newUserData.isAuth == true {
cookie, err := sessionManager.CreateSession(username)
if err != nil {
logging.Error(err.Error())
http.Error(w, "Session error", http.StatusInternalServerError)
return
}
http.SetCookie(w, cookie)
http.Redirect(w, r, "/profile", http.StatusFound)
} else {
tmpl.Execute(w, LoginPageData{IsHiddenClassList: ""})
}
}
}
}
src/main/main.go
+9 -65
View File
@@ -1,11 +1,11 @@
package main package main
import ( import (
"errors"
"fmt" "fmt"
"html/template" "html/template"
"log" "log"
"net/http" "net/http"
"net/url"
"strings" "strings"
"sync" "sync"
@@ -35,12 +35,17 @@ var (
userDataMutex sync.RWMutex userDataMutex sync.RWMutex
) )
var ErrPasswordExpired = errors.New("Password expired")
func authenticateUser(username, password string) (*UserData, error) { func authenticateUser(username, password string) (*UserData, error) {
logging.Event(logging.AuthenticateUser, username) logging.Event(logging.AuthenticateUser, username)
userDN := fmt.Sprintf("uid=%s,cn=users,cn=accounts,%s", username, serverConfig.LDAPConfig.BaseDN) userDN := fmt.Sprintf("uid=%s,cn=users,cn=accounts,%s", username, serverConfig.LDAPConfig.BaseDN)
connected, err := ldapServer.AuthenticateUser(userDN, password) connected, err := ldapServer.AuthenticateUser(userDN, password)
if err != nil { if err != nil {
if strings.Contains(err.Error(), "Password is expired") {
return nil, ErrPasswordExpired
}
return nil, err return nil, err
} }
if connected == false { if connected == false {
@@ -73,54 +78,6 @@ func authenticateUser(username, password string) (*UserData, error) {
return &user, nil return &user, nil
} }
type LoginPageData struct {
IsHiddenClassList string
}
func loginHandler(w http.ResponseWriter, r *http.Request) {
logging.Info("Handing login page")
w.Header().Set("Content-Type", "text/html; charset=utf-8")
tmpl := template.Must(template.ParseFiles("src/pages/login_page.html"))
if r.Method == http.MethodGet {
logging.Info("Rending login page")
tmpl.Execute(w, LoginPageData{IsHiddenClassList: "hidden"})
return
}
// 2. Logic for processing the form
if r.Method == http.MethodPost {
username := r.FormValue("username")
if strings.Contains(username, "/") {
tmpl.Execute(w, LoginPageData{IsHiddenClassList: ""})
}
password := r.FormValue("password")
logging.Infof("New Login request for %s\n", username)
newUserData, err := authenticateUser(username, password)
userDataMutex.Lock()
userData[username] = newUserData
userDataMutex.Unlock()
if err != nil {
logging.Error(err.Error())
tmpl.Execute(w, LoginPageData{IsHiddenClassList: ""})
} else {
if newUserData.isAuth == true {
cookie, err := sessionManager.CreateSession(username)
if err != nil {
logging.Error(err.Error())
http.Error(w, "Session error", http.StatusInternalServerError)
return
}
http.SetCookie(w, cookie)
http.Redirect(w, r, "/profile", http.StatusFound)
} else {
tmpl.Execute(w, LoginPageData{IsHiddenClassList: ""})
}
}
}
}
type ProfileData struct { type ProfileData struct {
Username string Username string
Email string Email string
@@ -259,22 +216,6 @@ func main() {
Email: serverConfig.EmailConfig.Email, Email: serverConfig.EmailConfig.Email,
}, serverConfig.EmailConfig.SMTPURL, serverConfig.EmailConfig.SMTPPort) }, serverConfig.EmailConfig.SMTPURL, serverConfig.EmailConfig.SMTPPort)
funcs := template.FuncMap{
"avatar": func(username string) string {
return serverConfig.WebserverConfig.BaseURL + "/avatar?user=" + url.QueryEscape(username)
},
}
data := map[string]any{
"Username": "gawells",
}
email_template, err := email.RenderTemplate("./data/email-templates/expired-password.html", data, funcs)
if err != nil {
logging.Errorf("Failed to load email template: %s", err.Error())
}
noReplyEmail.SendEmail([]string{"gawells@astraltech.xyz"}, "Test", email_template)
ldapServer = ldap.LDAPServer{ ldapServer = ldap.LDAPServer{
URL: serverConfig.LDAPConfig.LDAPURL, URL: serverConfig.LDAPConfig.LDAPURL,
StartTLS: serverConfig.LDAPConfig.Security == "tls", StartTLS: serverConfig.LDAPConfig.Security == "tls",
@@ -294,6 +235,8 @@ func main() {
logging.Fatal("Failed to connect to LDAP server") logging.Fatal("Failed to connect to LDAP server")
} }
InitPasswordExpiry()
helpers.HandleFunc("/favicon.ico", faviconHandler) helpers.HandleFunc("/favicon.ico", faviconHandler)
helpers.HandleFunc("/logo", logoHandler) helpers.HandleFunc("/logo", logoHandler)
@@ -301,6 +244,7 @@ func main() {
helpers.HandleFunc("/login", loginHandler) helpers.HandleFunc("/login", loginHandler)
helpers.HandleFunc("/profile", profileHandler) helpers.HandleFunc("/profile", profileHandler)
helpers.HandleFunc("/logout", logoutHandler) helpers.HandleFunc("/logout", logoutHandler)
helpers.HandleFunc("/reset-password", resetPasswordHandler)
helpers.HandleFunc("/avatar", components.AvatarHandler) helpers.HandleFunc("/avatar", components.AvatarHandler)
helpers.HandleFunc("/change-photo", components.UploadPhotoHandler) helpers.HandleFunc("/change-photo", components.UploadPhotoHandler)
src/main/password_expiry.go
+57
View File
@@ -0,0 +1,57 @@
package main
import (
"fmt"
"time"
"astraltech.xyz/accountmanager/src/email"
"astraltech.xyz/accountmanager/src/logging"
"astraltech.xyz/accountmanager/src/worker"
)
func InitPasswordExpiry() {
go func() {
CheckPasswordExpriy()
}()
worker.CreateWorker(time.Hour*12, CheckPasswordExpriy)
}
func CheckPasswordExpriy() {
logging.Infof("Starting password expiry check")
now := time.Now().UTC()
formatted := now.Format("20060102150405Z")
search, err := ldapServer.SerchServer(serverConfig.LDAPConfig.BindDN, serverConfig.LDAPConfig.BindPassword, serverConfig.LDAPConfig.BaseDN, fmt.Sprintf("(&(objectclass=person)(krbPasswordExpiration<=%s))", formatted), []string{"cn", "mail", "krbPasswordExpiration"})
if err != nil {
logging.Warn(err.Error())
}
logging.Infof("%d users with expired passwords", search.EntryCount())
for i := range search.EntryCount() {
emailAddr := search.GetEntry(i).GetAttributeValue("mail")
if len(emailAddr) <= 0 {
continue
}
t, err := time.Parse("20060102150405Z", search.GetEntry(i).GetAttributeValue("krbPasswordExpiration"))
if err != nil {
panic(err)
}
formatted := t.Format("January 2, 2006 at 3:04 PM MST")
data := map[string]any{
"Username": search.GetEntry(i).GetAttributeValue("cn"),
"ExpiredAt": formatted,
"ResetURL": fmt.Sprintf("%s", serverConfig.WebserverConfig.BaseURL),
"ServiceName": "Astral Tech",
}
email_template, err := email.RenderTemplate("./data/email-templates/expired-password.html", data, nil)
if err != nil {
logging.Errorf("Failed to load email template: %s", err.Error())
}
noReplyEmail.SendEmail([]string{emailAddr}, "Password expired", email_template)
}
}
src/main/reset_password.go
+21
View File
@@ -0,0 +1,21 @@
package main
import (
"html/template"
"net/http"
"astraltech.xyz/accountmanager/src/logging"
)
func resetPasswordHandler(w http.ResponseWriter, r *http.Request) {
w.Header().Set("Content-Type", "text/html; charset=utf-8")
token := r.URL.Query().Get("token")
logging.Infof("Token: %s\n", token)
tmpl := template.Must(template.ParseFiles("src/pages/reset_password.html"))
if r.Method == http.MethodGet {
tmpl.Execute(w, nil)
return
}
}
src/pages/reset_password.html
+44
View File
@@ -0,0 +1,44 @@
<!doctype html>
<title>Astral Tech - Reset Password</title>
<link
href="https://fonts.googleapis.com/css2?family=Inter:wght@400;600&display=swap"
rel="stylesheet"
/>
<link rel="stylesheet" href="static/style.css" />
<link rel="stylesheet" href="static/error/error.css" />
<link rel="stylesheet" href="static/card.css" />
<link rel="stylesheet" href="static/reset_password.css" />
<img id="logo_image" alt="logo" src="/logo" />
<div id="reset_password_card" class="card static_center">
<div>
<div>
Welcome
<b>{{.Name}}</b>
</div>
<div class="subtext">
Your password needs to be reset, please enter your new password
below
</div>
</div>
<div>
<label class="input_label">New password</label><br />
<div class="password_box">
<input type="password" name="password" placeholder="" required />
<button type="button" class="show_password_toggle closed"></button>
</div>
</div>
<div>
<label class="input_label">New password (repeated)</label><br />
<div class="password_box">
<input type="password" name="password" placeholder="" required />
<button type="button" class="show_password_toggle closed"></button>
</div>
</div>
<button>Reset Password</button>
</div>
static/card.css
+1 -6
View File
@@ -1,10 +1,5 @@
.card { .card {
background: rgba( background: rgba(255, 255, 255, 1);
255,
255,
255,
1
); /* Semi-transparent white for light theme */
border: 1px solid var(--border-subtle); border: 1px solid var(--border-subtle);
border-radius: 12px; border-radius: 12px;
padding: 2.5rem; padding: 2.5rem;
static/login_page.css
-7
View File
@@ -1,10 +1,3 @@
#logo_image {
position: fixed;
width: 300px;
left: 50%;
transform: translateX(-50%);
}
#login_card { #login_card {
position: fixed; position: fixed;
top: 50%; top: 50%;
static/profile_page.css
-7
View File
@@ -1,10 +1,3 @@
#logo_image {
position: fixed;
width: 300px;
left: 50%;
transform: translateX(-50%);
}
#main_content { #main_content {
position: fixed; position: fixed;
top: 100px; top: 100px;
static/reset_password.css
+7
View File
@@ -0,0 +1,7 @@
#reset_password_card {
width: 350px;
}
#reset_password_card input {
width: 324px;
}
static/style.css
+11
View File
@@ -129,3 +129,14 @@ input::placeholder {
.show_password_toggle:focus { .show_password_toggle:focus {
outline: none !important; outline: none !important;
} }
#logo_image {
position: fixed;
width: 300px;
left: 50%;
transform: translateX(-50%);
}
.subtext {
color: var(--text-muted);
}