def post(self, req): js = req.META["WG_BODY"] userid = js.get("id", "") username = js.get("un", "") password1 = js.get("pw1", "") password2 = js.get("pw2", "") if userid == "": return reserr("需要用户id!") if username == "": return reserr("需要用户名!") if password1 == "": return reserr("需要用户密码!") # chekc 旧密码是否正确 auth = authenticate(username=username, password=password1) if auth is None: return reserr("原密码错误!") u = User.objects.get(id=userid) u.username = username u.set_password(password2) u.save() # 修改成功后 跳转到 login 重新登录 logout(req) return resok()
def get(self, request): iface_str = request.GET.get("iface", "") if iface_str == "": return funcs.reserr("需要指定接口!") fmt = request.GET.get("format", "") if fmt == "": fmt = "conf" elif fmt not in ("conf", "qrcode", "shell"): return funcs.reserr("format 只能是 conf 或 qrcode 或 shell") try: iface = ClientWg.objects.get(user=request.user, iface=iface_str) except ClientWg.DoesNotExist: return funcs.reserr("指定的接口名不存在!") conf = {} conf["publickey"] = iface.server.publickey conf["address"] = iface.ip conf["privatekey"] = iface.privatekey conf["presharedkey"] = iface.presharedkey conf["allowedips"] = iface.allowedips_c conf["endpoint"] = iface.server.address.split("/")[0] + ":" + str( iface.server.listenport) conf["persistentkeepalive"] = iface.persistentkeepalive if fmt == "qrcode": make_conf = funcs.render("client.conf", conf) qr = qrcode.QRCode(box_size=4, border=1) qr.make(fit=True) qr.add_data(make_conf) img = qr.make_image() with io.BytesIO() as buf: img.save(buf) base64img = base64.b64encode(buf.getvalue()) return HttpResponse(base64img) elif fmt == "conf": make_conf = funcs.render("client.conf", conf) res = HttpResponse(make_conf) res["Content-Type"] = "application/octet-stream" res['Content-Disposition'] = f'attachment; filename="{iface_str}.conf"' return res elif fmt == "shell": conf["iface"] = iface_str shell = funcs.render("client.shell", conf) print(shell) res = HttpResponse(shell) res["Content-Type"] = "application/octet-stream" res['Content-Disposition'] = f'attachment; filename="{iface_str}.sh"' return res
def clientwg_change(username, wg): """ 暂时没有,添加修改client功能 """ client = {} user_obj = User.objects.get(username=username) serverid = wg.get("serverid", "") if serverid == "": return funcs.reserr("从属server接口是必须的") try: serverid = int(serverid) except Exception: return funcs.reserr("从属server接口是必须的") try: server_obj = ServerWg.objects.get(id=serverid) except Exception: return funcs.reserr(f"没有id: {serverid} 的server接口") client["server"] = server_obj iface = wg.get("iface", "") if iface == "": return funcs.reserr("接口名不能为空!") else: if ClientWg.objects.filter(user=user_obj, iface=iface): return funcs.reserr(f"{iface} 已存在!") else: client["iface"] = iface """ privatekey = wg.get("privatekey") if privatekey == "": return funcs.reserr("privatekey 不能为空") else: try: client["privatekey"] = wgcmd.genkey() except Exception: return funcs.reserr("privatekey 错误") client["publickey"] = wgcmd.pubkey(client["privatekye"]) presharedkey = wg.get("presharedkey") if presharedkey == "": return funcs.reserr("presharedkey 不能为空") else: try: client["presharedkey"] = """ return funcs.resok()
def serverwg_delete(wg): iface = wg.get("iface", "") if iface == "": return funcs.reserr("删除server接口需要接口名") try: iface_model = ServerWg.objects.get(iface=iface) except ServerWg.DoesNotExist: return funcs.reserr(f"没有 {iface} server 接口") funcs.debug(lambda: wgcmd.del_peer(iface_model.iface)) iface_model.delete() return funcs.resok()
def config(iface, request): # value: shell or conf ls = ("conf", "shell") fmt = checkargs(request, "format", ls) ls = ("notlinux", "andriod", "linux", "windows", "ios", "macos") ostype = checkargs(request, "ostype", ls) iface = request.GET.get("iface", "") try: iface = ClientWg.objects.get(user=request.user, iface=iface) except ClientWg.DoesNotExist: return funcs.reserr("指定的接口名不存在!") conf = {} conf["publickey"] = iface.server.publickey if ostype in ("andriod", "windows", "ios", "macos"): conf["address"] = iface.server.ip conf["privatekey"] = iface.privatekey conf["presharedkey"] = iface.presharedkey conf["allowedips"] = iface.allowedips_c conf["endpoint"] = iface.server.address.split("/")[0] + ":" + str( iface.server.listenport) conf["persistentkeepalive"] = iface.persistentkeepalive return conf
def delete(self, request): wgid = request.META["WG_BODY"].get("ifaceid", "") if wgid == "": return funcs.reserr("需要iface id") return wgop.clientwg_delete(wgid)
def dispatch(self, request, *args, **kwargs): username = request.META.get("HTTP_WG_USERNAME") pw = request.META.get("HTTP_WG_PASSWORD") self.auth = authenticate(username=username, password=pw) if self.auth is None: return funcs.reserr("用户名或密码错误") else: return super().dispatch(request, *args, **kwargs)
def clientwg_delete(wgid): try: wgid = int(wgid) except Exception: return funcs.reserr("iface id 应该是个整数") try: clientwg = ClientWg.objects.get(id=wgid) except Exception: return funcs.reserr(f"iface id: {wgid} 不存在") # delete client peer from server iface = clientwg.server.iface try: funcs.debug(wgcmd.wg_delete_peer, iface, clientwg.publickey) except Exception as e: print(e) return funcs.reserr("服务端删除peer失败!") clientwg.delete() return funcs.resok()
def get(self, req): if not settings.DEBUG: if req.user.username == "easywg" and req.user.password == "easywg": print("首次登录请修改初始密码。") return json({"code": 302, "router": "/accounts/chpassword/"}) if req.user.is_authenticated: return res({ "username": req.user.username, "serupuser": req.user.is_superuser }) else: return reserr("未登录")
def get(self, request): iface = request.GET.get("iface", "") if iface == "": l = [] for queryset in ServerWg.objects.all(): l.append(funcs.serverwg2json(queryset)) return funcs.res(l) else: #print(f"查{iface}接口信息.") try: iface = ServerWg.objects.get(iface=iface) except ServerWg.DoesNotExist: return funcs.reserr(f"没有{iface}接口") return funcs.res(funcs.serverwg2json(iface))
def post(self, req): js = req.META["WG_BODY"] username = js.get("un") password = js.get("pw") auth = authenticate(username=username, password=password) if auth is None: return reserr("用户名或密码错误") else: login(req, auth) if not settings.DEBUG: if username == "easywg" and password == "easywg": return json({ "code": 302, "router": "/accounts/chpassword/" }) return res({"username": username, "superuser": auth.is_superuser})
def serverwg_add(wg): i = {} iface = wg.get("iface", "") if iface: if ServerWg.objects.filter(iface=iface): return funcs.reserr(f"接口名: {iface} 已存在。") else: i["iface"] = iface else: # 如果 iface 为空 就自动生成 suffix = ServerWg.objects.aggregate(Max("id")).get("id__max") if suffix: p = 1 tmp = "easywg" + str(suffix + p) while ServerWg.objects.filter(iface=tmp): p += 1 tmp = "easywg" + str(suffix + p) i["iface"] = tmp else: i["iface"] = "easywg0" address = wg.get("address", "") if address == "": return funcs.reserr("address 是必须的") else: i["address"] = address network = wg.get("network", "") if network == "": return funcs.reserr("network 是必须的") else: if ServerWg.objects.filter(network=network): return funcs.reserr(f"network {network} 已存在!") else: i["network"] = network i["ip"] = funcs.gateway(i["network"]) prikey = wg.get("privatekey") if not prikey: i["privatekey"] = wgcmd.genkey() i["publickey"] = wgcmd.pubkey(i["privatekey"]) else: try: i["publickey"] = wgcmd.pubkey(prikey) except Exception: return funcs.reserr("privatekey 长度不对或格式不正确") i["privatekey"] = prikey i["persistentkeepalive"] = wg.get("persistentkeepalive", 35) i["boot"] = wg.get("boot", True) i["comment"] = wg.get("comment", "") lp = wg.get("listenport", "") if lp == "": lp = ServerWg.objects.aggregate( Max("listenport")).get("listenport__max") if lp: i["listenport"] = lp + 1 else: i["listenport"] = 8324 else: try: listenport = int(lp) except Exception: return funcs.reserr("listenport 必须是 8324 ~ 65535 的数") if ServerWg.objects.filter(listenport=listenport): return funcs.reserr(f"listenport {lp} 冲突") else: i["listenport"] = listenport print("添加一个接口:", i) wgserver = ServerWg(**i) try: funcs.debug(wgcmd.add_wg, wgserver.iface, wgserver.ip) funcs.debug(wgcmd.wg_set, wgserver.iface, wgserver.privatekey, wgserver.listenport) except CalledProcessError: return funcs.reserr(f"添加接口 {wgserver.iface} 失败!") wgserver.save() i["id"] = wgserver.id return funcs.res(i)
def clientwg_add(username, wg): client = {} user_obj = User.objects.get(username=username) client["user"] = user_obj serverid = wg.get("serverid", "") if serverid == "": return funcs.reserr("从属server接口是必须的") try: serverid = int(serverid) except Exception: return funcs.reserr("从属server接口是必须的") try: server_obj = ServerWg.objects.get(id=serverid) except Exception: return funcs.reserr(f"没有id: {serverid} 的server接口") client["server"] = server_obj iface = wg.get("iface", "") if iface == "": suffix = ClientWg.objects.aggregate(Max("id"), ).get("id__max") if suffix: p = 1 tmp = "wg" + str(suffix + p) while ServerWg.objects.filter(iface=tmp): p += 1 tmp = "wg" + str(suffix + p) client["iface"] = tmp else: client["iface"] = "wg0" else: if ClientWg.objects.filter(user=user_obj, iface=iface): return funcs.reserr(f"{iface} 已存在!") else: client["iface"] = iface genip = funcs.getipaddr(server_obj.network) for ip in genip: if ClientWg.objects.filter(ip=ip): print(f"ip: {ip} 已经存在, 查看下一个") else: break client["ip"] = ip client["allowedips_s"] = funcs.getnet_s(client["ip"]) client["allowedips_c"] = server_obj.network client["privatekey"] = wgcmd.genkey() client["publickey"] = wgcmd.pubkey(client["privatekey"]) client["presharedkey"] = wgcmd.genpsk() client["comment"] = wg.get("comment", "") clientwg = ClientWg(**client) # add client peer to server peer = {} peer["preshared_key"] = client["presharedkey"] peer["allowed_ips"] = client["allowedips_s"] peer["persistent_keepalive"] = clientwg.persistentkeepalive try: funcs.debug(wgcmd.wg_peer, server_obj.iface, client["publickey"], peer) except Exception as e: print(f"peer add error: {e}") return funcs.reserr("服务端添加peer失败!") clientwg.save() return funcs.resok()
def serverwg_change(wg): iface_id = wg.get("id") try: iface = ServerWg.objects.get(id=iface_id) except ServerWg.DoesNotExist: return funcs.reserr("需要修改的接口不存在,请检查输入。") iface_name = wg.get("iface", "") if iface_name == "": return funcs.reserr("需要修改的接口名不能为空") iface_old_name = iface.iface iface.iface = iface_name address = wg.get("address", "") if address == "": return funcs.reserr("address 是必须的") else: iface.address = address network = wg.get("network", "") if network == "": return funcs.reserr("network 是必须的") # 检查是否有其他接口使用了这个net if ServerWg.objects.filter(network=network).exclude(iface=iface_old_name): return funcs.reserr("需要修改的网络已存在,请检查输入。") iface.network = network prikey = wg.get("privatekey") if prikey: iface.privatekey = prikey try: iface.publickey = wgcmd.pubkey(prikey) except Exception: return funcs.reserr("privatekey 长度不对或格式不正确") else: iface.privatekey = wgcmd.genkey() iface.publickey = wgcmd.pubkey(iface.privatekey) iface.persistentkeepalive = wg.get("persistentkeepalive", 35) iface.boot = wg.get("boot", True) iface.comment = wg.get("comment", "") lp = wg.get("listenport", "") if lp == "": lp_id = ServerWg.objects.aggregate( Max("listenport")).get("listenport__max") iface.listenport = lp_id + 1 else: try: lp = int(lp) except Exception: return funcs.reserr("listenport 必须是 8324 ~ 65535 的数") if ServerWg.objects.filter(listenport=lp).exclude( iface=iface_old_name): return funcs.reserr(f"listenport: {lp} 已存在, 请检查输入。") else: iface.listenport = lp iface.save() return funcs.resok()