156 lines
6.1 KiB
Go
156 lines
6.1 KiB
Go
package main
|
|
|
|
import (
|
|
"database/sql"
|
|
"fmt"
|
|
_ "github.com/mattn/go-sqlite3"
|
|
"github.com/pashcovich/openvpn-user/src"
|
|
"gopkg.in/alecthomas/kingpin.v2"
|
|
"os"
|
|
)
|
|
|
|
const (
|
|
version = "1.0.9"
|
|
)
|
|
|
|
var (
|
|
dbPath = kingpin.Flag("db.path", "path do openvpn-user db").Default("./openvpn-user.db").String()
|
|
|
|
dbInitCommand = kingpin.Command("db-init", "Init db.")
|
|
dbMigrateCommand = kingpin.Command("db-migrate", "STUB: Migrate db.")
|
|
|
|
createCommand = kingpin.Command("create", "Create user.")
|
|
createCommandUserFlag = createCommand.Flag("user", "Username.").Required().String()
|
|
createCommandPasswordFlag = createCommand.Flag("password", "Password.").Required().String()
|
|
|
|
deleteCommand = kingpin.Command("delete", "Delete user.")
|
|
deleteCommandUserForceFlag = deleteCommand.Flag("force", "delete from db.").Short('f').Default("false").Bool()
|
|
deleteCommandUserFlag = deleteCommand.Flag("user", "Username.").Short('u').Required().String()
|
|
|
|
revokeCommand = kingpin.Command("revoke", "Revoke user.")
|
|
revokeCommandUserFlag = revokeCommand.Flag("user", "Username.").Short('u').Required().String()
|
|
|
|
restoreCommand = kingpin.Command("restore", "Restore user.")
|
|
restoreCommandUserFlag = restoreCommand.Flag("user", "Username.").Short('u').Required().String()
|
|
|
|
listCommand = kingpin.Command("list", "List active users.")
|
|
listCommandAllFlag = listCommand.Flag("all", "Show all users include revoked and deleted.").Short('a').Default("false").Bool()
|
|
|
|
checkCommand = kingpin.Command("check", "check user existent.")
|
|
checkCommandUserFlag = checkCommand.Flag("user", "Username.").Short('u').Required().String()
|
|
|
|
authCommand = kingpin.Command("auth", "Auth user.")
|
|
authCommandUserFlag = authCommand.Flag("user", "Username.").Short('u').Required().String()
|
|
authCommandPasswordFlag = authCommand.Flag("password", "Password.").Short('p').String()
|
|
authCommandTotpFlag = authCommand.Flag("totp", "TOTP code.").Short('t').String()
|
|
|
|
changePasswordCommand = kingpin.Command("change-password", "Change password")
|
|
changePasswordCommandUserFlag = changePasswordCommand.Flag("user", "Username.").Short('u').Required().String()
|
|
changePasswordCommandPasswordFlag = changePasswordCommand.Flag("password", "Password.").Short('p').Required().String()
|
|
|
|
updateSecretCommand = kingpin.Command("update-secret", "update OTP secret")
|
|
updateSecretCommandUserFlag = updateSecretCommand.Flag("user", "Username.").Short('u').Required().String()
|
|
updateSecretCommandSecretFlag = updateSecretCommand.Flag("secret", "Secret.").Short('s').Default("generate").String()
|
|
|
|
registerAppCommand = kingpin.Command("register-app", "register 2FA application")
|
|
registerAppCommandUserFlag = registerAppCommand.Flag("user", "Username.").Short('u').Required().String()
|
|
registerAppCommandTotpFlag = registerAppCommand.Flag("totp", "TOTP.").Short('t').Required().String()
|
|
|
|
resetAppCommand = kingpin.Command("reset-app", "register 2FA application")
|
|
resetAppCommandUserFlag = resetAppCommand.Flag("user", "Username.").Short('u').Required().String()
|
|
|
|
checkAppCommand = kingpin.Command("check-app", "check 2FA application")
|
|
checkAppCommandUserFlag = checkAppCommand.Flag("user", "Username.").Short('u').Required().String()
|
|
|
|
getSecretCommand = kingpin.Command("get-secret", "get OTP secret")
|
|
getSecretCommandUserFlag = getSecretCommand.Flag("user", "Username.").Short('u').Required().String()
|
|
)
|
|
|
|
func main() {
|
|
|
|
args := kingpin.Parse()
|
|
|
|
db, err := sql.Open("sqlite3", *dbPath)
|
|
if err != nil {
|
|
kingpin.Fatalf(err.Error())
|
|
}
|
|
defer func(db *sql.DB) {
|
|
err = db.Close()
|
|
if err != nil {
|
|
kingpin.Fatalf(err.Error())
|
|
}
|
|
}(db)
|
|
|
|
openvpnUser := src.OpenvpnUser{Database: db}
|
|
|
|
kingpin.Version(version).VersionFlag.Short('v')
|
|
|
|
switch args {
|
|
case createCommand.FullCommand():
|
|
wrap(openvpnUser.CreateUser(*createCommandUserFlag, *createCommandPasswordFlag))
|
|
case deleteCommand.FullCommand():
|
|
wrap(openvpnUser.DeleteUser(*deleteCommandUserFlag, *deleteCommandUserForceFlag))
|
|
case revokeCommand.FullCommand():
|
|
wrap(openvpnUser.RevokedUser(*revokeCommandUserFlag))
|
|
case restoreCommand.FullCommand():
|
|
wrap(openvpnUser.RestoreUser(*restoreCommandUserFlag))
|
|
case listCommand.FullCommand():
|
|
openvpnUser.PrintUsers(*listCommandAllFlag)
|
|
case checkCommand.FullCommand():
|
|
_ = openvpnUser.CheckUserExistent(*checkCommandUserFlag)
|
|
case authCommand.FullCommand():
|
|
provideAuthType := 0
|
|
if *authCommandPasswordFlag != "" {
|
|
provideAuthType += 1
|
|
}
|
|
if *authCommandTotpFlag != "" {
|
|
provideAuthType += 1
|
|
}
|
|
if provideAuthType == 1 {
|
|
authSuccessful, authErr := openvpnUser.AuthUser(*authCommandUserFlag, *authCommandPasswordFlag, *authCommandTotpFlag)
|
|
if authErr != nil {
|
|
kingpin.Fatalf(authErr.Error())
|
|
} else if authSuccessful {
|
|
fmt.Println("Authorization successful")
|
|
} else {
|
|
fmt.Println("Authorization failed")
|
|
}
|
|
|
|
} else {
|
|
fmt.Println("Please provide only one type of auth flag")
|
|
os.Exit(1)
|
|
}
|
|
case changePasswordCommand.FullCommand():
|
|
wrap(openvpnUser.ChangeUserPassword(*changePasswordCommandUserFlag, *changePasswordCommandPasswordFlag))
|
|
case updateSecretCommand.FullCommand():
|
|
wrap(openvpnUser.RegisterOtpSecret(*updateSecretCommandUserFlag, *updateSecretCommandSecretFlag))
|
|
case registerAppCommand.FullCommand():
|
|
wrap(openvpnUser.RegisterOtpApplication(*registerAppCommandUserFlag, *registerAppCommandTotpFlag))
|
|
case resetAppCommand.FullCommand():
|
|
wrap(openvpnUser.ResetOtpApplication(*resetAppCommandUserFlag))
|
|
case checkAppCommand.FullCommand():
|
|
appConfigured, appErr := openvpnUser.IsSecondFactorEnabled(*checkAppCommandUserFlag)
|
|
if appErr != nil {
|
|
kingpin.Fatalf(appErr.Error())
|
|
} else if appConfigured {
|
|
fmt.Println("App configured")
|
|
} else {
|
|
fmt.Println("App not configured yet")
|
|
}
|
|
case getSecretCommand.FullCommand():
|
|
wrap(openvpnUser.GetUserOtpSecret(*getSecretCommandUserFlag))
|
|
|
|
case dbInitCommand.FullCommand():
|
|
openvpnUser.InitDb()
|
|
case dbMigrateCommand.FullCommand():
|
|
openvpnUser.MigrateDb()
|
|
}
|
|
}
|
|
|
|
func wrap(msg string, err error) {
|
|
if err != nil {
|
|
kingpin.Fatalf(err.Error())
|
|
} else {
|
|
fmt.Println(msg)
|
|
}
|
|
}
|