129 lines
3.6 KiB
Go
129 lines
3.6 KiB
Go
package main
|
|
|
|
import (
|
|
/* libs padrão */
|
|
"fmt"
|
|
"log"
|
|
"net/http"
|
|
"time"
|
|
|
|
/* libs minha */
|
|
"Helena_de_troia/config_data"
|
|
/* libs externas */
|
|
|
|
"github.com/go-redis/redis/v8"
|
|
"golang.org/x/time/rate"
|
|
|
|
//"github.com/google/uuid"
|
|
"github.com/labstack/echo/v4"
|
|
"github.com/labstack/echo/v4/middleware"
|
|
)
|
|
|
|
func main() {
|
|
load, _ := config_data.FileAuthGET()
|
|
load_data = load
|
|
log.Println("load config_data")
|
|
|
|
Database(load_data["dbname"].(string), load_data["dbuser"].(string), load_data["dbpass"].(string), 3306, load_data["dbhost"].(string))
|
|
err := CheckTables("SHOW TABLES;")
|
|
if err != nil {
|
|
log.Fatal(err)
|
|
}
|
|
|
|
e := echo.New()
|
|
|
|
e.HideBanner = true
|
|
e.HidePort = true
|
|
|
|
log.Println("iniciando banco de dados cache")
|
|
redisCL = redis.NewClient(&redis.Options{
|
|
Addr: fmt.Sprintf("%s:%s", load_data["redishost"], load_data["redisport"]),
|
|
})
|
|
log.Printf("rodando redis em: %s:%s", load_data["redishost"], load_data["redisport"])
|
|
siteUnlock, ok := load_data["siteUnlock"].(string)
|
|
if !ok || siteUnlock == "" {
|
|
log.Fatal("Erro: siteUnlock ausente ou não é string")
|
|
}
|
|
|
|
e.Pre(func(next echo.HandlerFunc) echo.HandlerFunc {
|
|
return func(c echo.Context) error {
|
|
if proto := c.Request().Header.Get("X-Forwarded-Proto"); proto != "" {
|
|
c.Request().URL.Scheme = proto
|
|
}
|
|
return next(c)
|
|
}
|
|
})
|
|
|
|
e.Use(middleware.CORSWithConfig(middleware.CORSConfig{
|
|
AllowOrigins: []string{siteUnlock},
|
|
AllowMethods: []string{http.MethodGet, http.MethodPost, http.MethodPatch},
|
|
AllowHeaders: []string{"Content-Type"},
|
|
AllowCredentials: true,
|
|
}))
|
|
|
|
log.Println("Definindo configurações de Rate Limit")
|
|
rateLimiterStore := middleware.NewRateLimiterMemoryStoreWithConfig(
|
|
middleware.RateLimiterMemoryStoreConfig{
|
|
Rate: rate.Every(10 * time.Second),
|
|
Burst: 2,
|
|
ExpiresIn: 60 * time.Minute,
|
|
},
|
|
)
|
|
|
|
rateLimit := middleware.RateLimiterWithConfig(middleware.RateLimiterConfig{
|
|
Store: rateLimiterStore,
|
|
IdentifierExtractor: func(c echo.Context) (string, error) {
|
|
return c.RealIP(), nil
|
|
},
|
|
DenyHandler: func(c echo.Context, identifier string, err error) error {
|
|
if err := redisCL.Set(ctx, identifier, "blocked", 1*time.Hour).Err(); err != nil {
|
|
log.Printf("erro ao setar bloqueio no Redis: %v", err)
|
|
}
|
|
return c.JSON(http.StatusTooManyRequests, resp_json{
|
|
Status: "Timeout",
|
|
Message: "Uma tentativa de força bruta foi identificada, você tomou time_out",
|
|
})
|
|
},
|
|
})
|
|
timeoutMiddleware := func(next echo.HandlerFunc) echo.HandlerFunc {
|
|
return func(c echo.Context) error {
|
|
blocked, err := redisCL.Exists(ctx, c.RealIP()).Result()
|
|
if err == nil && blocked == 1 {
|
|
return c.JSON(http.StatusTooManyRequests, resp_json{
|
|
Status: "Timeout",
|
|
Message: "Você ainda está em período de timeout",
|
|
})
|
|
}
|
|
return next(c)
|
|
}
|
|
}
|
|
|
|
log.Println("concluido, back_end rodando")
|
|
|
|
/* rotas */
|
|
|
|
e.GET("logout", logout)
|
|
e.GET("/", online)
|
|
e.GET("roll", roll_get)
|
|
e.POST("roll", roll)
|
|
e.GET("register", badreq)
|
|
e.POST("register", registrar)
|
|
e.POST("login", login, timeoutMiddleware, rateLimit)
|
|
e.GET("login", badreq)
|
|
e.GET("player", player_data)
|
|
e.GET("player/info/:id", player_info)
|
|
e.GET("player/info*", player_info)
|
|
e.GET("player/inv", inv_get)
|
|
e.POST("player/inv", inv_add)
|
|
e.GET("player/inv/del/:id", inv_del)
|
|
e.GET("player/inv/use/:id", inv_use)
|
|
e.GET("player/inv/ph", inv_ph)
|
|
e.GET("player/inv/ph/del/:id", inv_phDel)
|
|
e.POST("player/inv/ph", inv_phAdd)
|
|
e.POST("player/update", player_updateInputs)
|
|
e.PATCH("player/:atb/:updown", player_update)
|
|
|
|
/* log */
|
|
e.Logger.Fatal(e.Start(fmt.Sprintf(":%s", load_data["port"])))
|
|
}
|