gawells/Self-Service-Dashboard
1
1
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 6 Wiki Activity

Compare commits

base: gawells:92f7c0f12709ebc69f51f3fe983a7b6ce82466ef
Branches Tags
gawells:master
gawells:v0.0.6 gawells:v0.0.5 gawells:v0.0.4 gawells:737a1908e0 gawells:074b3f8f31 gawells:c5358e6c50
..
compare: gawells:074b3f8f31
Branches Tags
gawells:master
gawells:v0.0.6 gawells:v0.0.5 gawells:v0.0.4 gawells:737a1908e0 gawells:074b3f8f31 gawells:c5358e6c50

8 Commits
92f7c0f127 ... 074b3f8f31

Author SHA1 Message Date
Gregory Wells
074b3f8f31 stale sessions not deleting 2026-03-25 14:05:27 -04:00
Gregory Wells
f8b3c10933 final cleanups 2026-03-25 14:02:53 -04:00
Gregory Wells
c11425dde7 Finish logging 2026-03-25 14:01:46 -04:00
Gregory Wells
bcaa023d3c add log levels in to logger 2026-03-25 13:55:37 -04:00
Gregory Wells
f491c80fa0 fixed a bug that stopped sessions from being deleted 2026-03-25 10:20:20 -04:00
Gregory Wells
ffb4077f24 debugging session 2026-03-25 09:40:50 -04:00
Gregory Wells
8adca50b91 Logging for LDAP server 2026-03-24 20:26:22 -04:00
Gregory Wells
8928b3c1fc Debug email class (even though no used) 2026-03-24 20:11:52 -04:00
5 changed files with 127 additions and 39 deletions
Expand all files Collapse all files

68
src/logging/logging.go
View File

@@ -1,7 +1,6 @@
package logging package logging
import ( import (
"fmt"
"log" "log"
) )
@@ -9,54 +8,113 @@ type EventType int
const ( const (
ReadFile EventType = iota ReadFile EventType = iota
AuthenticateUser
)
type LogLevel int
const (
InfoLevel LogLevel = iota
EventLevel
DebugLevel
WarnLevel
ErrorLevel
FatalLevel
)
var (
currentLevel LogLevel = InfoLevel
) )
func Info(message string) { func Info(message string) {
if currentLevel > InfoLevel {
return
}
log.Printf("Info: %s", message) log.Printf("Info: %s", message)
} }
func Infof(message string, v ...any) { func Infof(message string, v ...any) {
log.Printf("Info: %s", fmt.Sprintf(message, v...)) if currentLevel > InfoLevel {
return
}
log.Printf("Info: "+message, v...)
} }
func Debug(message string) { func Debug(message string) {
if currentLevel > DebugLevel {
return
}
log.Printf("Debug: %s", message) log.Printf("Debug: %s", message)
} }
func Debugf(message string, v ...any) { func Debugf(message string, v ...any) {
log.Printf("Debug: %s", fmt.Sprintf(message, v...)) if currentLevel > DebugLevel {
return
}
log.Printf("Debug: "+message, v...)
} }
func Warn(message string) { func Warn(message string) {
if currentLevel > WarnLevel {
return
}
log.Printf("Warn: %s", message) log.Printf("Warn: %s", message)
} }
func Warnf(message string, v ...any) { func Warnf(message string, v ...any) {
log.Printf("Warn: %s", fmt.Sprintf(message, v...)) if currentLevel > WarnLevel {
return
}
log.Printf("Warn: "+message, v...)
} }
func Error(message string) { func Error(message string) {
if currentLevel > ErrorLevel {
return
}
log.Printf("Error: %s", message) log.Printf("Error: %s", message)
} }
func Errorf(message string, v ...any) { func Errorf(message string, v ...any) {
log.Printf("Error: %s", fmt.Sprintf(message, v...)) if currentLevel > ErrorLevel {
return
}
log.Printf("Error: "+message, v...)
} }
func Fatal(message string) { func Fatal(message string) {
if currentLevel > FatalLevel {
return
}
log.Fatal(message) log.Fatal(message)
} }
func Fatalf(message string, v ...any) { func Fatalf(message string, v ...any) {
if currentLevel > FatalLevel {
return
}
log.Fatalf(message, v...) log.Fatalf(message, v...)
} }
func Event(eventType EventType, eventData ...any) { func Event(eventType EventType, eventData ...any) {
if currentLevel > EventLevel {
return
}
switch eventType { switch eventType {
case ReadFile: case ReadFile:
{ {
log.Printf("Reading file %s", eventData[0]) log.Printf("Reading file %s", eventData[0])
break break
} }
case AuthenticateUser:
{
log.Printf("Authenticating user %s", eventData[0])
break
}
} }
} }
func SetLogLovel(level LogLevel) {
currentLevel = level
}

18
src/main/email.go
View File

@@ -1,9 +1,11 @@
package main package main
import ( import (
"log"
"net/smtp" "net/smtp"
"strconv" "strconv"
"strings"
"astraltech.xyz/accountmanager/src/logging"
) )
type EmailAccount struct { type EmailAccount struct {
@@ -20,6 +22,7 @@ type EmailAccountData struct {
} }
func createEmailAccount(accountData EmailAccountData, smtpHost string, smtpPort int) EmailAccount { func createEmailAccount(accountData EmailAccountData, smtpHost string, smtpPort int) EmailAccount {
logging.Debugf("Creating Email Account: \n\tUsername: %s\n\tEmail: %s\n\tSMTP Host: %s:%d", accountData.username, accountData.email, smtpHost, smtpPort)
account := EmailAccount{ account := EmailAccount{
email: accountData.email, email: accountData.email,
smtpHost: smtpHost, smtpHost: smtpHost,
@@ -30,13 +33,9 @@ func createEmailAccount(accountData EmailAccountData, smtpHost string, smtpPort
} }
func sendEmail(account EmailAccount, toEmail []string, subject string, message string) { func sendEmail(account EmailAccount, toEmail []string, subject string, message string) {
ToEmailList := "" logging.Debugf("Sending an email from %s to %s", account.email, strings.Join(toEmail, ""))
for i := 0; i < len(toEmail); i++ {
ToEmailList += toEmail[i] ToEmailList := strings.Join(toEmail, "")
if i+1 < len(toEmail) {
ToEmailList += ", "
}
}
messageData := []byte( messageData := []byte(
"From: " + account.email + "\r\n" + "From: " + account.email + "\r\n" +
@@ -47,6 +46,7 @@ func sendEmail(account EmailAccount, toEmail []string, subject string, message s
) )
err := smtp.SendMail(account.smtpHost+":"+account.smtpPort, account.auth, account.email, toEmail, messageData) err := smtp.SendMail(account.smtpHost+":"+account.smtpPort, account.auth, account.email, toEmail, messageData)
if err != nil { if err != nil {
log.Print(err) logging.Error("Failed to send email")
logging.Error(err.Error())
} }
} }

41
src/main/ldap.go
View File

@@ -2,8 +2,8 @@ package main
import ( import (
"crypto/tls" "crypto/tls"
"errors" "fmt"
"log" "strings"
"astraltech.xyz/accountmanager/src/logging" "astraltech.xyz/accountmanager/src/logging"
"github.com/go-ldap/ldap/v3" "github.com/go-ldap/ldap/v3"
@@ -46,41 +46,55 @@ func connectToLDAPServer(URL string, starttls bool, ignore_cert bool) *LDAPServe
} }
} }
func reconnectToLDAPServer(server *LDAPServer) { func reconnectToLDAPServer(server *LDAPServer) error {
logging.Debugf("Reconnecting to %s LDAP server", server.URL)
if server == nil { if server == nil {
log.Println("Cannot reconnect: server is nil") logging.Errorf("Cannot reconnect: server is nil")
return return fmt.Errorf("Server is nil")
} }
l, err := ldap.DialURL(server.URL) l, err := ldap.DialURL(server.URL)
if err != nil { if err != nil {
log.Print(err) logging.Errorf("Failed to connect to LDAP server (has server gone down)")
return return err
} }
if server.StartTLS { if server.StartTLS {
logging.Debugf("StartTLS enabling")
if err := l.StartTLS(&tls.Config{InsecureSkipVerify: server.IgnoreInsecureCert}); err != nil { if err := l.StartTLS(&tls.Config{InsecureSkipVerify: server.IgnoreInsecureCert}); err != nil {
log.Println("StartTLS failed:", err) logging.Error("StartTLS failed")
return err
} }
logging.Debugf("Successfully Started TLS")
} }
server.Connection = l server.Connection = l
return nil
} }
func connectAsLDAPUser(server *LDAPServer, bindDN, password string) error { func connectAsLDAPUser(server *LDAPServer, bindDN, password string) error {
logging.Debugf("Connecting to %s LDAP server with %s BindDN", server.URL, bindDN)
if server == nil { if server == nil {
return errors.New("LDAP server is nil") logging.Errorf("Failed to connect as user, LDAP server is NULL")
return fmt.Errorf("LDAP server is null")
} }
// Reconnect if needed
if server.Connection == nil || server.Connection.IsClosing() { if server.Connection == nil || server.Connection.IsClosing() {
reconnectToLDAPServer(server) err := reconnectToLDAPServer(server)
return err
} }
return server.Connection.Bind(bindDN, password) err := server.Connection.Bind(bindDN, password)
if err != nil {
logging.Errorf("Failed to bind to LDAP as user %s", err.Error())
return err
}
return nil
} }
func searchLDAPServer(server *LDAPServer, baseDN string, searchFilter string, attributes []string) LDAPSearch { func searchLDAPServer(server *LDAPServer, baseDN string, searchFilter string, attributes []string) LDAPSearch {
logging.Debugf("Searching %s LDAP server\n\tBase DN: %s\n\tSearch Filter %s\n\tAttributes: %s", server.URL, baseDN, searchFilter, strings.Join(attributes, ","))
if server == nil { if server == nil {
logging.Errorf("Server is nil, failed to search LDAP server")
return LDAPSearch{false, nil} return LDAPSearch{false, nil}
} }
@@ -100,6 +114,7 @@ func searchLDAPServer(server *LDAPServer, baseDN string, searchFilter string, at
sr, err := server.Connection.Search(searchRequest) sr, err := server.Connection.Search(searchRequest)
if err != nil { if err != nil {
logging.Errorf("Failed to search LDAP server %s\n", err.Error())
return LDAPSearch{false, nil} return LDAPSearch{false, nil}
} }
@@ -107,10 +122,12 @@ func searchLDAPServer(server *LDAPServer, baseDN string, searchFilter string, at
} }
func modifyLDAPAttribute(server *LDAPServer, userDN string, attribute string, data []string) error { func modifyLDAPAttribute(server *LDAPServer, userDN string, attribute string, data []string) error {
logging.Infof("Modifing LDAP attribute %s", attribute)
modify := ldap.NewModifyRequest(userDN, nil) modify := ldap.NewModifyRequest(userDN, nil)
modify.Replace(attribute, data) modify.Replace(attribute, data)
err := server.Connection.Modify(modify) err := server.Connection.Modify(modify)
if err != nil { if err != nil {
logging.Errorf("Failed to modify %s", err.Error())
return err return err
} }
return nil return nil

18
src/main/main.go
View File

@@ -57,6 +57,7 @@ func createUserPhoto(username string, photoData []byte) error {
} }
func authenticateUser(username, password string) (UserData, error) { func authenticateUser(username, password string) (UserData, error) {
logging.Event(logging.AuthenticateUser, username)
ldapServerMutex.Lock() ldapServerMutex.Lock()
defer ldapServerMutex.Unlock() defer ldapServerMutex.Unlock()
if ldapServer.Connection == nil { if ldapServer.Connection == nil {
@@ -191,7 +192,6 @@ func avatarHandler(w http.ResponseWriter, r *http.Request) {
connected := connectAsLDAPUser(ldapServer, serverConfig.LDAPConfig.BindDN, serverConfig.LDAPConfig.BindPassword) connected := connectAsLDAPUser(ldapServer, serverConfig.LDAPConfig.BindDN, serverConfig.LDAPConfig.BindPassword)
if connected != nil { if connected != nil {
w.Write(blankPhotoData) w.Write(blankPhotoData)
fmt.Println("Returned blank avatar because couldnt connect as user")
return return
} }
@@ -203,13 +203,11 @@ func avatarHandler(w http.ResponseWriter, r *http.Request) {
) )
if !userSearch.Succeeded || len(userSearch.LDAPSearch.Entries) == 0 { if !userSearch.Succeeded || len(userSearch.LDAPSearch.Entries) == 0 {
w.Write(blankPhotoData) w.Write(blankPhotoData)
fmt.Println("Returned blank avatar because we couldnt find the user")
return return
} }
entry := userSearch.LDAPSearch.Entries[0] entry := userSearch.LDAPSearch.Entries[0]
bytes := entry.GetRawAttributeValue("jpegphoto") bytes := entry.GetRawAttributeValue("jpegphoto")
if len(bytes) == 0 { if len(bytes) == 0 {
fmt.Println("Returned blank avatar because we just don't have an avatar")
w.Write(blankPhotoData) w.Write(blankPhotoData)
return return
} else { } else {
@@ -230,14 +228,13 @@ func logoutHandler(w http.ResponseWriter, r *http.Request) {
if exist { if exist {
if r.FormValue("csrf_token") != sessionData.CSRFToken { if r.FormValue("csrf_token") != sessionData.CSRFToken {
http.Error(w, "Unable to log user out", http.StatusForbidden) http.Error(w, "Unable to log user out", http.StatusForbidden)
log.Printf("%s attempted to logout with invalid csrf token", sessionData.data.Username) logging.Debugf("%s attempted to logout with invalid csrf token", sessionData.data.Username)
return return
} }
} }
logging.Infof("handling logout event for %s", sessionData.data.Username)
sessionMutex.Lock() deleteSession(token)
delete(sessions, token)
sessionMutex.Unlock()
http.Redirect(w, r, "/login", http.StatusSeeOther) http.Redirect(w, r, "/login", http.StatusSeeOther)
} }
@@ -293,9 +290,9 @@ func logoHandler(w http.ResponseWriter, r *http.Request) {
} }
func cleanupSessions() { func cleanupSessions() {
sessionMutex.Lock() logging.Debug("Cleaning up stale session\n")
defer sessionMutex.Unlock()
sessionMutex.Lock()
sessions_to_delete := []string{} sessions_to_delete := []string{}
for session_token, session_data := range sessions { for session_token, session_data := range sessions {
timeUntilRemoval := time.Minute * 5 timeUntilRemoval := time.Minute * 5
@@ -306,8 +303,9 @@ func cleanupSessions() {
sessions_to_delete = append(sessions_to_delete, session_token) sessions_to_delete = append(sessions_to_delete, session_token)
} }
} }
sessionMutex.Unlock()
for _, session_id := range sessions_to_delete { for _, session_id := range sessions_to_delete {
delete(sessions, session_id) deleteSession(session_id)
} }
} }

21
src/main/session.go
View File

@@ -4,10 +4,11 @@ import (
"crypto/rand" "crypto/rand"
"crypto/sha256" "crypto/sha256"
"encoding/base64" "encoding/base64"
"log"
"net/http" "net/http"
"sync" "sync"
"time" "time"
"astraltech.xyz/accountmanager/src/logging"
) )
type SessionData struct { type SessionData struct {
@@ -33,14 +34,15 @@ func GenerateSessionToken(length int) (string, error) {
} }
func createSession(userData *UserData) *http.Cookie { func createSession(userData *UserData) *http.Cookie {
logging.Debugf("Creating a new session for %s", userData.Username)
token, err := GenerateSessionToken(32) // Use crypto/rand for this token, err := GenerateSessionToken(32) // Use crypto/rand for this
if err != nil { if err != nil {
log.Print(err) logging.Error(err.Error())
return nil return nil
} }
CSRFToken, err := GenerateSessionToken(32) CSRFToken, err := GenerateSessionToken(32)
if err != nil { if err != nil {
log.Print(err) logging.Error(err.Error())
return nil return nil
} }
@@ -72,8 +74,10 @@ func createSession(userData *UserData) *http.Cookie {
} }
func validateSession(r *http.Request) (bool, *SessionData) { func validateSession(r *http.Request) (bool, *SessionData) {
logging.Debugf("Validating session")
cookie, err := r.Cookie("session_token") cookie, err := r.Cookie("session_token")
if err != nil { if err != nil {
logging.Error(err.Error())
return false, &SessionData{} return false, &SessionData{}
} }
token := cookie.Value token := cookie.Value
@@ -87,5 +91,16 @@ func validateSession(r *http.Request) (bool, *SessionData) {
if !exists || !sessionData.loggedIn { if !exists || !sessionData.loggedIn {
return false, &SessionData{} return false, &SessionData{}
} }
logging.Infof("Validated session for %s", sessionData.data.Username)
return true, &sessionData return true, &sessionData
} }
func deleteSession(session_id string) {
sessionMutex.Lock()
tokenEncoded := sha256.Sum256([]byte(session_id))
tokenEncodedString := string(tokenEncoded[:])
delete(sessions, tokenEncodedString)
sessionMutex.Unlock()
}