mirror of
https://github.com/Jinnrry/PMail.git
synced 2025-11-01 12:22:38 +08:00
112 lines
2.7 KiB
Go
112 lines
2.7 KiB
Go
package auth
|
|
|
|
import (
|
|
"crypto"
|
|
"crypto/rand"
|
|
"crypto/rsa"
|
|
"crypto/x509"
|
|
"encoding/base64"
|
|
"encoding/pem"
|
|
log "github.com/sirupsen/logrus"
|
|
"os"
|
|
"pmail/db"
|
|
"pmail/dto"
|
|
"pmail/models"
|
|
"strings"
|
|
)
|
|
|
|
// HasAuth 检查当前用户是否有某个邮件的auth
|
|
func HasAuth(ctx *dto.Context, email *models.Email) bool {
|
|
// 获取当前用户的auth
|
|
var auth []models.UserAuth
|
|
err := db.Instance.Select(&auth, db.WithContext(ctx, "select * from user_auth where user_id = ?"), ctx.UserInfo.ID)
|
|
if err != nil {
|
|
log.WithContext(ctx).Errorf("SQL error:%+v", err)
|
|
return false
|
|
}
|
|
|
|
var hasAuth bool
|
|
for _, userAuth := range auth {
|
|
if userAuth.EmailAccount == "*" {
|
|
hasAuth = true
|
|
break
|
|
} else if strings.Contains(email.Bcc, ctx.UserInfo.Account) || strings.Contains(email.Cc, ctx.UserInfo.Account) || strings.Contains(email.To, ctx.UserInfo.Account) {
|
|
hasAuth = true
|
|
break
|
|
}
|
|
}
|
|
|
|
return hasAuth
|
|
}
|
|
|
|
func DkimGen() string {
|
|
privKeyStr, _ := os.ReadFile("./config/dkim/dkim.priv")
|
|
publicKeyStr, _ := os.ReadFile("./config/dkim/dkim.public")
|
|
if len(privKeyStr) > 0 && len(publicKeyStr) > 0 {
|
|
return string(publicKeyStr)
|
|
}
|
|
|
|
var (
|
|
privKey crypto.Signer
|
|
err error
|
|
)
|
|
|
|
privKey, err = rsa.GenerateKey(rand.Reader, 3072)
|
|
|
|
if err != nil {
|
|
log.Fatalf("Failed to generate key: %v", err)
|
|
}
|
|
|
|
privBytes, err := x509.MarshalPKCS8PrivateKey(privKey)
|
|
if err != nil {
|
|
log.Fatalf("Failed to marshal private key: %v", err)
|
|
}
|
|
|
|
f, err := os.OpenFile("./config/dkim/dkim.priv", os.O_RDWR|os.O_CREATE|os.O_TRUNC, 0600)
|
|
if err != nil {
|
|
log.Fatalf("Failed to create key file: %v", err)
|
|
}
|
|
defer f.Close()
|
|
|
|
privBlock := pem.Block{
|
|
Type: "PRIVATE KEY",
|
|
Bytes: privBytes,
|
|
}
|
|
if err := pem.Encode(f, &privBlock); err != nil {
|
|
log.Fatalf("Failed to write key PEM block: %v", err)
|
|
}
|
|
if err := f.Close(); err != nil {
|
|
log.Fatalf("Failed to close key file: %v", err)
|
|
}
|
|
|
|
var pubBytes []byte
|
|
|
|
switch pubKey := privKey.Public().(type) {
|
|
case *rsa.PublicKey:
|
|
// RFC 6376 is inconsistent about whether RSA public keys should
|
|
// be formatted as RSAPublicKey or SubjectPublicKeyInfo.
|
|
// Erratum 3017 (https://www.rfc-editor.org/errata/eid3017)
|
|
// proposes allowing both. We use SubjectPublicKeyInfo for
|
|
// consistency with other implementations including opendkim,
|
|
// Gmail, and Fastmail.
|
|
pubBytes, err = x509.MarshalPKIXPublicKey(pubKey)
|
|
if err != nil {
|
|
log.Fatalf("Failed to marshal public key: %v", err)
|
|
}
|
|
default:
|
|
panic("unreachable")
|
|
}
|
|
|
|
params := []string{
|
|
"v=DKIM1",
|
|
"k=rsa",
|
|
"p=" + base64.StdEncoding.EncodeToString(pubBytes),
|
|
}
|
|
|
|
publicKey := strings.Join(params, "; ")
|
|
|
|
os.WriteFile("./config/dkim/dkim.public", []byte(publicKey), 0666)
|
|
|
|
return publicKey
|
|
}
|