Simple tool to manage users
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 
 
openvpn-user/openvpn-user.go

156 lines
6.1 KiB

package main
import (
"database/sql"
"fmt"
_ "github.com/mattn/go-sqlite3"
"github.com/pashcovich/openvpn-user/src"
"gopkg.in/alecthomas/kingpin.v2"
"os"
)
const (
version = "1.0.9"
)
var (
dbPath = kingpin.Flag("db.path", "path do openvpn-user db").Default("./openvpn-user.db").String()
dbInitCommand = kingpin.Command("db-init", "Init db.")
dbMigrateCommand = kingpin.Command("db-migrate", "STUB: Migrate db.")
createCommand = kingpin.Command("create", "Create user.")
createCommandUserFlag = createCommand.Flag("user", "Username.").Required().String()
createCommandPasswordFlag = createCommand.Flag("password", "Password.").Required().String()
deleteCommand = kingpin.Command("delete", "Delete user.")
deleteCommandUserForceFlag = deleteCommand.Flag("force", "delete from db.").Short('f').Default("false").Bool()
deleteCommandUserFlag = deleteCommand.Flag("user", "Username.").Short('u').Required().String()
revokeCommand = kingpin.Command("revoke", "Revoke user.")
revokeCommandUserFlag = revokeCommand.Flag("user", "Username.").Short('u').Required().String()
restoreCommand = kingpin.Command("restore", "Restore user.")
restoreCommandUserFlag = restoreCommand.Flag("user", "Username.").Short('u').Required().String()
listCommand = kingpin.Command("list", "List active users.")
listCommandAllFlag = listCommand.Flag("all", "Show all users include revoked and deleted.").Short('a').Default("false").Bool()
checkCommand = kingpin.Command("check", "check user existent.")
checkCommandUserFlag = checkCommand.Flag("user", "Username.").Short('u').Required().String()
authCommand = kingpin.Command("auth", "Auth user.")
authCommandUserFlag = authCommand.Flag("user", "Username.").Short('u').Required().String()
authCommandPasswordFlag = authCommand.Flag("password", "Password.").Short('p').String()
authCommandTotpFlag = authCommand.Flag("totp", "TOTP code.").Short('t').String()
changePasswordCommand = kingpin.Command("change-password", "Change password")
changePasswordCommandUserFlag = changePasswordCommand.Flag("user", "Username.").Short('u').Required().String()
changePasswordCommandPasswordFlag = changePasswordCommand.Flag("password", "Password.").Short('p').Required().String()
updateSecretCommand = kingpin.Command("update-secret", "update OTP secret")
updateSecretCommandUserFlag = updateSecretCommand.Flag("user", "Username.").Short('u').Required().String()
updateSecretCommandSecretFlag = updateSecretCommand.Flag("secret", "Secret.").Short('s').Default("generate").String()
registerAppCommand = kingpin.Command("register-app", "register 2FA application")
registerAppCommandUserFlag = registerAppCommand.Flag("user", "Username.").Short('u').Required().String()
registerAppCommandTotpFlag = registerAppCommand.Flag("totp", "TOTP.").Short('t').Required().String()
resetAppCommand = kingpin.Command("reset-app", "register 2FA application")
resetAppCommandUserFlag = resetAppCommand.Flag("user", "Username.").Short('u').Required().String()
checkAppCommand = kingpin.Command("check-app", "check 2FA application")
checkAppCommandUserFlag = checkAppCommand.Flag("user", "Username.").Short('u').Required().String()
getSecretCommand = kingpin.Command("get-secret", "get OTP secret")
getSecretCommandUserFlag = getSecretCommand.Flag("user", "Username.").Short('u').Required().String()
)
func main() {
args := kingpin.Parse()
db, err := sql.Open("sqlite3", *dbPath)
if err != nil {
kingpin.Fatalf(err.Error())
}
defer func(db *sql.DB) {
err = db.Close()
if err != nil {
kingpin.Fatalf(err.Error())
}
}(db)
openvpnUser := src.OpenvpnUser{Database: db}
kingpin.Version(version).VersionFlag.Short('v')
switch args {
case createCommand.FullCommand():
wrap(openvpnUser.CreateUser(*createCommandUserFlag, *createCommandPasswordFlag))
case deleteCommand.FullCommand():
wrap(openvpnUser.DeleteUser(*deleteCommandUserFlag, *deleteCommandUserForceFlag))
case revokeCommand.FullCommand():
wrap(openvpnUser.RevokedUser(*revokeCommandUserFlag))
case restoreCommand.FullCommand():
wrap(openvpnUser.RestoreUser(*restoreCommandUserFlag))
case listCommand.FullCommand():
openvpnUser.PrintUsers(*listCommandAllFlag)
case checkCommand.FullCommand():
_ = openvpnUser.CheckUserExistent(*checkCommandUserFlag)
case authCommand.FullCommand():
provideAuthType := 0
if *authCommandPasswordFlag != "" {
provideAuthType += 1
}
if *authCommandTotpFlag != "" {
provideAuthType += 1
}
if provideAuthType == 1 {
authSuccessful, authErr := openvpnUser.AuthUser(*authCommandUserFlag, *authCommandPasswordFlag, *authCommandTotpFlag)
if authErr != nil {
kingpin.Fatalf(authErr.Error())
} else if authSuccessful {
fmt.Println("Authorization successful")
} else {
fmt.Println("Authorization failed")
}
} else {
fmt.Println("Please provide only one type of auth flag")
os.Exit(1)
}
case changePasswordCommand.FullCommand():
wrap(openvpnUser.ChangeUserPassword(*changePasswordCommandUserFlag, *changePasswordCommandPasswordFlag))
case updateSecretCommand.FullCommand():
wrap(openvpnUser.RegisterOtpSecret(*updateSecretCommandUserFlag, *updateSecretCommandSecretFlag))
case registerAppCommand.FullCommand():
wrap(openvpnUser.RegisterOtpApplication(*registerAppCommandUserFlag, *registerAppCommandTotpFlag))
case resetAppCommand.FullCommand():
wrap(openvpnUser.ResetOtpApplication(*resetAppCommandUserFlag))
case checkAppCommand.FullCommand():
appConfigured, appErr := openvpnUser.IsSecondFactorEnabled(*checkAppCommandUserFlag)
if appErr != nil {
kingpin.Fatalf(appErr.Error())
} else if appConfigured {
fmt.Println("App configured")
} else {
fmt.Println("App not configured yet")
}
case getSecretCommand.FullCommand():
wrap(openvpnUser.GetUserOtpSecret(*getSecretCommandUserFlag))
case dbInitCommand.FullCommand():
openvpnUser.InitDb()
case dbMigrateCommand.FullCommand():
openvpnUser.MigrateDb()
}
}
func wrap(msg string, err error) {
if err != nil {
kingpin.Fatalf(err.Error())
} else {
fmt.Println(msg)
}
}