Added Zoraxy experimental

2025-08-07 21:58:29 +02:00 · 2023-04-13 22:07:38 +08:00
parent 85c816ecd7
commit b5f3234d45
285 changed files with 20145 additions and 1277 deletions
--- a/src/api.go
+++ b/src/api.go
@@ -0,0 +1,153 @@
+package main
+
+import (
+	"encoding/json"
+	"net/http"
+
+	"imuslab.com/zoraxy/mod/auth"
+	"imuslab.com/zoraxy/mod/utils"
+)
+
+/*
+	API.go
+
+	This file contains all the API called by the web management interface
+
+*/
+
+func initAPIs() {
+	requireAuth := !(*noauth || handler.IsUsingExternalPermissionManager())
+	authRouter := auth.NewManagedHTTPRouter(auth.RouterOption{
+		AuthAgent:   authAgent,
+		RequireAuth: requireAuth,
+		DeniedHandler: func(w http.ResponseWriter, r *http.Request) {
+			http.Error(w, "401 - Unauthorized", http.StatusUnauthorized)
+		},
+	})
+
+	//Register the standard web services urls
+	fs := http.FileServer(http.Dir("./web"))
+	if requireAuth {
+		//Add a layer of middleware for auth control
+		authHandler := AuthFsHandler(fs)
+		http.Handle("/", authHandler)
+	} else {
+		http.Handle("/", fs)
+	}
+
+	//Authentication APIs
+	registerAuthAPIs(requireAuth)
+
+	//Reverse proxy
+	authRouter.HandleFunc("/api/proxy/enable", ReverseProxyHandleOnOff)
+	authRouter.HandleFunc("/api/proxy/add", ReverseProxyHandleAddEndpoint)
+	authRouter.HandleFunc("/api/proxy/status", ReverseProxyStatus)
+	authRouter.HandleFunc("/api/proxy/list", ReverseProxyList)
+	authRouter.HandleFunc("/api/proxy/del", DeleteProxyEndpoint)
+	authRouter.HandleFunc("/api/proxy/setIncoming", HandleIncomingPortSet)
+	authRouter.HandleFunc("/api/proxy/useHttpsRedirect", HandleUpdateHttpsRedirect)
+	authRouter.HandleFunc("/api/proxy/requestIsProxied", HandleManagementProxyCheck)
+
+	//TLS / SSL config
+	authRouter.HandleFunc("/api/cert/tls", handleToggleTLSProxy)
+	authRouter.HandleFunc("/api/cert/upload", handleCertUpload)
+	authRouter.HandleFunc("/api/cert/list", handleListCertificate)
+	authRouter.HandleFunc("/api/cert/checkDefault", handleDefaultCertCheck)
+	authRouter.HandleFunc("/api/cert/delete", handleCertRemove)
+
+	//Redirection config
+	authRouter.HandleFunc("/api/redirect/list", handleListRedirectionRules)
+	authRouter.HandleFunc("/api/redirect/add", handleAddRedirectionRule)
+	authRouter.HandleFunc("/api/redirect/delete", handleDeleteRedirectionRule)
+
+	//Blacklist APIs
+	authRouter.HandleFunc("/api/blacklist/list", handleListBlacklisted)
+	authRouter.HandleFunc("/api/blacklist/country/add", handleCountryBlacklistAdd)
+	authRouter.HandleFunc("/api/blacklist/country/remove", handleCountryBlacklistRemove)
+	authRouter.HandleFunc("/api/blacklist/ip/add", handleIpBlacklistAdd)
+	authRouter.HandleFunc("/api/blacklist/ip/remove", handleIpBlacklistRemove)
+	authRouter.HandleFunc("/api/blacklist/enable", handleBlacklistEnable)
+
+	//Statistic API
+	authRouter.HandleFunc("/api/stats/summary", statisticCollector.HandleTodayStatLoad)
+
+	//Upnp
+	authRouter.HandleFunc("/api/upnp/discover", handleUpnpDiscover)
+	//If you got APIs to add, append them here
+}
+
+//Function to renders Auth related APIs
+func registerAuthAPIs(requireAuth bool) {
+	//Auth APIs
+	http.HandleFunc("/api/auth/login", authAgent.HandleLogin)
+	http.HandleFunc("/api/auth/logout", authAgent.HandleLogout)
+	http.HandleFunc("/api/auth/checkLogin", func(w http.ResponseWriter, r *http.Request) {
+		if requireAuth {
+			authAgent.CheckLogin(w, r)
+		} else {
+			utils.SendJSONResponse(w, "true")
+		}
+	})
+	http.HandleFunc("/api/auth/username", func(w http.ResponseWriter, r *http.Request) {
+		username, err := authAgent.GetUserName(w, r)
+		if err != nil {
+			http.Error(w, http.StatusText(http.StatusUnauthorized), http.StatusUnauthorized)
+			return
+		}
+
+		js, _ := json.Marshal(username)
+		utils.SendJSONResponse(w, string(js))
+	})
+	http.HandleFunc("/api/auth/userCount", func(w http.ResponseWriter, r *http.Request) {
+		uc := authAgent.GetUserCounts()
+		js, _ := json.Marshal(uc)
+		utils.SendJSONResponse(w, string(js))
+	})
+	http.HandleFunc("/api/auth/register", func(w http.ResponseWriter, r *http.Request) {
+		if authAgent.GetUserCounts() == 0 {
+			//Allow register root admin
+			authAgent.HandleRegisterWithoutEmail(w, r, func(username, reserved string) {
+
+			})
+		} else {
+			//This function is disabled
+			utils.SendErrorResponse(w, "Root management account already exists")
+		}
+	})
+	http.HandleFunc("/api/auth/changePassword", func(w http.ResponseWriter, r *http.Request) {
+		username, err := authAgent.GetUserName(w, r)
+		if err != nil {
+			http.Error(w, "401 - Unauthorized", http.StatusUnauthorized)
+			return
+		}
+
+		oldPassword, err := utils.PostPara(r, "oldPassword")
+		if err != nil {
+			utils.SendErrorResponse(w, "empty current password")
+			return
+		}
+		newPassword, err := utils.PostPara(r, "newPassword")
+		if err != nil {
+			utils.SendErrorResponse(w, "empty new password")
+			return
+		}
+		confirmPassword, _ := utils.PostPara(r, "confirmPassword")
+
+		if newPassword != confirmPassword {
+			utils.SendErrorResponse(w, "confirm password not match")
+			return
+		}
+
+		//Check if the old password correct
+		oldPasswordCorrect, _ := authAgent.ValidateUsernameAndPasswordWithReason(username, oldPassword)
+		if !oldPasswordCorrect {
+			utils.SendErrorResponse(w, "Invalid current password given")
+			return
+		}
+
+		//Change the password of the root user
+		authAgent.UnregisterUser(username)
+		authAgent.CreateUserAccount(username, newPassword, "")
+	})
+
+}