cristiancmoises
/
gophish
mirror of https://github.com/gophish/gophish
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Cleaning up some broken links 

Changed default admin password to 'gophish'
Fixed bug in POST /api/campaigns
Starting to implements groups and users functionality
pull/24/head
Jordan 2014-02-02 16:37:36 -06:00
parent e312e90570
commit 43417d160f
6 changed files with 59 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
controllers/api.go
View File

@ -81,6 +81,10 @@ func API_Campaigns(w http.ResponseWriter, r *http.Request) {
c.CompletedDate = time.Time{}
c.Status = IN_PROGRESS
c.Uid, err = db.Conn.SelectInt("SELECT id FROM users WHERE api_key=?", ctx.Get(r, "api_key"))
if c.Uid == 0 {
http.Error(w, "Error: Invalid API Key", http.StatusInternalServerError)
return
}
if checkError(err, w, "Invalid API Key") {
return
}
@ -112,7 +116,6 @@ func API_Campaigns_Id(w http.ResponseWriter, r *http.Request) {
if checkError(err, w, "No campaign found") {
return
}
fmt.Printf("%v\n", c)
cj, err := json.MarshalIndent(c, "", " ")
if checkError(err, w, "Error creating JSON response") {
return
@ -123,6 +126,18 @@ func API_Campaigns_Id(w http.ResponseWriter, r *http.Request) {
}
}
// API_Groups returns details about the requested group. If the campaign is not
// valid, API_Groups returns null.
func API_Groups(w http.ResponseWriter, r *http.Request) {
http.Redirect(w, r, "/", 302)
}
// API_Campaigns_Id returns details about the requested campaign. If the campaign is not
// valid, API_Campaigns_Id returns null.
func API_Groups_Id(w http.ResponseWriter, r *http.Request) {
http.Redirect(w, r, "/", 302)
}
func writeJSON(w http.ResponseWriter, c []byte) {
w.Header().Set("Content-Type", "application/json")
fmt.Fprintf(w, "%s", c)

13
controllers/route.go
View File

@ -21,7 +21,7 @@ func CreateRouter() *mux.Router {
router.HandleFunc("/login", Login)
router.HandleFunc("/register", Register)
router.HandleFunc("/", Use(Base, mid.RequireLogin))
router.HandleFunc("/campaigns/{id}", Use(Campaigns_Id, mid.RequireLogin))
router.HandleFunc("/campaigns/{id:[0-9]+}", Use(Campaigns_Id, mid.RequireLogin))
router.HandleFunc("/users", Use(Users, mid.RequireLogin))
router.HandleFunc("/settings", Use(Settings, mid.RequireLogin))
@ -30,7 +30,9 @@ func CreateRouter() *mux.Router {
api.HandleFunc("/", Use(API, mid.RequireLogin))
api.HandleFunc("/reset", Use(API_Reset, mid.RequireLogin))
api.HandleFunc("/campaigns", Use(API_Campaigns, mid.RequireAPIKey))
api.HandleFunc("/campaigns/{id}", Use(API_Campaigns_Id, mid.RequireAPIKey))
api.HandleFunc("/campaigns/{id:[0-9]+}", Use(API_Campaigns_Id, mid.RequireAPIKey))
api.HandleFunc("/groups", Use(API_Groups, mid.RequireAPIKey))
api.HandleFunc("/groups/{id:[0-9]+}", Use(API_Groups_Id, mid.RequireAPIKey))
//Setup static file serving
router.PathPrefix("/").Handler(http.FileServer(http.Dir("./static/")))
@ -63,7 +65,12 @@ func Base(w http.ResponseWriter, r *http.Request) {
}
func Users(w http.ResponseWriter, r *http.Request) {
getTemplate(w, "users").ExecuteTemplate(w, "base", nil)
params := struct {
User models.User
Title string
Flashes []interface{}
}{Title: "Users & Groups", User: ctx.Get(r, "user").(models.User)}
getTemplate(w, "users").ExecuteTemplate(w, "base", params)
}
func Settings(w http.ResponseWriter, r *http.Request) {

2
db/db.go
View File

@ -48,7 +48,7 @@ func Setup() error {
//Create the default user
init_user := models.User{
Username: "admin",
Hash: "$2a$10$d4OtT.RkEOQn.iruVWIQ5u8CeV/85ZYF41y8wKeUwsAPqPNFvTccW",
Hash: "$2a$10$IYkPp0.QsM81lYYPrQx6W.U6oQGw7wMpozrKhKAHUBVL4mkm/EvAS",
APIKey: "12345678901234567890123456789012",
}
Conn.Insert(&init_user)

6
static/js/app/controllers.js
View File

@ -4,4 +4,10 @@ gophishApp.controller('CampaignCtrl', function($scope, $http) {
$http.get('/api/campaigns?api_key=' + API_KEY).success(function(data) {
$scope.campaigns = data;
})
})
gophishApp.controller('GroupCtrl', function($scope, $http) {
$http.get('/api/groups?api_key=' + API_KEY).success(function(data) {
$scope.groups = data;
})
})

2
templates/settings.html
View File

@ -15,7 +15,7 @@
</li>
<li class="active"><a href="/settings">Settings</a>
</li>
<li><a href="/api/doc">API Documentation</a>
<li><a href="/api/">API Documentation</a>
</li>
</ul>
</div>

32
templates/users.html
View File

@ -1,4 +1,4 @@
{{%define "content"%}} {{%template "nav"%}}
{{%define "content"%}} {{%template "nav" .User %}}
<div class="jumbotron">
<div class="container" style="text-align:center;">
<h1 class="sans header">
@ -15,15 +15,33 @@
</li>
<li><a href="/settings">Settings</a>
</li>
<li><a href="/api/doc">API Documentation</a>
<li><a href="/api/">API Documentation</a>
</li>
</ul>
</div>
<div class="col-md-9 sans">
<h1 style="margin-top:0px"><i class="fa fa-gear"></i> Gophish API</h1>
<p>Gophish runs on top of a RESTful API which allows developers to automate phishing campaigns easily. The following documentation and examples demonstrate the API functionality</p>
<h2 class="api_heading">/api/campaigns</h2>
<p>Test.</p>
<div class="col-md-9" ng-controller="GroupCtrl">
<div class="row">
<button type="button" class="btn btn-primary" data-toggle="modal" data-target="#newCampaignModal"><i class="fa fa-plus"></i> New Group</button>
</div>
&nbsp;
<div class="row">
<table class="table table-hover table-striped table-bordered">
<thead>
<tr>
<th class="col-sm-1">Name</th>
<th class="col-sm-2">Members</th>
<th class="col-sm-1">Modified Date</th>
</tr>
</thead>
<tbody>
<tr ng-repeat="group in groups">
<td>{{group.name}}</td>
<td>{{group.status}}</td>
<td>{{group.modified_date | date:'medium'}}</td>
</tr>
</tbody>
</table>
</div>
</div>
</div>
{{%end%}}