semlanik
/
gostfix


			
				
					
						
						
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375
							/*
 * MIT License
 *
 * Copyright (c) 2020 Alexey Edelev <semlanik@gmail.com>
 *
 * This file is part of gostfix project https://git.semlanik.org/semlanik/gostfix
 *
 * Permission is hereby granted, free of charge, to any person obtaining a copy of this
 * software and associated documentation files (the "Software"), to deal in the Software
 * without restriction, including without limitation the rights to use, copy, modify,
 * merge, publish, distribute, sublicense, and/or sell copies of the Software, and
 * to permit persons to whom the Software is furnished to do so, subject to the following
 * conditions:
 *
 * The above copyright notice and this permission notice shall be included in all copies
 * or substantial portions of the Software.
 *
 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED,
 * INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR
 * PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE
 * FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR
 * OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
 * DEALINGS IN THE SOFTWARE.
 */

package web

import (
	"bufio"
	"fmt"
	template "html/template"
	"log"
	"net/http"
	"strings"

	auth "git.semlanik.org/semlanik/gostfix/auth"
	common "git.semlanik.org/semlanik/gostfix/common"
	config "git.semlanik.org/semlanik/gostfix/config"
	db "git.semlanik.org/semlanik/gostfix/db"
	utils "git.semlanik.org/semlanik/gostfix/utils"

	sessions "github.com/gorilla/sessions"
)

const (
	StateHeaderScan = iota
	StateBodyScan
	StateContentScan
)

const (
	AtLeastOneHeaderMask = 1 << iota
	FromHeaderMask
	DateHeaderMask
	ToHeaderMask
	AllHeaderMask = 15
)

const (
	CookieSessionToken = "gostfix_session"
)

func NewEmail() *common.Mail {
	return &common.Mail{
		Header: &common.MailHeader{},
		Body:   &common.MailBody{},
	}
}

type Server struct {
	authenticator *auth.Authenticator
	fileServer    http.Handler
	templater     *Templater
	sessionStore  *sessions.CookieStore
	storage       *db.Storage
}

func NewServer() *Server {

	storage, err := db.NewStorage()

	if err != nil {
		log.Fatalf("Unable to intialize mail storage %s", err)
		return nil
	}

	s := &Server{
		authenticator: auth.NewAuthenticator(),
		templater:     NewTemplater("data/templates"),
		fileServer:    http.FileServer(http.Dir("data")),
		sessionStore:  sessions.NewCookieStore(make([]byte, 32)),
		storage:       storage,
	}

	s.storage.AddUser("semlanik@semlanik.org", "testpassword", "Alexey Edelev")
	s.storage.AddUser("junkmail@semlanik.org", "testpassword", "Alexey Edelev")
	err = s.storage.AddEmail("semlanik@semlanik.org", "ci@semlanik.org")
	err = s.storage.AddEmail("semlanik@semlanik.org", "shopping@semlanik.org")
	err = s.storage.AddEmail("semlanik@semlanik.org", "junkmail@semlanik.org")
	err = s.storage.AddEmail("junkmail@semlanik.org", "qqqqq@semlanik.org")
	return s
}

func (s *Server) Run() {
	http.Handle("/", s)
	log.Fatal(http.ListenAndServe(":65200", nil))
}

func (s *Server) ServeHTTP(w http.ResponseWriter, r *http.Request) {
	fmt.Println(r.URL.Path)
	if utils.StartsWith(r.URL.Path, "/css/") ||
		utils.StartsWith(r.URL.Path, "/assets/") ||
		utils.StartsWith(r.URL.Path, "/js/") {
		s.fileServer.ServeHTTP(w, r)
	} else {
		switch r.URL.Path {
		case "/login":
			s.handleLogin(w, r)
		case "/logout":
			s.handleLogout(w, r)
		case "/messageDetails":
			s.handleMessageDetails(w, r)
		case "/statusLine":
			s.handleStatusLine(w, r)
		default:
			s.handleMailbox(w, r)
		}
	}
}

func (s *Server) handleLogin(w http.ResponseWriter, r *http.Request) {
	//Check passed in form login/password pair first
	if err := r.ParseForm(); err == nil {
		user := r.FormValue("user")
		password := r.FormValue("password")
		token, ok := s.authenticator.Authenticate(user, password)
		if ok {
			s.login(user, token, w, r)
			return
		}
	}

	//Check if user already logged in and entered login page accidently
	if s.authenticator.Verify(s.extractAuth(w, r)) {
		http.Redirect(w, r, "/mailbox", http.StatusTemporaryRedirect)
		return
	}

	//Otherwise make sure user logged out and show login page
	s.logout(w, r)
	fmt.Fprint(w, s.templater.ExecuteLogin(&struct {
		Version string
	}{common.Version}))
}

func (s *Server) handleLogout(w http.ResponseWriter, r *http.Request) {
	s.logout(w, r)
	http.Redirect(w, r, "/login", http.StatusTemporaryRedirect)
}

func (s *Server) handleMessageDetails(w http.ResponseWriter, r *http.Request) {
	//TODO: Not implemented yet. Need database mail storage implemented first
	user, token := s.extractAuth(w, r)
	if !s.authenticator.Verify(user, token) {
		fmt.Fprint(w, "")
		return
	}
	fmt.Fprint(w, s.templater.ExecuteDetails(""))
}

func (s *Server) handleStatusLine(w http.ResponseWriter, r *http.Request) {
	//TODO: Not implemented yet. Need database mail storage implemented first
	user, token := s.extractAuth(w, r)
	if !s.authenticator.Verify(user, token) {
		fmt.Fprint(w, "")
		return
	}

	fmt.Fprint(w, s.templater.ExecuteStatusLine(&struct {
		Name   string
		Read   int
		Unread int
	}{
		Name:   "No name", //TODO: read from database
		Read:   0,         //TODO: read from database
		Unread: 0,         //TODO: read from database
	}))
}

func (s *Server) handleMailbox(w http.ResponseWriter, r *http.Request) {
	user, token := s.extractAuth(w, r)
	if !s.authenticator.Verify(user, token) {
		s.logout(w, r)
		http.Redirect(w, r, "/login", http.StatusTemporaryRedirect)
	}

	mailPath := config.ConfigInstance().VMailboxBase + "/" + s.authenticator.MailPath(user)
	if !utils.FileExists(mailPath) {
		s.logout(w, r)
		s.error(http.StatusInternalServerError, "Unable to access your mailbox. Please contact Administrator.", w, r)
		return
	}

	file, err := utils.OpenAndLockWait(mailPath)
	if err != nil {
		s.logout(w, r)
		s.error(http.StatusInternalServerError, "Unable to access your mailbox. Please contact Administrator.", w, r)
		return
	}
	defer file.CloseAndUnlock()

	scanner := bufio.NewScanner(file)
	activeBoundary := ""
	var previousHeader *string = nil
	var emails []*common.Mail
	mandatoryHeaders := 0
	email := NewEmail()
	state := StateHeaderScan
	contentType := "plain/text"
	for scanner.Scan() {
		if scanner.Text() == "" {
			if state == StateHeaderScan && mandatoryHeaders&AtLeastOneHeaderMask == AtLeastOneHeaderMask {
				boundaryCapture := utils.RegExpUtilsInstance().BoundaryFinder.FindStringSubmatch(contentType)
				if len(boundaryCapture) == 2 {
					activeBoundary = boundaryCapture[1]
				} else {
					activeBoundary = ""
				}
				state = StateBodyScan
				// fmt.Printf("--------------------------Start body scan content type:%s boundary: %s -------------------------\n", contentType, activeBoundary)
			} else if state == StateBodyScan {
				// fmt.Printf("--------------------------Previous email-------------------------\n%v\n", email)
				if activeBoundary == "" {
					previousHeader = nil
					activeBoundary = ""
					// fmt.Printf("Actual headers: %d\n", mandatoryHeaders)
					if mandatoryHeaders == AllHeaderMask {
						emails = append(emails, email)
					}
					email = NewEmail()
					contentType = "plain/text"
					state = StateHeaderScan
					mandatoryHeaders = 0
				} else {
					// fmt.Printf("Still in body scan\n")
					continue
				}
			} else {
				// fmt.Printf("Empty line in state %d\n", state)
			}
		}

		if state == StateHeaderScan {
			capture := utils.RegExpUtilsInstance().HeaderFinder.FindStringSubmatch(scanner.Text())
			if len(capture) == 3 {
				// fmt.Printf("capture Header %s : %s\n", strings.ToLower(capture[0]), strings.ToLower(capture[1]))
				header := strings.ToLower(capture[1])
				mandatoryHeaders |= AtLeastOneHeaderMask
				switch header {
				case "from":
					previousHeader = &email.Header.From
					mandatoryHeaders |= FromHeaderMask
				case "to":
					previousHeader = &email.Header.To
					mandatoryHeaders |= ToHeaderMask
				case "cc":
					previousHeader = &email.Header.Cc
				case "bcc":
					previousHeader = &email.Header.Bcc
					mandatoryHeaders |= ToHeaderMask
				case "subject":
					previousHeader = &email.Header.Subject
				case "date":
					previousHeader = &email.Header.Date
					mandatoryHeaders |= DateHeaderMask
				case "content-type":
					previousHeader = &contentType
				default:
					previousHeader = nil
				}
				if previousHeader != nil {
					*previousHeader += capture[2]
				}
				continue
			}

			capture = utils.RegExpUtilsInstance().FoldingFinder.FindStringSubmatch(scanner.Text())
			if len(capture) == 2 && previousHeader != nil {
				*previousHeader += capture[1]
				continue
			}
		} else {
			// email.Body.Content += scanner.Text() + "\n"
			if activeBoundary != "" {
				capture := utils.RegExpUtilsInstance().BoundaryEndFinder.FindStringSubmatch(scanner.Text())
				if len(capture) == 2 {
					// fmt.Printf("capture Boundary End %s\n", capture[1])
					if activeBoundary == capture[1] {
						state = StateBodyScan
						activeBoundary = ""
					}

					continue
				}
				// capture = boundaryStartFinder.FindStringSubmatch(scanner.Text())
				// if len(capture) == 2 && activeBoundary == capture[1] {
				// 	// fmt.Printf("capture Boundary Start %s\n", capture[1])
				// 	state = StateContentScan
				// 	continue
				// }
			}
		}
	}

	if state == StateBodyScan && mandatoryHeaders == AllHeaderMask { //Finalize if body read till EOF
		// fmt.Printf("--------------------------Previous email-------------------------\n%v\n", email)

		previousHeader = nil
		activeBoundary = ""
		emails = append(emails, email)
		state = StateHeaderScan
	}

	fmt.Fprint(w, s.templater.ExecuteIndex(&struct {
		Folders  template.HTML
		MailList template.HTML
		Version  template.HTML
	}{
		MailList: template.HTML(s.templater.ExecuteMailList(emails)),
		Folders:  "Folders",
		Version:  common.Version,
	}))
}

func (s *Server) logout(w http.ResponseWriter, r *http.Request) {
	fmt.Println("logout")

	session, _ := s.sessionStore.Get(r, CookieSessionToken)
	session.Values["user"] = ""
	session.Values["token"] = ""
	session.Save(r, w)
}

func (s *Server) login(user, token string, w http.ResponseWriter, r *http.Request) {
	session, _ := s.sessionStore.Get(r, CookieSessionToken)
	session.Values["user"] = user
	session.Values["token"] = token
	session.Save(r, w)
	http.Redirect(w, r, "/mailbox", http.StatusTemporaryRedirect)
}

func (s *Server) error(code int, text string, w http.ResponseWriter, r *http.Request) {
	w.WriteHeader(http.StatusInternalServerError)
	fmt.Fprint(w, s.templater.ExecuteError(&struct {
		Code    int
		Text    string
		Version string
	}{
		Code:    code,
		Text:    "Unable to access your mailbox. Please contact Administrator.",
		Version: common.Version,
	}))
}

func (s *Server) extractAuth(w http.ResponseWriter, r *http.Request) (user, token string) {
	session, err := s.sessionStore.Get(r, CookieSessionToken)
	if err != nil {
		log.Printf("Unable to read user session %s\n", err)
		return
	}
	user, _ = session.Values["user"].(string)
	token, _ = session.Values["token"].(string)

	return
}