func procMsg(msg ClientMessage, datasource *datasource.DataSource) { rcpt := make([]string, 0, 100) toHost := strings.Split(msg.To, "@")[1] if isAllowedHost(toHost) { user, err := datasource.UserByEmail(msg.To) if err == nil { rcpt = append(rcpt, user.InboxAddr) } else { group, err := datasource.GroupByEmail(msg.To) if err == nil { for _, member := range group.Members { user, err = datasource.UserByEmail(member) if err == nil { rcpt = append(rcpt, user.InboxAddr) } } } else { logln(1, "Can't find such user or group") return } } } logln(1, fmt.Sprintf("%s", msg.From)) fromHost := strings.Split(msg.From, "@")[1] if isAllowedHost(fromHost) { if msg.Auth == false || msg.Username != msg.From { logln(1, fmt.Sprintf("%s %s", msg.Username, msg.From)) logln(1, "Not authenticated") return } } for _, email := range rcpt { logln(1, email) host := strings.Split(email, "@")[1] nss, err := net.LookupMX(host) if err == nil { for _, ns := range nss { logln(1, fmt.Sprintf("%s %d", ns.Host, ns.Pref)) } curMsg := msg curMsg.To = email sendMsg(nss[0], curMsg) } else { logln(1, "Error in lookup MX") } } }
func newRestServerAPI(datasource *datasource.DataSource) *restServerAPI { rest := grest.NewApi() rest.Use(grest.DefaultDevStack...) rest.Use(&grest.CorsMiddleware{ RejectNonCorsRequests: false, OriginValidator: func(origin string, request *grest.Request) bool { // TODO Origin check return true }, AllowedMethods: []string{"GET", "POST", "PUT", "PATCH", "DELETE"}, AllowedHeaders: []string{ "Accept", "Content-Type", "X-Custom-Header", "Origin", "Authorization"}, AccessControlAllowCredentials: true, AccessControlMaxAge: 3600, }) var bearerAuthMiddleware = &AuthBearerMiddleware{ Realm: "RestAuthentication", Authenticator: func(token string) string { parsedToken, err := jwt.Parse(token, func(token *jwt.Token) (interface{}, error) { if _, ok := token.Method.(*jwt.SigningMethodHMAC); !ok { return nil, fmt.Errorf("Unexpected signing method: %v", token.Header["alg"]) } return datasource.ConfigByteArray("TOKEN_SIGN_KEY"), nil }) if err == nil && parsedToken.Valid { return parsedToken.Claims["email"].(string) } else { return "" } }, Authorizer: func(request *grest.Request, userID string) bool { user, err := datasource.UserByEmail(userID) if err != nil { logging.Log(debugTag, "Couldn't fetch user for userID=%s", userID) return false } request.Env["REMOTE_USER_OBJECT"] = user return true }, } rest.Use(&grest.IfMiddleware{ Condition: func(request *grest.Request) bool { return request.URL.Path != "/login" }, IfTrue: bearerAuthMiddleware, }) return &restServerAPI{ rest: rest, ds: datasource, } }
func clientAuth(client *Client, datasource *datasource.DataSource) string { succ := "235 Authentication succeeded" fail := "535 Authentication failed" user, err := datasource.UserByEmail(client.username) if err != nil { return fail } logln(1, user.Email) if user.AcceptsPassword(client.password, datasource.ConfigByteArray("PASSWORD_SALT")) { client.auth = true return succ } return fail }