initial commit

2022-05-26 02:08:50 +01:00
commit 8ccc3e303e
8 changed files with 257 additions and 0 deletions
--- a/main.go
+++ b/main.go
@@ -0,0 +1,149 @@
+package main
+
+import (
+	"crypto/hmac"
+	"crypto/sha256"
+	"encoding/hex"
+	"fmt"
+	"io"
+	"log"
+	"net/http"
+	"os"
+
+	"github.com/go-redis/redis/v8"
+	"github.com/gorilla/mux"
+	"golang.org/x/net/context"
+)
+
+var client = redis.NewClient(&redis.Options{
+	Addr:     "redis:6379",
+	Password: "",
+	DB:       0,
+})
+
+var SECRET string
+
+func main() {
+	r := mux.NewRouter()
+	r.HandleFunc("/{shortlink}", shortlinkHandler)
+	r.HandleFunc("/", indexHandler)
+
+	listenAddress := "0.0.0.0:80"
+
+	if p, ok := os.LookupEnv("LISTEN_ADDRESS"); ok {
+		listenAddress = p
+	}
+
+	if p, ok := os.LookupEnv("SECRET"); ok {
+		SECRET = p
+	}
+
+	log.Fatal(http.ListenAndServe(listenAddress, r))
+}
+
+func indexHandler(w http.ResponseWriter, r *http.Request) {
+	fmt.Println("indexHandler called")
+	if r.Method != "POST" {
+		http.Redirect(w, r, "http://alv.cx", 302)
+		return
+	}
+
+	r.ParseForm()
+
+	command := r.PostForm.Get("Command")
+	shortlink := r.PostForm.Get("Shortlink")
+	value := r.PostForm.Get("Value")
+	fmt.Println(shortlink)
+	fmt.Println(value)
+
+	signature := r.Header.Get("Signature")
+	calculatedSignature := fmt.Sprintf(
+		"SUS-SIGNATURE-%v",
+		getSha256HMACSignature(
+			[]byte(SECRET),
+			command+":"+shortlink+":"+value,
+		),
+	)
+
+	if signature != calculatedSignature {
+		fmt.Println("signature do no match")
+		fmt.Println(signature)
+		fmt.Println(calculatedSignature)
+		w.WriteHeader(401)
+		w.Write([]byte("401 Unauthorized"))
+		return
+	}
+
+	if command == "create" {
+
+		ctx := context.Background()
+		_, err := client.Get(ctx, shortlink).Result()
+		if err == redis.Nil {
+			fmt.Printf("shortlink: %v, value: %v", shortlink, value)
+			err = client.Set(ctx, shortlink, value, 0).Err()
+
+			if err != nil {
+				fmt.Println(err)
+				w.WriteHeader(500)
+				w.Write([]byte("500 Internal Server Error"))
+				return
+			}
+
+			w.WriteHeader(200)
+			w.Write([]byte("200 Success"))
+
+			return
+
+		} else if err != nil {
+			fmt.Println(err)
+			w.WriteHeader(500)
+			w.Write([]byte("500 Internal Server Error"))
+			return
+		}
+
+		fmt.Println(err)
+		w.WriteHeader(403)
+		w.Write([]byte("403 Forbidden"))
+		return
+	}
+
+	if command == "delete" {
+		if value != "confirm" {
+			w.WriteHeader(400)
+			w.Write([]byte("400 Bad Request"))
+		}
+
+		ctx := context.Background()
+		if err := client.Del(ctx, shortlink).Err(); err != nil {
+			w.WriteHeader(500)
+			w.Write([]byte("500 Internal Server Error"))
+		}
+	}
+}
+
+func shortlinkHandler(w http.ResponseWriter, r *http.Request) {
+	fmt.Println("shortlinkHandler called")
+	shortlink := string(mux.Vars(r)["shortlink"])
+	ctx := context.Background()
+	redirect, err := client.Get(ctx, shortlink).Result()
+	fmt.Printf("shortlink: %v, redirect: %v\n", shortlink, redirect)
+	if err == redis.Nil {
+		w.WriteHeader(404)
+		w.Write([]byte("404 Not Found"))
+		return
+	} else if err != nil {
+		fmt.Println(err)
+		w.WriteHeader(500)
+		w.Write([]byte("500 Internal Server Error"))
+		return
+	}
+
+	http.Redirect(w, r, redirect, 302)
+	return
+}
+
+func getSha256HMACSignature(secret []byte, data string) string {
+	h := hmac.New(sha256.New, secret)
+	io.WriteString(h, data)
+	return hex.EncodeToString(h.Sum(nil))
+}