mirror of https://github.com/gophish/gophish
unknown
parent
669d96d279
commit
f21d40d77a
18
auth/auth.go
18
auth/auth.go
|
|
@ -1,7 +1,6 @@
|
|||
package auth
|
||||
|
||||
import (
|
||||
"database/sql"
|
||||
"encoding/gob"
|
||||
"errors"
|
||||
"fmt"
|
||||
|
|
@ -9,6 +8,7 @@ import (
|
|||
"net/http"
|
||||
|
||||
"crypto/rand"
|
||||
|
||||
"code.google.com/p/go.crypto/bcrypt"
|
||||
ctx "github.com/gorilla/context"
|
||||
"github.com/gorilla/securecookie"
|
||||
|
|
@ -53,22 +53,22 @@ func Register(r *http.Request) (bool, error) {
|
|||
username, password := r.FormValue("username"), r.FormValue("password")
|
||||
u, err := models.GetUserByUsername(username)
|
||||
// If we have an error which is not simply indicating that no user was found, report it
|
||||
if err != sql.ErrNoRows {
|
||||
if err != nil {
|
||||
fmt.Println(err)
|
||||
return false, err
|
||||
}
|
||||
fmt.Println("Made it here!")
|
||||
u = models.User{}
|
||||
//If we've made it here, we should have a valid username given
|
||||
//Let's create the password hash
|
||||
h, err := bcrypt.GenerateFromPassword([]byte(password), bcrypt.DefaultCost)
|
||||
if err != nil {
|
||||
return false, err
|
||||
}
|
||||
u.Username = username
|
||||
u.Hash = string(h)
|
||||
u.ApiKey = GenerateSecureKey()
|
||||
if err != nil {
|
||||
return false, err
|
||||
}
|
||||
err = models.Conn.Insert(&u)
|
||||
if err != nil {
|
||||
return false, err
|
||||
}
|
||||
err = models.PutUser(&u)
|
||||
return true, nil
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -17,6 +17,7 @@ import (
|
|||
"github.com/jordan-wright/gophish/worker"
|
||||
)
|
||||
|
||||
// Worker is the worker that processes phishing events and updates campaigns.
|
||||
var Worker *worker.Worker
|
||||
|
||||
func init() {
|
||||
|
|
|
|||
|
|
@ -116,7 +116,13 @@ func Register(w http.ResponseWriter, r *http.Request) {
|
|||
case r.Method == "GET":
|
||||
params.Flashes = session.Flashes()
|
||||
session.Save(r, w)
|
||||
getTemplate(w, "register").ExecuteTemplate(w, "base", params)
|
||||
templates := template.New("template")
|
||||
templates.Delims(templateDelims[0], templateDelims[1])
|
||||
_, err := templates.ParseFiles("templates/register.html", "templates/flashes.html")
|
||||
if err != nil {
|
||||
Logger.Println(err)
|
||||
}
|
||||
template.Must(templates, err).ExecuteTemplate(w, "base", params)
|
||||
case r.Method == "POST":
|
||||
//Attempt to register
|
||||
succ, err := auth.Register(r)
|
||||
|
|
|
|||
|
|
@ -5,14 +5,11 @@ import (
|
|||
"log"
|
||||
"os"
|
||||
|
||||
"github.com/coopernurse/gorp"
|
||||
"github.com/jinzhu/gorm"
|
||||
"github.com/jordan-wright/gophish/config"
|
||||
_ "github.com/mattn/go-sqlite3" // Blank import needed to import sqlite3
|
||||
)
|
||||
|
||||
// Conn is the connection to the SQLite database
|
||||
var Conn *gorp.DbMap
|
||||
var db gorm.DB
|
||||
var err error
|
||||
|
||||
|
|
|
|||
|
|
@ -1,6 +1,6 @@
|
|||
package models
|
||||
|
||||
import "database/sql"
|
||||
import "github.com/jinzhu/gorm"
|
||||
|
||||
// User represents the user model for gophish.
|
||||
type User struct {
|
||||
|
|
@ -37,12 +37,13 @@ func GetUserByAPIKey(key string) (User, error) {
|
|||
func GetUserByUsername(username string) (User, error) {
|
||||
u := User{}
|
||||
err := db.Where("username = ?", username).First(&u).Error
|
||||
if err != sql.ErrNoRows {
|
||||
return u, ErrUsernameTaken
|
||||
} else if err != nil {
|
||||
return u, err
|
||||
}
|
||||
// No issue if we don't find a record
|
||||
if err == gorm.RecordNotFound {
|
||||
return u, nil
|
||||
} else if err == nil {
|
||||
return u, ErrUsernameTaken
|
||||
}
|
||||
return u, err
|
||||
}
|
||||
|
||||
// PutUser updates the given user
|
||||
|
|
|
|||
|
|
@ -44,21 +44,22 @@
|
|||
<table ng-table="mainTableParams" class="table table-hover table-striped table-bordered">
|
||||
<tbody>
|
||||
<tr ng-repeat="page in $data" class="editable-row">
|
||||
<td data-title="'Name'" sortable="'name'" class="col-sm-1">{{page.name}}</td>
|
||||
<td data-title="'Modified Date'" class="col-sm-1">{{page.modified_date | date:'medium'}}</td>
|
||||
<td data-title="'Name'" sortable="'name'" class="col-sm-1">{{page.name}}
|
||||
<div class="btn-group" style="float: right;">
|
||||
<button type="button" class="btn btn-primary dropdown-toggle edit-button" data-toggle="dropdown">
|
||||
<span class="caret" style="border-top-color:#FFFFFF"></span>
|
||||
<span class="sr-only">Toggle Dropdown</span>
|
||||
</button>
|
||||
<ul class="dropdown-menu" style="left:auto; right:0;" role="menu">
|
||||
<li><a ng-click="editPage(page)">Edit</a>
|
||||
<li><a ng-click="editTemplate(template)">Edit</a>
|
||||
</li>
|
||||
<li class="divider"></li>
|
||||
<li><a ng-click="deletePage(page)">Delete</a>
|
||||
<li><a ng-click="deleteTemplate(template)" ng-href="#">Delete</a>
|
||||
</li>
|
||||
</ul>
|
||||
</div>
|
||||
</td>
|
||||
<td data-title="'Modified Date'" class="col-sm-1">{{page.modified_date | date:'medium'}}</td>
|
||||
</tr>
|
||||
</tbody>
|
||||
</table>
|
||||
|
|
|
|||
|
|
@ -1,3 +1,75 @@
|
|||
{{% define "base" %}}
|
||||
<!DOCTYPE html>
|
||||
<html lang="en">
|
||||
|
||||
<head>
|
||||
<meta charset="utf-8">
|
||||
<meta http-equiv="X-UA-Compatible" content="IE=edge">
|
||||
<meta name="viewport" content="width=device-width, initial-scale=1.0">
|
||||
<meta name="description" content="Gophish - Open-Source Phishing Toolkit">
|
||||
<meta name="author" content="Jordan Wright (http://github.com/jordan-wright)">
|
||||
<link rel="shortcut icon" href="../../docs-assets/ico/favicon.png">
|
||||
|
||||
<title>Gophish - {{% .Title %}}</title>
|
||||
|
||||
<!-- Bootstrap core CSS -->
|
||||
<!-- <link href="/css/bootstrap.css" rel="stylesheet"> -->
|
||||
<link href="/bootstrap/css/bootstrap.css" rel="stylesheet">
|
||||
<!-- Custom styles for this template -->
|
||||
<link href="/css/main.css" rel="stylesheet">
|
||||
<link href="/css/dashboard.css" rel="stylesheet">
|
||||
<link href="/css/flat-ui.css" rel="stylesheet">
|
||||
<link href="/css/font-awesome.min.css" rel="stylesheet">
|
||||
<link href='http://fonts.googleapis.com/css?family=Open+Sans:400,300,600,700' rel='stylesheet' type='text/css'>
|
||||
</head>
|
||||
|
||||
<body>
|
||||
<div class="navbar navbar-inverse navbar-fixed-top" role="navigation">
|
||||
<div class="container-fluid">
|
||||
<div class="navbar-header">
|
||||
<button type="button" class="navbar-toggle" data-toggle="collapse" data-target=".navbar-collapse">
|
||||
<span class="sr-only">Toggle navigation</span>
|
||||
<span class="icon-bar"></span>
|
||||
<span class="icon-bar"></span>
|
||||
<span class="icon-bar"></span>
|
||||
</button>
|
||||
<img class="navbar-logo" src="/images/logo_inv_small.png" />
|
||||
<a class="navbar-brand" href="/"> gophish</a>
|
||||
</div>
|
||||
<div class="navbar-collapse collapse">
|
||||
<ul class="nav navbar-nav navbar-right">
|
||||
<li>
|
||||
<a id="login-button" href="/login">
|
||||
<button type="button" class="btn btn-primary">Login</button>
|
||||
</a>
|
||||
</li>
|
||||
</ul>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
<div class="container">
|
||||
<form class="form-signin" action="/register" method="POST">
|
||||
<img id="logo" src="/images/logo_purple.png" />
|
||||
<h2 class="form-signin-heading">Please register below</h2>
|
||||
{{%template "flashes" .Flashes%}}
|
||||
<input type="text" name="username" class="form-control" placeholder="Username" required autofocus/>
|
||||
<input type="password" name="password" class="form-control" placeholder="Password" required/>
|
||||
<input type="hidden" name="csrf_token" value="{{%.Token%}}"/>
|
||||
<button class="btn btn-lg btn-primary btn-block" type="submit">Register</button>
|
||||
</form>
|
||||
</div>
|
||||
<!-- Placed at the end of the document so the pages load faster -->
|
||||
<script src="/js/jquery.js"></script>
|
||||
<script src="/js/bootstrap.min.js"></script>
|
||||
<script src="https://ajax.googleapis.com/ajax/libs/angularjs/1.2.10/angular.min.js"></script>
|
||||
<script src="https://ajax.googleapis.com/ajax/libs/angularjs/1.2.16/angular-route.js"></script>
|
||||
<script src="/js/ui-bootstrap-0.10.0.min.js"></script>
|
||||
</body>
|
||||
|
||||
</html>
|
||||
{{% end %}}
|
||||
|
||||
|
||||
{{%define "content"%}}
|
||||
<div class="container">
|
||||
<form class="form-signin" action="/register" method="POST">
|
||||
|
|
|
|||
Loading…
Reference in New Issue