From 486bfd8a49237955083b9f6dc7266b9c17128d3c Mon Sep 17 00:00:00 2001 From: audibleblink Date: Tue, 18 Aug 2020 22:48:48 -0400 Subject: [PATCH] v0.3.0 * handle CORS request from browsers * fixes JSON marshalling * kill more Ruby references in readme * adds link to frontend in readme --- go.mod | 1 + go.sum | 2 ++ main.go | 10 +++++++--- readme.md | 17 ++++++++++++++--- 4 files changed, 24 insertions(+), 6 deletions(-) diff --git a/go.mod b/go.mod index 64bda6d..2e5b3b0 100644 --- a/go.mod +++ b/go.mod @@ -5,6 +5,7 @@ go 1.15 require ( cloud.google.com/go/bigquery v1.10.0 github.com/go-chi/chi v4.1.2+incompatible + github.com/go-chi/cors v1.1.1 golang.org/x/net v0.0.0-20200813134508-3edf25e44fcc // indirect google.golang.org/api v0.29.0 ) diff --git a/go.sum b/go.sum index 1f6fe03..d8b3a50 100644 --- a/go.sum +++ b/go.sum @@ -49,6 +49,8 @@ github.com/envoyproxy/go-control-plane v0.9.4/go.mod h1:6rpuAdCZL397s3pYoYcLgu1m github.com/envoyproxy/protoc-gen-validate v0.1.0/go.mod h1:iSmxcyjqTsJpI2R4NaDN7+kN2VEUnK/pcBlmesArF7c= github.com/go-chi/chi v4.1.2+incompatible h1:fGFk2Gmi/YKXk0OmGfBh0WgmN3XB8lVnEyNz34tQRec= github.com/go-chi/chi v4.1.2+incompatible/go.mod h1:eB3wogJHnLi3x/kFX2A+IbTBlXxmMeXJVKy9tTv1XzQ= +github.com/go-chi/cors v1.1.1 h1:eHuqxsIw89iXcWnWUN8R72JMibABJTN/4IOYI5WERvw= +github.com/go-chi/cors v1.1.1/go.mod h1:K2Yje0VW/SJzxiyMYu6iPQYa7hMjQX2i/F491VChg1I= github.com/go-gl/glfw v0.0.0-20190409004039-e6da0acd62b1/go.mod h1:vR7hzQXu2zJy9AVAgeJqvqgH9Q5CA+iKCZ2gyEVpxRU= github.com/go-gl/glfw/v3.3/glfw v0.0.0-20191125211704-12ad95a8df72/go.mod h1:tQ2UAYgL5IevRw8kRxooKSPJfGvJ9fJQFa0TUsXzTg8= github.com/go-gl/glfw/v3.3/glfw v0.0.0-20200222043503-6f7a984d4dc4/go.mod h1:tQ2UAYgL5IevRw8kRxooKSPJfGvJ9fJQFa0TUsXzTg8= diff --git a/main.go b/main.go index 9363ffb..64395c1 100644 --- a/main.go +++ b/main.go @@ -15,6 +15,7 @@ import ( "github.com/audibleblink/passdb/hibp" "github.com/go-chi/chi" "github.com/go-chi/chi/middleware" + "github.com/go-chi/cors" ) var ( @@ -52,6 +53,9 @@ func main() { r.Use(middleware.RealIP) r.Use(middleware.Logger) r.Use(middleware.Recoverer) + r.Use(cors.Handler(cors.Options{ + AllowedOrigins: []string{"*"}, + })) r.Get("/usernames/{username}", handleUsername) r.Get("/passwords/{password}", handlePassword) @@ -68,9 +72,9 @@ func main() { } type record struct { - Username string - Domain string - Password string + Username string `json:"username"` + Domain string `json:"domain"` + Password string `json:"password"` } type breach struct { diff --git a/readme.md b/readme.md index c15b319..e464852 100644 --- a/readme.md +++ b/readme.md @@ -4,8 +4,19 @@ Password-dump database API server. See accompanying [blog post](https://sec.alexflor.es/posts/2020/05/password-dump-database-part-2/) for more details. +See also [accompanying frontend](https://github.com/audibleblink/passdb-frontend) + ### Seeding +Torrents: +``` +# Collection #1 +magnet:?xt=urn:btih:b39c603c7e18db8262067c5926e7d5ea5d20e12e&dn=Collection+1 + +# Collections #2 - #5 +magnet:?xt=urn:btih:d136b1adde531f38311fbf43fb96fc26df1a34cd&dn=Collection+%232-%235+%26+Antipublic +``` + Dump entries should be in the format: ``` @@ -24,8 +35,8 @@ Once in the proper format, you can create the table and import the csv using the the GCP CLI tool, or from the web portal This will take a while. You may want to manully upload to GCP Storage and copy in the -data from there because if the upload fails with Rake, you'll have to start all over, -and burn through more of your bandwidth. +data from there because if the upload fails with the GCP CLI, you'll have to start all over, +and burn through more of your bandwidth (and credits). ## Usage @@ -49,5 +60,5 @@ Run: ```bash source .env -go run main.go +go run main.go [port] ```