Golang bot for managing discord verifications
 
 
 
 
 

157 lines
4.3 KiB

package main
import (
"fmt"
"math/rand"
"net/http"
"strings"
"time"
"github.com/gorilla/mux"
)
func reqPass(w http.ResponseWriter, r *http.Request) {
defer log.PanicSafe()
log.LogInfo("reqPass called.")
username := r.URL.Query()["UserName"][0]
log.LogInfo("reqPass username is %+v.", username)
var userID string
if &dg == nil {
log.LogError("Discord session was nill.")
}
g, err := dg.GuildMembers(config.GuildID, "", 1000)
log.LogInfo("reqPass guild is %+v.", config.GuildID)
if err == nil {
for _, m := range g {
if strings.ToUpper(m.Nick) == strings.ToUpper(username) {
for _, r := range m.Roles {
if r == config.AdminRole {
userID = m.User.ID
log.LogInfo("User ID found for %+v as %+v", username, userID)
}
}
}
}
} else {
log.LogError("Unable to find user ID for %+v", username)
}
ipaddr := r.Header.Get("X-Real-IP")
log.LogInfo("reqPass IP is %+v.", ipaddr)
log.LogInfo(fmt.Sprintf("reqPass called:```username: %s\nip : %s```", username, ipaddr))
go sendPassword(userID, ipaddr)
http.Redirect(w, r, "/login", 302)
}
func tryLogin(w http.ResponseWriter, r *http.Request) {
defer log.PanicSafe()
session, err := store.Get(r, "2fa")
if err != nil {
log.LogWarn("Error opening session for 2fa store")
}
vars := mux.Vars(r)
username := vars["username"]
password := vars["password"]
ip := r.Header.Get("X-Real-IP")
if len(username) == 0 {
username = r.FormValue("UserName")
password = r.FormValue("TempPass")
}
access, _ := detectUser(r, "tryLogin")
if !access {
log.LogDebug(fmt.Sprintf("%s is attempting login", getSessionIdentifier(r)))
access = usePassword(username, password, ip)
if access {
log.LogInfo(fmt.Sprintf("%s has successfully logged in from %s", username, ip))
log.LogDebug(fmt.Sprintf("```%+v```", session.Values))
session.Values["username"] = username
session.Values["ip"] = ip
session.Values["timestamp"] = fmt.Sprintf("%+v", time.Now())
err = session.Save(r, w)
if err != nil {
log.LogWarn(fmt.Sprintf("Error saving cookie. ```%+v```", err))
}
}
}
greetUser(w, r)
}
func usePassword(user string, pass string, ip string) bool {
defer log.PanicSafe()
log.LogInfo("%+v", toks)
tok := toks[strings.ToUpper(user)]
delete(toks, strings.ToUpper(user))
if tok.IP != ip {
log.LogWarn(fmt.Sprintf("%s attempted to use an improper IP.", user))
return false
}
if tok.Password != pass {
log.LogWarn(fmt.Sprintf("%s attempted to use an improper password. %s vs %s", user, tok.Password, pass))
return false
}
if time.Since(tok.Timestamp) > (time.Minute * 5) {
log.LogWarn("%s attempted to use expired token. \n%+v\n%+v\n%+v", user, time.Since(tok.Timestamp), tok.Timestamp, time.Now())
return false
}
return true
}
func genPassword(length int) string {
defer log.PanicSafe()
rand.Seed(time.Now().UnixNano())
chars := []rune("ABCDEFGHIJKLMNOPQRSTUVWXYZ" +
"abcdefghijklmnopqrstuvwxyz" +
"0123456789")
var b strings.Builder
for i := 0; i < length; i++ {
b.WriteRune(chars[rand.Intn(len(chars))])
}
return b.String() // E.g. "ExcbsVQs"
}
func sendPassword(user string, ipaddr string) {
defer log.PanicSafe()
str := genPassword(15)
log.LogInfo("sending password to %+v for %+v: %+v", ipaddr, user, str)
m, err := dg.GuildMember(config.GuildID, user)
if err != nil {
log.LogErrorType(err)
}
now := time.Now()
toks[strings.ToUpper(m.Nick)] = Tokens{
Username: user,
IP: ipaddr,
Password: str,
Timestamp: now,
}
pmChann, err := dg.UserChannelCreate(user)
if err != nil {
log.LogErrorType(err)
}
dg.ChannelMessageSend(pmChann.ID, fmt.Sprintf("A temporary password was requested from %s:", ipaddr))
dg.ChannelMessageSend(pmChann.ID, fmt.Sprintf("```%s```", str))
}
func getSessionIdentifier(r *http.Request) string {
defer log.PanicSafe()
ipaddr := r.Header.Get("X-Real-IP")
if ipaddr == "" {
ipaddr = r.RemoteAddr
}
uri := r.URL.Path
return fmt.Sprintf("%s:%s", ipaddr, uri)
}
func detectUser(r *http.Request, callFunc string) (bool, string) {
defer log.PanicSafe()
log.LogInfo(fmt.Sprintf("%s called detectUser", getSessionIdentifier(r)))
session, err := store.Get(r, "2fa")
if err != nil {
log.LogDebug(fmt.Sprintf("Unable to open 2fa session in %s", callFunc))
}
if session.Values["username"] != nil {
return true, fmt.Sprintf("%s", session.Values["username"])
}
return false, ""
}