use envvars

2020-07-26 17:06:28 +01:00 · 2020-07-26 17:06:28 +01:00 · b78aec6eef
commit b78aec6eef
parent 189ec33874
4 changed files with 214 additions and 130 deletions
--- a/app/http/middleware/verifywhitelabel.go
+++ b/app/http/middleware/verifywhitelabel.go
@ -15,8 +15,8 @@ func VerifyWhitelabel(isApi bool) func(ctx *gin.Context) {
 		if rpc.PremiumClient.GetTierByUser(userId, false) < premium.Whitelabel {
 			var isForced bool
-			for _, forced := range config.Conf.ForceWhitelabel {
+			for _, id := range config.Conf.Admins {
-				if forced == userId {
+				if id == userId {
 					isForced = true
 					break
 				}
--- a/config/config.go
+++ b/config/config.go
@ -1,8 +1,10 @@
 package config
 import (
-	"github.com/BurntSushi/toml"
+	"github.com/TicketsBot/common/sentry"
-	"io/ioutil"
+	"os"
 	"strconv"
 	"strings"
 )
 type (
@ -37,7 +39,7 @@ type (
 	}
 	Oauth struct {
-		Id          int64
+		Id          uint64
 		Secret      string
 		RedirectUri string
 	}
@ -71,13 +73,71 @@ var (
 )
 func LoadConfig() {
-	raw, err := ioutil.ReadFile("config.toml")
+	var admins []uint64
-	if err != nil {
+	for _, id := range strings.Split(os.Getenv("ADMINS"), ",") {
-		panic(err)
+		if parsed, err := strconv.ParseUint(id, 10, 64); err == nil {
 			admins = append(admins, parsed)
 		} else {
 			sentry.Error(err)
 		}
 	}
-	_, err = toml.Decode(string(raw), &Conf)
+	var forcedWhitelabel []uint64
-	if err != nil {
+	for _, id := range strings.Split(os.Getenv("FORCED_WHITELABEL"), ",") {
-		panic(err)
+		if parsed, err := strconv.ParseUint(id, 10, 64); err == nil {
 			forcedWhitelabel = append(forcedWhitelabel, parsed)
 		} else {
 			sentry.Error(err)
 		}
 	}
 	rateLimitWindow, _ := strconv.Atoi(os.Getenv("RATELIMIT_WINDOW"))
 	rateLimitMax, _ := strconv.Atoi(os.Getenv("RATELIMIT_MAX"))
 	sessionThreads, _ := strconv.Atoi(os.Getenv("SESSION_DB_THREADS"))
 	oauthId, _ := strconv.ParseUint(os.Getenv("OAUTH_ID"), 10, 64)
 	redisPort, _ := strconv.Atoi(os.Getenv("REDIS_PORT"))
 	redisThreads, _ := strconv.Atoi(os.Getenv("REDIS_THREADS"))
 	Conf = Config{
 		Admins:          admins,
 		ForceWhitelabel: forcedWhitelabel,
 		Server: Server{
 			Host:     os.Getenv("SERVER_ADDR"),
 			BaseUrl:  os.Getenv("BASE_URL"),
 			MainSite: os.Getenv("MAIN_SITE"),
 			Ratelimit: Ratelimit{
 				Window: rateLimitWindow,
 				Max:    rateLimitMax,
 			},
 			Session: Session{
 				Threads: sessionThreads,
 				Secret:  os.Getenv("SESSION_SECRET"),
 			},
 			Secret: os.Getenv("JWT_SECRET"),
 		},
 		Oauth: Oauth{
 			Id:          oauthId,
 			Secret:      os.Getenv("OAUTH_SECRET"),
 			RedirectUri: os.Getenv("OAUTH_REDIRECT_URI"),
 		},
 		Database: Database{
 			Uri: os.Getenv("DATABASE_URI"),
 		},
 		Bot: Bot{
 			Token:                 os.Getenv("BOT_TOKEN"),
 			PremiumLookupProxyUrl: os.Getenv("PREMIUM_PROXY_URL"),
 			PremiumLookupProxyKey: os.Getenv("PREMIUM_PROXY_KEY"),
 			ObjectStore:           os.Getenv("LOG_ARCHIVER_URL"),
 			AesKey:                os.Getenv("LOG_AES_KEY"),
 		},
 		Redis: Redis{
 			Host:     os.Getenv("REDIS_HOST"),
 			Port:     redisPort,
 			Password: os.Getenv("REDIS_PORT"),
 			Threads:  redisThreads,
 		},
 		Cache: Cache{
 			Uri: os.Getenv("CACHE_URI"),
 		},
 	}
 }
--- a/envvars.md
+++ b/envvars.md
@ -0,0 +1,24 @@
 - ADMINS
 - FORCED_WHITELABEL
 - SERVER_ADDR
 - BASE_URL
 - MAIN_SITE
 - RATELIMIT_WINDOW
 - RATELIMIT_MAX
 - SESSION_DB_THREADS
 - SESSION_SECRET
 - JWT_SECRET
 - OAUTH_ID
 - OAUTH_SECRET
 - OAUTH_REDIRECT_URI
 - DATABASE_URI
 - BOT_TOKEN
 - PREMIUM_PROXY_URL
 - PREMIUM_PROXY_KEY
 - LOG_ARCHIVER_URL
 - LOG_AES_KEY
 - REDIS_HOST
 - REDIS_PORT
 - REDIS_PASSWORD
 - REDIS_THREADS
 - CACHE_URI
--- a/utils/discord/auth.go
+++ b/utils/discord/auth.go
@ -1,119 +1,119 @@
-package discord
+package discord
-
+
-import (
+import (
-	"bytes"
+	"bytes"
-	"encoding/json"
+	"encoding/json"
-	"github.com/TicketsBot/GoPanel/config"
+	"github.com/TicketsBot/GoPanel/config"
-	"github.com/pasztorpisti/qs"
+	"github.com/pasztorpisti/qs"
-	"io/ioutil"
+	"io/ioutil"
-	"net/http"
+	"net/http"
-	"strconv"
+	"strconv"
-	"time"
+	"time"
-)
+)
-
+
-type (
+type (
-	TokenData struct {
+	TokenData struct {
-		ClientId     string `qs:"client_id"`
+		ClientId     string `qs:"client_id"`
-		ClientSecret string `qs:"client_secret"`
+		ClientSecret string `qs:"client_secret"`
-		GrantType    string `qs:"grant_type"`
+		GrantType    string `qs:"grant_type"`
-		Code         string `qs:"code"`
+		Code         string `qs:"code"`
-		RedirectUri  string `qs:"redirect_uri"`
+		RedirectUri  string `qs:"redirect_uri"`
-		Scope        string `qs:"scope"`
+		Scope        string `qs:"scope"`
-	}
+	}
-
+
-	RefreshData struct {
+	RefreshData struct {
-		ClientId     string `qs:"client_id"`
+		ClientId     string `qs:"client_id"`
-		ClientSecret string `qs:"client_secret"`
+		ClientSecret string `qs:"client_secret"`
-		GrantType    string `qs:"grant_type"`
+		GrantType    string `qs:"grant_type"`
-		RefreshToken string `qs:"refresh_token"`
+		RefreshToken string `qs:"refresh_token"`
-		RedirectUri  string `qs:"redirect_uri"`
+		RedirectUri  string `qs:"redirect_uri"`
-		Scope        string `qs:"scope"`
+		Scope        string `qs:"scope"`
-	}
+	}
-
+
-	TokenResponse struct {
+	TokenResponse struct {
-		AccessToken  string `json:"access_token"`
+		AccessToken  string `json:"access_token"`
-		TokenType    string `json:"token_type"`
+		TokenType    string `json:"token_type"`
-		ExpiresIn    int    `json:"expires_in"`
+		ExpiresIn    int    `json:"expires_in"`
-		RefreshToken string `json:"refresh_token"`
+		RefreshToken string `json:"refresh_token"`
-		Scope        string `json:"scope"`
+		Scope        string `json:"scope"`
-	}
+	}
-)
+)
-
+
-const TokenEndpoint = "https://discordapp.com/api/oauth2/token"
+const TokenEndpoint = "https://discordapp.com/api/oauth2/token"
-
+
-func AccessToken(code string) (TokenResponse, error) {
+func AccessToken(code string) (TokenResponse, error) {
-	data := TokenData{
+	data := TokenData{
-		ClientId:     strconv.Itoa(int(config.Conf.Oauth.Id)),
+		ClientId:     strconv.FormatUint(config.Conf.Oauth.Id, 10),
-		ClientSecret: config.Conf.Oauth.Secret,
+		ClientSecret: config.Conf.Oauth.Secret,
-		GrantType:    "authorization_code",
+		GrantType:    "authorization_code",
-		Code:         code,
+		Code:         code,
-		RedirectUri:  config.Conf.Oauth.RedirectUri,
+		RedirectUri:  config.Conf.Oauth.RedirectUri,
-		Scope:        "identify guilds",
+		Scope:        "identify guilds",
-	}
+	}
-
+
-	res, err := tokenPost(data)
+	res, err := tokenPost(data)
-	if err != nil {
+	if err != nil {
-		return TokenResponse{}, err
+		return TokenResponse{}, err
-	}
+	}
-
+
-	var unmarshalled TokenResponse
+	var unmarshalled TokenResponse
-	if err = json.Unmarshal(res, &unmarshalled); err != nil {
+	if err = json.Unmarshal(res, &unmarshalled); err != nil {
-		return TokenResponse{}, err
+		return TokenResponse{}, err
-	}
+	}
-
+
-	return unmarshalled, nil
+	return unmarshalled, nil
-}
+}
-
+
-func RefreshToken(refreshToken string) (TokenResponse, error) {
+func RefreshToken(refreshToken string) (TokenResponse, error) {
-	data := RefreshData{
+	data := RefreshData{
-		ClientId:     strconv.Itoa(int(config.Conf.Oauth.Id)),
+		ClientId:     strconv.FormatUint(config.Conf.Oauth.Id, 10),
-		ClientSecret: config.Conf.Oauth.Secret,
+		ClientSecret: config.Conf.Oauth.Secret,
-		GrantType:    "refresh_token",
+		GrantType:    "refresh_token",
-		RefreshToken: refreshToken,
+		RefreshToken: refreshToken,
-		RedirectUri:  config.Conf.Oauth.RedirectUri,
+		RedirectUri:  config.Conf.Oauth.RedirectUri,
-		Scope:        "identify guilds",
+		Scope:        "identify guilds",
-	}
+	}
-
+
-	res, err := tokenPost(data)
+	res, err := tokenPost(data)
-	if err != nil {
+	if err != nil {
-		return TokenResponse{}, err
+		return TokenResponse{}, err
-	}
+	}
-
+
-	var unmarshalled TokenResponse
+	var unmarshalled TokenResponse
-	if err = json.Unmarshal(res, &unmarshalled); err != nil {
+	if err = json.Unmarshal(res, &unmarshalled); err != nil {
-		return TokenResponse{}, err
+		return TokenResponse{}, err
-	}
+	}
-
+
-	return unmarshalled, nil
+	return unmarshalled, nil
-}
+}
-
+
-func tokenPost(body ...interface{}) ([]byte, error) {
+func tokenPost(body ...interface{}) ([]byte, error) {
-	str, err := qs.Marshal(body[0])
+	str, err := qs.Marshal(body[0])
-	if err != nil {
+	if err != nil {
-		return nil, err
+		return nil, err
-	}
+	}
-	encoded := []byte(str)
+	encoded := []byte(str)
-
+
-	req, err := http.NewRequest("POST", TokenEndpoint, bytes.NewBuffer([]byte(encoded)))
+	req, err := http.NewRequest("POST", TokenEndpoint, bytes.NewBuffer([]byte(encoded)))
-	if err != nil {
+	if err != nil {
-		return nil, err
+		return nil, err
-	}
+	}
-
+
-	req.Header.Set("Content-Type", string(ApplicationFormUrlEncoded))
+	req.Header.Set("Content-Type", string(ApplicationFormUrlEncoded))
-
+
-	client := &http.Client{}
+	client := &http.Client{}
-	client.Timeout = 3 * time.Second
+	client.Timeout = 3 * time.Second
-
+
-	res, err := client.Do(req)
+	res, err := client.Do(req)
-	if err != nil {
+	if err != nil {
-		return nil, err
+		return nil, err
-	}
+	}
-
+
-	defer res.Body.Close()
+	defer res.Body.Close()
-	content, err := ioutil.ReadAll(res.Body)
+	content, err := ioutil.ReadAll(res.Body)
-	if err != nil {
+	if err != nil {
-		return nil, err
+		return nil, err
-	}
+	}
-
+
-	return content, nil
+	return content, nil
-}
+}