// API_SMTP handles requests for the /api/smtp/ endpoint func API_SMTP(w http.ResponseWriter, r *http.Request) { switch { case r.Method == "GET": ss, err := models.GetSMTPs(ctx.Get(r, "user_id").(int64)) if err != nil { Logger.Println(err) } JSONResponse(w, ss, http.StatusOK) //POST: Create a new SMTP and return it as JSON case r.Method == "POST": s := models.SMTP{} // Put the request into a page err := json.NewDecoder(r.Body).Decode(&s) if err != nil { JSONResponse(w, models.Response{Success: false, Message: "Invalid request"}, http.StatusBadRequest) return } // Check to make sure the name is unique _, err = models.GetSMTPByName(s.Name, ctx.Get(r, "user_id").(int64)) if err != gorm.ErrRecordNotFound { JSONResponse(w, models.Response{Success: false, Message: "SMTP name already in use"}, http.StatusConflict) Logger.Println(err) return } s.ModifiedDate = time.Now() s.UserId = ctx.Get(r, "user_id").(int64) err = models.PostSMTP(&s) if err != nil { JSONResponse(w, models.Response{Success: false, Message: err.Error()}, http.StatusInternalServerError) return } JSONResponse(w, s, http.StatusCreated) } }
// API_Send_Test_Email sends a test email using the template name // and Target given. func API_Send_Test_Email(w http.ResponseWriter, r *http.Request) { s := &models.SendTestEmailRequest{} if r.Method != "POST" { JSONResponse(w, models.Response{Success: false, Message: "Method not allowed"}, http.StatusBadRequest) return } err := json.NewDecoder(r.Body).Decode(s) if err != nil { JSONResponse(w, models.Response{Success: false, Message: "Error decoding JSON Request"}, http.StatusBadRequest) return } // Validate the given request if err = s.Validate(); err != nil { JSONResponse(w, models.Response{Success: false, Message: err.Error()}, http.StatusBadRequest) return } // If a Template is not specified use a default if s.Template.Name == "" { //default message body text := "It works!\n\nThis is an email letting you know that your gophish\nconfiguration was successful.\n" + "Here are the details:\n\nWho you sent from: {{.From}}\n\nWho you sent to: \n" + "{{if .FirstName}} First Name: {{.FirstName}}\n{{end}}" + "{{if .LastName}} Last Name: {{.LastName}}\n{{end}}" + "{{if .Position}} Position: {{.Position}}\n{{end}}" + "{{if .TrackingURL}} Tracking URL: {{.TrackingURL}}\n{{end}}" + "\nNow go send some phish!" t := models.Template{ Subject: "Default Email from Gophish", Text: text, } s.Template = t // Try to lookup the Template by name } else { // Get the Template requested by name s.Template, err = models.GetTemplateByName(s.Template.Name, ctx.Get(r, "user_id").(int64)) if err == gorm.ErrRecordNotFound { Logger.Printf("Error - Template %s does not exist", s.Template.Name) JSONResponse(w, models.Response{Success: false, Message: models.ErrTemplateNotFound.Error()}, http.StatusBadRequest) } else if err != nil { Logger.Println(err) JSONResponse(w, models.Response{Success: false, Message: err.Error()}, http.StatusBadRequest) return } } // If a complete sending profile is provided use it if err := s.SMTP.Validate(); err != nil { // Otherwise get the SMTP requested by name s.SMTP, err = models.GetSMTPByName(s.SMTP.Name, ctx.Get(r, "user_id").(int64)) if err == gorm.ErrRecordNotFound { Logger.Printf("Error - Sending profile %s does not exist", s.SMTP.Name) JSONResponse(w, models.Response{Success: false, Message: models.ErrSMTPNotFound.Error()}, http.StatusBadRequest) } else if err != nil { Logger.Println(err) JSONResponse(w, models.Response{Success: false, Message: err.Error()}, http.StatusBadRequest) return } } // Send the test email err = worker.SendTestEmail(s) if err != nil { JSONResponse(w, models.Response{Success: false, Message: err.Error()}, http.StatusInternalServerError) return } JSONResponse(w, models.Response{Success: true, Message: "Email Sent"}, http.StatusOK) return }