26 | 
27 | |
28 |
31 |
32 |
spekl (large text)
33 |small text
34 | 35 | 36 | You can donate to help support Brady with Impact Development. 37 | 38 | If you donate $5 USD or more (and enter your Minecraft username), you will recieve a few small rewards such as early access to upcoming releases through nightly builds (now including 1.14.4 builds), premium mods (currently Ignite), a cape visible to other Impact users, and a gold colored name in the Impact Discord Server. 39 | 40 | Before making a payment, ensure that your Minecraft Username or UUID is specified in the payment note and Discord Username#XXXX if you would like the roles in our server. Payments may take up to 72 hours to process. 41 | 42 | In order to access nightly builds you must join the Discord server and provide proof of payment, or when you make the payment specify your Discord account. 43 | PayPal. The safer, easier way to pay online. 44 | Impact is not a hack client, a cheat client, or a hacked client, it is a utility mod (like OptiFine). Please bear in mind that utility mods like Impact can be against the rules on some servers. 😉 45 | Contact us on discord 46 | More links 47 | 48 | 49 | `) 50 | ctx, cancel := context.WithTimeout(context.Background(), time.Second*10) 51 | defer cancel() 52 | resp, id, err := mailgun.MG.Send(ctx, message) 53 | if err != nil { 54 | return c.JSON(http.StatusInternalServerError, err.Error()) 55 | } 56 | fmt.Printf("ID: %s Resp: %s\n", id, resp) 57 | return c.JSON(http.StatusOK, resp) 58 | } 59 | -------------------------------------------------------------------------------- /src/middleware/index.go: -------------------------------------------------------------------------------- 1 | package middleware 2 | 3 | import ( 4 | "encoding/json" 5 | "fmt" 6 | "strings" 7 | 8 | "github.com/labstack/echo/v4" 9 | ) 10 | 11 | // Redirect trailing index.html's. 12 | // code must be in the 300 range 13 | func RemoveIndexHTML(code int) echo.MiddlewareFunc { 14 | return func(next echo.HandlerFunc) echo.HandlerFunc { 15 | return func(c echo.Context) error { 16 | // Copy URL struct 17 | address := c.Request().URL 18 | slice := deleteEmpty(strings.Split(address.Path, "/")) 19 | 20 | // If last path element is index.html 21 | if i := len(slice) - 1; i >= 0 && strings.ToLower(slice[i]) == "index.html" { 22 | // re-build the path without the last element 23 | address.Path = strings.Join(slice[:i], "/") 24 | 25 | // Echo tends to set the Request URL to just the path+query 26 | if address.Host == "" { 27 | address.Host = c.Request().Host 28 | } 29 | if address.Scheme == "" { 30 | address.Scheme = c.Scheme() 31 | } 32 | 33 | // Redirect 34 | return c.Redirect(code, address.String()) 35 | } 36 | return next(c) 37 | } 38 | } 39 | } 40 | 41 | // Remove empty elements from a slice 42 | func deleteEmpty(s []string) []string { 43 | var r []string 44 | for _, str := range s { 45 | if str != "" { 46 | r = append(r, str) 47 | } 48 | } 49 | return r 50 | } 51 | 52 | func EnforceHTTPS(code int) echo.MiddlewareFunc { 53 | return func(next echo.HandlerFunc) echo.HandlerFunc { 54 | return func(c echo.Context) error { 55 | // we CANNOT use X-Forwarded-Proto 56 | // reason: while user -> cloudflare results in cloudflare -> heroku having the correct X-Forwarded-Proto 57 | // heroku overwrites this header to the scheme used in the cloudflare -> heroku hop, which is http 58 | visitorStr := c.Request().Header.Get("Cf-Visitor") 59 | if visitorStr == "" { 60 | // perhaps this is local dev on localhost 61 | // regardless of how it happened, this ain't cloudflare 62 | return next(c) 63 | } 64 | var visitor struct { 65 | Scheme string `json:"scheme"` 66 | } 67 | err := json.Unmarshal([]byte(visitorStr), &visitor) 68 | if err != nil { 69 | fmt.Println("Cloudflare sent unparseable Cf-Visitor header??", visitorStr) 70 | return next(c) 71 | } 72 | if visitor.Scheme != "http" { 73 | return next(c) 74 | } 75 | // it is http 76 | addr := c.Request().URL 77 | if addr.Path == "/releases.json" { 78 | // don't break 4.7 and 4.8 update checker 79 | return next(c) 80 | } 81 | addr.Scheme = "https" 82 | addr.Host = c.Request().Host 83 | c.Response().Header().Set("Cache-Control", "private, max-age=0") 84 | return c.Redirect(code, addr.String()) 85 | } 86 | } 87 | } 88 | -------------------------------------------------------------------------------- /src/api/v1/server.go: -------------------------------------------------------------------------------- 1 | package v1 2 | 3 | import ( 4 | "net/http" 5 | 6 | "github.com/ImpactDevelopment/ImpactServer/src/jwt" 7 | 8 | "github.com/ImpactDevelopment/ImpactServer/src/middleware" 9 | "github.com/labstack/echo/v4" 10 | ) 11 | 12 | // API configures the Group to implement v1 of the API 13 | func API(api *echo.Group) { 14 | // TODO API Doc 15 | 16 | api.GET("/thealtening/info", getTheAlteningInfo, middleware.CacheUntilPurge()) 17 | api.GET("/motd", getMotd, middleware.CacheUntilPurge()) 18 | api.GET("/themes", getThemes, middleware.CacheUntilPurge()) 19 | api.GET("/minecraft/user/info", getUserInfo, middleware.CacheUntilPurge()) 20 | api.GET("/minecraft/user/:role/list", getRoleMembers, middleware.CacheUntilPurge()) 21 | api.GET("/dbtest", dbTest, middleware.NoCache()) 22 | api.GET("/user/me", getUser, middleware.NoCache(), middleware.RequireAuth) 23 | api.PATCH("/user/me", patchUser, middleware.NoCache(), middleware.RequireAuth) 24 | api.PUT("/password/me", putPassword, middleware.NoCache(), middleware.RequireAuth) 25 | api.PUT("/password/:token", putPassword, middleware.NoCache()) 26 | api.Match([]string{http.MethodGet, http.MethodPost}, "/password/reset", resetPassword, middleware.NoCache()) // TODO ratelimit resets 27 | api.Match([]string{http.MethodGet, http.MethodPost}, "/login/password", jwt.PasswordLoginHandler, middleware.NoCache()) 28 | api.Match([]string{http.MethodGet, http.MethodPost}, "/login/minecraft", jwt.MinecraftLoginHandler, middleware.NoCache()) 29 | api.Match([]string{http.MethodGet, http.MethodPost}, "/login/discord", jwt.DiscordLoginHandler, middleware.NoCache()) 30 | api.Any("/stripe/info", getStripeInfo, middleware.CacheUntilPurge()) 31 | api.Any("/stripe/webhook", handleStripeWebhook, middleware.NoCache()) 32 | api.Match([]string{http.MethodGet, http.MethodPost}, "/stripe/createpayment", createStripePayment, middleware.NoCache()) 33 | api.Match([]string{http.MethodGet, http.MethodPost}, "/stripe/redeem", redeemStripePayment, middleware.NoCache()) 34 | api.GET("/stripe/connect/login", getStripeLogin, middleware.NoCache(), middleware.RequireAuth) 35 | api.Match([]string{http.MethodGet, http.MethodPost}, "/checktoken", checkToken, middleware.NoCache()) 36 | api.Match([]string{http.MethodGet, http.MethodPost}, "/register/token", registerWithToken, middleware.NoCache()) 37 | api.GET("/emailtest", emailTest, middleware.NoCache()) 38 | api.GET("/premiumcheck", premiumCheck, middleware.NoCache()) 39 | api.GET("/integration/futureclient/masonlist", futureIntegrationMasonList, middleware.NoCache()) 40 | api.GET("/integration/futureclient/overalldata", futureIntegrationOverallData, middleware.NoCache()) 41 | api.GET("/integration/impactbot/checkdonator/:discordid", checkDonator, middleware.NoCache()) 42 | api.GET("/integration/impactbot/genkey", genkey, middleware.NoCache()) 43 | } 44 | -------------------------------------------------------------------------------- /static/min/init-min.js: -------------------------------------------------------------------------------- 1 | /* https://javascript-minifier.com/ */ 2 | !function(s){s(function(){s(".scrollspy").scrollSpy();var e,a,n=2500,t=3800,d=t-3e3,l=50,r=150,o=500,c=o+800,h=600,p=1500;function u(i){var e=m(i);if(i.parents(".cd-headline").hasClass("type")){var a=i.parent(".cd-words-wrapper");a.addClass("selected").removeClass("waiting"),setTimeout(function(){a.removeClass("selected"),i.removeClass("is-visible").addClass("is-hidden").children("i").removeClass("in").addClass("out")},o),setTimeout(function(){f(e,r)},c)}else if(i.parents(".cd-headline").hasClass("letters")){var p=i.children("i").length>=e.children("i").length;!function i(e,a,t,d){e.removeClass("in").addClass("out");e.is(":last-child")?t&&setTimeout(function(){u(m(a))},n):setTimeout(function(){i(e.next(),a,t,d)},d);if(e.is(":last-child")&&s("html").hasClass("no-csstransitions")){var l=m(a);w(a,l)}}(i.find("i").eq(0),i,p,l),C(e.find("i").eq(0),e,p,l)}else i.parents(".cd-headline").hasClass("clip")?i.parents(".cd-words-wrapper").animate({width:"2px"},h,function(){w(i,e),f(e)}):i.parents(".cd-headline").hasClass("loading-bar")?(i.parents(".cd-words-wrapper").removeClass("is-loading"),w(i,e),setTimeout(function(){u(e)},t),setTimeout(function(){i.parents(".cd-words-wrapper").addClass("is-loading")},d)):(w(i,e),setTimeout(function(){u(e)},n))}function f(s,i){s.parents(".cd-headline").hasClass("type")?(C(s.find("i").eq(0),s,!1,i),s.addClass("is-visible").removeClass("is-hidden")):s.parents(".cd-headline").hasClass("clip")&&s.parents(".cd-words-wrapper").animate({width:s.width()+10},h,function(){setTimeout(function(){u(s)},p)})}function C(s,i,e,a){s.addClass("in").removeClass("out"),s.is(":last-child")?(i.parents(".cd-headline").hasClass("type")&&setTimeout(function(){i.parents(".cd-words-wrapper").addClass("waiting")},200),e||setTimeout(function(){u(i)},n)):setTimeout(function(){C(s.next(),i,e,a)},a)}function m(s){return s.is(":last-child")?s.parent().children().eq(0):s.next()}function w(s,i){s.removeClass("is-visible").addClass("is-hidden"),i.removeClass("is-hidden").addClass("is-visible")}s(".cd-headline.letters").find("b").each(function(){var e=s(this),a=e.text().split(""),n=e.hasClass("is-visible");for(i in a)e.parents(".rotate-2").length>0&&(a[i]=""+a[i]+""),a[i]=n?''+a[i]+"":""+a[i]+"";var t=a.join("");e.html(t).css("opacity",1)}),e=s(".cd-headline"),a=n,e.each(function(){var i=s(this);if(i.hasClass("loading-bar"))a=t,setTimeout(function(){i.find(".cd-words-wrapper").addClass("is-loading")},d);else if(i.hasClass("clip")){var e=i.find(".cd-words-wrapper"),n=e.width()+10;e.css("width",n)}else if(!i.hasClass("type")){var l=i.find(".cd-words-wrapper b"),r=0;l.each(function(){var i=s(this).width();i>r&&(r=i)}),i.find(".cd-words-wrapper").css("width",r)}setTimeout(function(){u(i.find(".is-visible").eq(0))},a)}),s(".button-collapse").sideNav({menuWidth:240,draggable:!0,closeOnClick:!0}),s(".parallax").parallax()})}(jQuery); -------------------------------------------------------------------------------- /src/minecraft/profile.go: -------------------------------------------------------------------------------- 1 | package minecraft 2 | 3 | import ( 4 | "github.com/ImpactDevelopment/ImpactServer/src/util" 5 | "github.com/google/uuid" 6 | "github.com/labstack/echo/v4" 7 | "net/http" 8 | "net/url" 9 | "strings" 10 | ) 11 | 12 | const urlNames = "https://api.mojang.com/user/profiles/You can now close this window.
88 | 91 | 92 | -------------------------------------------------------------------------------- /src/middleware/index_test.go: -------------------------------------------------------------------------------- 1 | package middleware 2 | 3 | import ( 4 | "net/http" 5 | "net/http/httptest" 6 | "testing" 7 | 8 | "github.com/labstack/echo/v4" 9 | "github.com/stretchr/testify/assert" 10 | ) 11 | 12 | func TestIndexToSlash(t *testing.T) { 13 | // Helper func to setup the test 14 | setup := func(code int) (e *echo.Echo) { 15 | e = echo.New() 16 | e.Pre(RemoveIndexHTML(code)) 17 | e.Any("/*", func(c echo.Context) error { 18 | return c.String(http.StatusOK, "Ok cowboy") 19 | }) 20 | return 21 | } 22 | 23 | // Helper function to run a request and return the response 24 | test := func(s *echo.Echo, url string) *httptest.ResponseRecorder { 25 | req := httptest.NewRequest(http.MethodGet, url, nil) 26 | rec := httptest.NewRecorder() 27 | s.ServeHTTP(rec, req) 28 | return rec 29 | } 30 | 31 | e := setup(http.StatusMovedPermanently) 32 | 33 | // index.html/ should produce 301 34 | rec := test(e, "http://foobar.net/foo/bar/index.html/") 35 | assert.Equal(t, http.StatusMovedPermanently, rec.Code) 36 | assert.Equal(t, "http://foobar.net/foo/bar", rec.Header().Get(echo.HeaderLocation)) 37 | assert.Equal(t, "", rec.Body.String()) 38 | 39 | // index.html should produce 301 40 | rec = test(e, "http://foobar.net/foo/bar/index.html") 41 | assert.Equal(t, http.StatusMovedPermanently, rec.Code) 42 | assert.Equal(t, "http://foobar.net/foo/bar", rec.Header().Get(echo.HeaderLocation)) 43 | assert.Equal(t, "", rec.Body.String()) 44 | 45 | // / should not redirect 46 | rec = test(e, "http://foobar.net/foo/bar/") 47 | assert.Equal(t, http.StatusOK, rec.Code) 48 | assert.Equal(t, "", rec.Header().Get(echo.HeaderLocation)) 49 | assert.Equal(t, "Ok cowboy", rec.Body.String()) 50 | 51 | // neither should bare path 52 | rec = test(e, "http://foobar.net/foo/bar") 53 | assert.Equal(t, http.StatusOK, rec.Code) 54 | assert.Equal(t, "", rec.Header().Get(echo.HeaderLocation)) 55 | assert.Equal(t, "Ok cowboy", rec.Body.String()) 56 | 57 | // root/ 58 | rec = test(e, "http://foobar.net/") 59 | assert.Equal(t, http.StatusOK, rec.Code) 60 | assert.Equal(t, "", rec.Header().Get(echo.HeaderLocation)) 61 | assert.Equal(t, "Ok cowboy", rec.Body.String()) 62 | 63 | // root 64 | rec = test(e, "http://foobar.net") 65 | assert.Equal(t, http.StatusOK, rec.Code) 66 | assert.Equal(t, "", rec.Header().Get(echo.HeaderLocation)) 67 | assert.Equal(t, "Ok cowboy", rec.Body.String()) 68 | 69 | // index.html/ should produce 301 70 | rec = test(e, "http://foobar.net/index.html/") 71 | assert.Equal(t, http.StatusMovedPermanently, rec.Code) 72 | assert.Equal(t, "http://foobar.net", rec.Header().Get(echo.HeaderLocation)) 73 | assert.Equal(t, "", rec.Body.String()) 74 | 75 | // index.html should produce 301 76 | rec = test(e, "http://foobar.net/index.html") 77 | assert.Equal(t, http.StatusMovedPermanently, rec.Code) 78 | assert.Equal(t, "http://foobar.net", rec.Header().Get(echo.HeaderLocation)) 79 | assert.Equal(t, "", rec.Body.String()) 80 | 81 | // Try with a different status code 82 | e = setup(http.StatusFound) 83 | rec = test(e, "http://foobar.net/index.html") 84 | assert.Equal(t, http.StatusFound, rec.Code) 85 | assert.Equal(t, "http://foobar.net", rec.Header().Get(echo.HeaderLocation)) 86 | assert.Equal(t, "", rec.Body.String()) 87 | } 88 | -------------------------------------------------------------------------------- /src/users/user_info.go: -------------------------------------------------------------------------------- 1 | package users 2 | 3 | import "github.com/google/uuid" 4 | 5 | // Public information about the user, can be hidden using `incognito` 6 | // Be sure to update src/users/features.go:publicFeatures() if adding/removing features 7 | type UserInfo struct { 8 | // Icon to display next to this user 9 | Icon string `json:"icon,omitempty"` 10 | // Cape this user should wear 11 | Cape string `json:"cape,omitempty"` 12 | // Color code of the text for nametags. e.g. LIGHT_PURPLE or BLUE 13 | TextColor string `json:"text_color,omitempty"` 14 | // Numeric ARGB color of the nametag background. Empty string for default. e.g. 1358954495 for pepsi's light gray 15 | BackgroundColor string `json:"bg_color,omitempty"` 16 | // Numeric ARGB color of the nametag border. Empty string for default. e.g. -1761673216 for pepsi's red 17 | BorderColor string `json:"border_color,omitempty"` 18 | } 19 | 20 | // NewUserInfo creates a UserInfo based on a User's roles and any special cases that apply to them 21 | func NewUserInfo(user User) *UserInfo { 22 | var info UserInfo 23 | 24 | if user.MinecraftID != nil { 25 | if special, ok := specialCases[*user.MinecraftID]; ok { 26 | if special.info != nil { 27 | info = *special.info 28 | } 29 | } 30 | } 31 | 32 | for _, role := range getRolesSorted(user.Roles) { // go in order from highest priority to least (aka numerically lowest to highest) 33 | role.applyDefaults(&info) 34 | } 35 | 36 | return &info 37 | } 38 | 39 | var specialCases = map[uuid.UUID]roleTemplate{ // TODO this should basically just be a SELECT * FROM customizations; 40 | // catgorl 41 | uuid.MustParse("2c3174fc-0c6b-4cfb-bb2b-0069bf7294d1"): { 42 | info: &UserInfo{ 43 | TextColor: "LIGHT_PURPLE", 44 | }, 45 | }, 46 | // leijurv 47 | uuid.MustParse("51dcd870-d33b-40e9-9fc1-aecdcff96081"): { 48 | info: &UserInfo{ 49 | TextColor: "RED", 50 | Icon: "https://files.impactclient.net/img/texture/speckles128.png", 51 | }, 52 | edition: &Edition{ 53 | Icon: "https://files.impactclient.net/img/texture/speckles128.png", 54 | }, 55 | }, 56 | // liejurv since leijurv is disabled 57 | uuid.MustParse("7b9c005b-011e-42de-bfb4-c0003f5c3a77"): { 58 | info: &UserInfo{ 59 | TextColor: "RED", 60 | Icon: "https://files.impactclient.net/img/texture/speckles128.png", 61 | }, 62 | edition: &Edition{ 63 | Icon: "https://files.impactclient.net/img/texture/speckles128.png", 64 | }, 65 | }, 66 | // triibu popstonia 67 | uuid.MustParse("8e563236-c7f5-4c82-aa27-c95bf3f4c322"): { 68 | info: &UserInfo{ 69 | Icon: "https://files.impactclient.net/img/texture/popstonia.png", 70 | }, 71 | }, 72 | // popstonia (rebane) 73 | uuid.MustParse("342fc44b-1fd1-4272-a4c3-a98a2df98abc"): { 74 | info: &UserInfo{ 75 | Icon: "https://files.impactclient.net/img/texture/popstonia.png", 76 | }, 77 | }, 78 | // HermeticLock 79 | uuid.MustParse("e97ff4c0-48bf-4c98-be34-248fdde2ffd3"): { 80 | info: &UserInfo{ 81 | TextColor: "RED", 82 | Icon: "https://i.imgur.com/aKt1g4H.jpg", 83 | Cape: "https://i.imgur.com/bvhC1Xk.png", 84 | }, 85 | edition: &Edition{ 86 | Icon: "https://i.imgur.com/aKt1g4H.jpg", 87 | }, 88 | }, 89 | // peanut 90 | uuid.MustParse("9d913c0a-3d57-4ce9-8b7d-689973312856"): { 91 | info: &UserInfo{ 92 | TextColor: "ORANGE", 93 | }, 94 | }, 95 | } 96 | -------------------------------------------------------------------------------- /src/middleware/auth.go: -------------------------------------------------------------------------------- 1 | package middleware 2 | 3 | import ( 4 | "fmt" 5 | "github.com/ImpactDevelopment/ImpactServer/src/jwt" 6 | "github.com/ImpactDevelopment/ImpactServer/src/users" 7 | "github.com/labstack/echo/v4" 8 | "net/http" 9 | "os" 10 | "regexp" 11 | ) 12 | 13 | const userCtxKey = "user" 14 | 15 | var authBearerRegx = regexp.MustCompile(`^Bearer\s+(\S+)`) 16 | 17 | // GetUser returns the User object attached to the context, presumably by the RequireAuth middleware. 18 | // Otherwise it returns nil. 19 | func GetUser(c echo.Context) (user *users.User) { 20 | // Try to cast to *user.User, ignore if it failed, user probably just isn't set 21 | user, _ = c.Get(userCtxKey).(*users.User) 22 | return 23 | } 24 | 25 | var Auth = func(next echo.HandlerFunc) echo.HandlerFunc { 26 | return func(c echo.Context) error { 27 | if header := c.Request().Header.Get(echo.HeaderAuthorization); header != "" { 28 | if m := authBearerRegx.FindStringSubmatch(header); len(m) == 2 && m[1] != "" { 29 | token := m[1] 30 | 31 | // Verify the JWT 32 | user, err := jwt.Verify(token) 33 | if err != nil { 34 | return echo.NewHTTPError(http.StatusUnauthorized, "invalid token").SetInternal(err) 35 | } 36 | // Set the user context userCtxKey 37 | c.Set(userCtxKey, user) 38 | } 39 | } 40 | return next(c) 41 | } 42 | } 43 | 44 | // RequireAuth requires that the Authorization header be set, correctly formatted, and the token to be valid 45 | // For invalid token, it sends “401 - Unauthorized” response. 46 | // For missing or invalid Authorization header, it sends “400 - Bad Request”. 47 | var RequireAuth = func(next echo.HandlerFunc) echo.HandlerFunc { 48 | return func(c echo.Context) error { 49 | header := c.Request().Header.Get(echo.HeaderAuthorization) 50 | if header == "" { 51 | return echo.NewHTTPError(http.StatusBadRequest, "authentication is required") 52 | } 53 | if m := authBearerRegx.FindStringSubmatch(header); len(m) != 2 || m[1] == "" { 54 | return echo.NewHTTPError(http.StatusBadRequest, "invalid "+echo.HeaderAuthorization+" header") 55 | } 56 | return Auth(func(c echo.Context) error { 57 | // Require Auth to have succeeded 58 | if user := GetUser(c); user == nil { 59 | return echo.NewHTTPError(http.StatusUnauthorized, "no user found") 60 | } 61 | return next(c) 62 | })(c) 63 | } 64 | } 65 | 66 | // RequireRoles returns a middleware that requires the user to have at least one of the provided role IDs. 67 | // This middleware automatically calls RequireAuth 68 | func RequireRole(roles ...string) echo.MiddlewareFunc { 69 | // Figure out how best to print the roles in http errors 70 | var rolesString string 71 | if len(roles) == 1 { 72 | rolesString = fmt.Sprintf("%v", roles[0]) 73 | } else { 74 | rolesString = fmt.Sprintf("%v", roles) 75 | } 76 | 77 | return func(next echo.HandlerFunc) echo.HandlerFunc { 78 | return RequireAuth(func(c echo.Context) error { 79 | user := GetUser(c) 80 | if user == nil { 81 | return echo.NewHTTPError(http.StatusBadRequest, fmt.Sprintf("Roles required but no user: %v", rolesString)) 82 | } 83 | 84 | // If any role matches, continue with request 85 | for _, role := range user.Roles { 86 | for _, required := range roles { 87 | if role.ID == required { 88 | return next(c) 89 | } 90 | } 91 | } 92 | 93 | // The user doesn't have any matching roles 94 | return echo.NewHTTPError(http.StatusUnauthorized, fmt.Sprintf("Required at least one role from %v", rolesString)) 95 | }) 96 | } 97 | } 98 | 99 | func AuthGetParam() echo.MiddlewareFunc { 100 | return func(next echo.HandlerFunc) echo.HandlerFunc { 101 | return func(c echo.Context) error { 102 | auth := c.QueryParam("auth") + "0" 103 | if auth != os.Getenv("API_AUTH_SECRET") { 104 | return c.JSON(http.StatusForbidden, "auth wrong im sowwy") 105 | } 106 | return next(c) 107 | } 108 | } 109 | } 110 | -------------------------------------------------------------------------------- /src/api/v1/minecraft.go: -------------------------------------------------------------------------------- 1 | package v1 2 | 3 | import ( 4 | "crypto/sha256" 5 | "encoding/hex" 6 | "log" 7 | "net/http" 8 | "reflect" 9 | "strings" 10 | 11 | "github.com/ImpactDevelopment/ImpactServer/src/database" 12 | 13 | "github.com/ImpactDevelopment/ImpactServer/src/cloudflare" 14 | "github.com/ImpactDevelopment/ImpactServer/src/users" 15 | "github.com/google/uuid" 16 | 17 | "github.com/labstack/echo/v4" 18 | ) 19 | 20 | var userData map[string]users.UserInfo 21 | var userDataNonHashed map[string]users.UserInfo 22 | 23 | var legacyRoles map[string]string 24 | 25 | // API Handler /minecraft/user/info 26 | func getUserInfo(c echo.Context) error { 27 | return c.JSON(http.StatusOK, userData) 28 | } 29 | 30 | // Legacy API handler /minecraft/user/:role/list 31 | func getRoleMembers(c echo.Context) error { 32 | ret := legacyRoles[c.Param("role")] 33 | if ret == "" { 34 | return c.NoContent(http.StatusNotFound) 35 | } 36 | return c.String(http.StatusOK, ret) 37 | } 38 | 39 | func init() { 40 | usersList := database.GetAllUsers() 41 | updatedData(usersList) 42 | updatedLegacyRoles(usersList) 43 | database.CallbackOnUsersTableUpdate(checkDatabaseForUpdatedUsers) 44 | } 45 | 46 | func checkDatabaseForUpdatedUsers() { 47 | usersList := database.GetAllUsers() 48 | if updatedData(usersList) { 49 | log.Println("MC UPDATE: Updated user info") 50 | cloudflare.PurgeURLs([]string{ 51 | "https://api.impactclient.net/v1/minecraft/user/info", 52 | }) 53 | } 54 | if updatedLegacyRoles(usersList) { 55 | log.Println("MC UPDATE: Updated user legacy data") 56 | cloudflare.PurgeURLs([]string{ 57 | "https://api.impactclient.net/v1/minecraft/user/staff/list", 58 | "https://api.impactclient.net/v1/minecraft/user/developer/list", 59 | "https://api.impactclient.net/v1/minecraft/user/pepsi/list", 60 | "https://api.impactclient.net/v1/minecraft/user/premium/list", 61 | }) 62 | } 63 | } 64 | 65 | func updatedData(usersList []users.User) bool { 66 | newUserData, newUnhashed := generateMap(usersList) 67 | // reflect.DeepEqual is slow, especially since this map is big 68 | if userData == nil || !reflect.DeepEqual(newUserData, userData) { 69 | userData = newUserData 70 | userDataNonHashed = newUnhashed 71 | return true 72 | } 73 | return false 74 | } 75 | 76 | func updatedLegacyRoles(usersList []users.User) bool { 77 | newLegacyRoles := generateLegacy(usersList) 78 | // reflect.DeepEqual is slow, especially since this map is big 79 | if legacyRoles == nil || !reflect.DeepEqual(newLegacyRoles, legacyRoles) { 80 | legacyRoles = newLegacyRoles 81 | return true 82 | } 83 | return false 84 | } 85 | 86 | func generateLegacy(usersList []users.User) map[string]string { 87 | m := make(map[string]string) 88 | for role, roleVal := range users.Roles { 89 | if !roleVal.LegacyList { 90 | continue 91 | } 92 | var list strings.Builder 93 | for _, user := range usersList { 94 | if !user.HasRoleWithID(role) { 95 | continue 96 | } 97 | if !user.LegacyEnabled { 98 | continue 99 | } 100 | if minecraftID := user.MinecraftID; minecraftID != nil { 101 | list.WriteString(minecraftID.String() + "\n") 102 | } 103 | } 104 | m[role] = list.String() 105 | } 106 | return m 107 | } 108 | 109 | func generateMap(usersList []users.User) (map[string]users.UserInfo, map[string]users.UserInfo) { 110 | data := make(map[string]users.UserInfo) 111 | unhashed := make(map[string]users.UserInfo) 112 | for _, user := range usersList { 113 | if !user.Incognito && user.MinecraftID != nil && user.UserInfo != nil { 114 | // if a user has cape disabled, they are trying to be incognito. we should send no entry at all. not good enough to send "HASH123":{}. 115 | data[hashUUID(*user.MinecraftID)] = *user.UserInfo 116 | unhashed[user.MinecraftID.String()] = *user.UserInfo 117 | } 118 | } 119 | return data, unhashed 120 | } 121 | 122 | func hashUUID(uuid uuid.UUID) string { 123 | hash := sha256.Sum256([]byte(uuid.String())) 124 | return hex.EncodeToString(hash[:]) 125 | } 126 | -------------------------------------------------------------------------------- /src/database/user.go: -------------------------------------------------------------------------------- 1 | package database 2 | 3 | import ( 4 | "database/sql" 5 | "fmt" 6 | "github.com/lib/pq" 7 | 8 | "github.com/ImpactDevelopment/ImpactServer/src/users" 9 | "github.com/google/uuid" 10 | ) 11 | 12 | type userRow struct { 13 | id uuid.UUID 14 | email sql.NullString 15 | minecraft NullUUID 16 | discord sql.NullString 17 | passwdHash sql.NullString 18 | stripe sql.NullString 19 | legacyEnabled bool 20 | capeEnabled bool 21 | legacy bool 22 | roleList pq.StringArray 23 | } 24 | 25 | // rowScanner is implemented by sql.Row and sql.Rows 26 | type rowScanner interface { 27 | Scan(dest ...interface{}) error 28 | } 29 | 30 | // scanUsersView takes a sql.Row or sql.Rows and scans it into the user. 31 | // It is assumed the row is has the same column order as `users_view` 32 | func (user *userRow) scanUsersView(row rowScanner) error { 33 | return row.Scan(&user.id, &user.email, &user.minecraft, &user.discord, &user.passwdHash, &user.stripe, &user.capeEnabled, &user.legacyEnabled, &user.legacy, &user.roleList) 34 | } 35 | 36 | // makeUser converts a userRow into a users.User 37 | func (user *userRow) makeUser() users.User { 38 | ret := users.User{ 39 | LegacyEnabled: user.legacyEnabled, 40 | Incognito: !user.capeEnabled, 41 | Legacy: user.legacy, 42 | Roles: user.roles(), 43 | } 44 | if user.email.Valid { 45 | ret.Email = user.email.String 46 | } 47 | if user.minecraft.Valid { 48 | ret.MinecraftID = &user.minecraft.UUID 49 | } 50 | if user.discord.Valid { 51 | ret.DiscordID = user.discord.String 52 | } 53 | if user.passwdHash.Valid { 54 | ret.PasswordHash = user.passwdHash.String 55 | } 56 | if user.stripe.Valid { 57 | ret.StripeID = user.stripe.String 58 | } 59 | ret.UserInfo = users.NewUserInfo(ret) 60 | ret.ID = user.id 61 | return ret 62 | } 63 | 64 | func (user userRow) roles() []users.Role { 65 | var roles []users.Role 66 | for _, roleID := range user.roleList { 67 | if role, ok := users.Roles[roleID]; ok { 68 | roles = append(roles, role) 69 | } else { 70 | fmt.Printf("User %s has unknown role %s\n", user.id, roleID) 71 | } 72 | } 73 | return roles 74 | } 75 | 76 | // GetAllUsers returns... all the users 77 | func GetAllUsers() []users.User { 78 | if DB == nil { 79 | fmt.Println("Database not connected!") 80 | return nil 81 | } 82 | 83 | rows, err := DB.Query(`SELECT * FROM users_view`) 84 | if err != nil { 85 | panic(err) 86 | } 87 | defer rows.Close() 88 | 89 | ret := make([]users.User, 0) 90 | for rows.Next() { 91 | var r userRow 92 | err = r.scanUsersView(rows) 93 | if err != nil { 94 | panic(err) 95 | } 96 | ret = append(ret, r.makeUser()) 97 | } 98 | 99 | err = rows.Err() 100 | if err != nil { 101 | panic(err) 102 | } 103 | 104 | return ret 105 | } 106 | 107 | // LookupUserByMinecraftID returns the matching user, or nil if not found 108 | func LookupUserByID(id uuid.UUID) *users.User { 109 | return lookupUserByField("user_id", id) 110 | } 111 | 112 | func LookupUserByEmail(email string) *users.User { 113 | return lookupUserByField("email", email) 114 | } 115 | 116 | // LookupUserByMinecraftID returns the matching user, or nil if not found 117 | func LookupUserByMinecraftID(minecraftID uuid.UUID) *users.User { 118 | return lookupUserByField("mc_uuid", minecraftID) 119 | } 120 | 121 | // LookupUserByDiscordID returns the matching user, or nil if not found 122 | func LookupUserByDiscordID(discordID string) *users.User { 123 | return lookupUserByField("discord_id", discordID) 124 | } 125 | 126 | func lookupUserByField(field string, value interface{}) *users.User { 127 | if DB == nil { 128 | fmt.Println("Database not connected!") 129 | return nil 130 | } 131 | 132 | var r userRow 133 | err := r.scanUsersView(DB.QueryRow(`SELECT * FROM users_view WHERE `+field+` = $1`, value)) 134 | if err != nil { 135 | if err == sql.ErrNoRows { 136 | return nil // no match 137 | } 138 | panic(err) // any other error 139 | } 140 | 141 | user := r.makeUser() 142 | return &user 143 | } 144 | -------------------------------------------------------------------------------- /static/account_explanation.html: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 |
24 |
61 | How Impact Accounts work
25 |
26 |
60 | The current system
27 |28 | The newer (4.8+) Impact Account system separates enabling premium and listing info (such as capes). It also adds a layer of privacy to showing info. 29 |
30 | Our API shows a SHA hashed version of your Minecraft ID, which prevents somebody from easily getting a list of Impact Account holders. 31 | However, it is still possible for them to check if individual Minecraft accounts have Impact Account features. 32 | They can do this by hashing the Minecraft ID and then looking through the API's list to see if the resultant hash is in the list. 33 | If you don't want this to be possible, you can enable Incognito Mode and you won't be included in the list. 34 | Not being in the list means no one can tell if you have an Impact Account or not, including other Impact users. 35 |
36 | Because listing info and enabling premium now separated, if you enable Incognito Mode you will still get access to other Impact Account features, such as donation perks like Ignite and nightly builds. 37 | These features use Minecraft's authentication system (the same one used by Multiplayer Servers). This means you must launch Impact while online and logged in to the Minecraft account that is linked to your Impact Account. 38 |
39 |The legacy system
40 |
41 | The legacy (pre 4.8) Impact Account system uses plain text lists that list all Minecraft IDs with a given "role" (e.g. the premium role for donators).
42 |
44 | The problem with this is that anyone can easily get a list of Impact Accounts holders. 45 | For example an overzealous moderator might set up a system that bans anyone with an Impact Account automatically. 46 |
47 |48 | An additional issue is that the same list is used for enabling all features, from capes to Ignite, so it's not possible to have an "Incognito Mode" that doesn't disable everything. 49 | Luckily there's little reason to use an Impact version before 4.8, since 4.8 supports 1.12.2, 1.13.2 and 1.14.4. 50 | Therefore we don't recommend having "Legacy mode" enabled unless you understand the privacy concerns and want Impact Account features on Impact versions prior to 4.8. 51 |
52 |Open Source
53 |54 | This website and all the code that makes it run, including the Impact Account code, is open source. 55 | If you know how to read code why not browse our GitHub repo? 56 |
57 | Even better if you spot something that could be improved, you can report an Issue or even contribute directly by proposing a Pull Request! 58 |
59 |
59 |
102 |
103 |
104 |
105 |
106 |
--------------------------------------------------------------------------------
/src/api/v1/themes.go:
--------------------------------------------------------------------------------
1 | package v1
2 |
3 | import (
4 | "net/http"
5 |
6 | "github.com/labstack/echo/v4"
7 | )
8 |
9 | type (
10 | theme struct {
11 | Background *background `json:"background,omitempty"`
12 | DefaultFont *font `json:"default_font,omitempty"`
13 | TitleFont *font `json:"title_font,omitempty"`
14 | MOTDFont *font `json:"motd_font,omitempty"`
15 | // TODO add useful things to themes
16 | }
17 | background struct {
18 | // Epic meme make the client support data:image/png;base64 URIs
19 | URL string `json:"url,omitempty"`
20 | }
21 | font struct {
22 | Color uint32 `json:"color,omitempty"`
23 | }
24 | )
25 |
26 | // API Handler
27 | func getThemes(c echo.Context) error {
28 | return c.JSON(http.StatusOK, themes)
29 | }
30 |
31 | var themes = map[string]theme{
32 | "Impact": {
33 | Background: &background{URL: "https://impactdevelopment.github.io/Resources/textures/backgrounds/Pink_sunset_at_Visevnik.jpg"},
34 | },
35 | "alexandre-godreau": {
36 | Background: &background{URL: "https://impactdevelopment.github.io/Resources/textures/backgrounds/alexandre-godreau-203580-unsplash.jpg"},
37 | },
38 | "andrew-ruiz": {
39 | Background: &background{URL: "https://impactdevelopment.github.io/Resources/textures/backgrounds/andrew-ruiz-406374-unsplash.jpg"},
40 | },
41 | "aniket-deole": {
42 | Background: &background{URL: "https://impactdevelopment.github.io/Resources/textures/backgrounds/aniket-deole-294646-unsplash.jpg"},
43 | },
44 | "bailey-zindel": {
45 | Background: &background{URL: "https://impactdevelopment.github.io/Resources/textures/backgrounds/bailey-zindel-396398-unsplash.jpg"},
46 | },
47 | "benjamin-voros": {
48 | Background: &background{URL: "https://impactdevelopment.github.io/Resources/textures/backgrounds/benjamin-voros-575800-unsplash.jpg"},
49 | },
50 | "casey-horner": {
51 | Background: &background{URL: "https://impactdevelopment.github.io/Resources/textures/backgrounds/casey-horner-1265505-unsplash.jpg"},
52 | },
53 | "daniel-leone": {
54 | Background: &background{URL: "https://impactdevelopment.github.io/Resources/textures/backgrounds/daniel-leone-185834-unsplash.jpg"},
55 | },
56 | "eberhard-grossgasteiger": {
57 | Background: &background{URL: "https://impactdevelopment.github.io/Resources/textures/backgrounds/eberhard-grossgasteiger-299348-unsplash.jpg"},
58 | },
59 | "gabriele-garanzelli": {
60 | Background: &background{URL: "https://impactdevelopment.github.io/Resources/textures/backgrounds/gabriele-garanzelli-529492-unsplash.jpg"},
61 | },
62 | "james-donovan": {
63 | Background: &background{URL: "https://impactdevelopment.github.io/Resources/textures/backgrounds/james-donovan-180375-unsplash.jpg"},
64 | },
65 | "john-westrock": {
66 | Background: &background{URL: "https://impactdevelopment.github.io/Resources/textures/backgrounds/john-westrock-638048-unsplash.jpg"},
67 | },
68 | "julian-zett": {
69 | Background: &background{URL: "https://impactdevelopment.github.io/Resources/textures/backgrounds/julian-zett-643140-unsplash.jpg"},
70 | },
71 | "juskteez-vu": {
72 | Background: &background{URL: "https://impactdevelopment.github.io/Resources/textures/backgrounds/juskteez-vu-3824-unsplash.jpg"},
73 | },
74 | "martin-jernberg": {
75 | Background: &background{URL: "https://impactdevelopment.github.io/Resources/textures/backgrounds/martin-jernberg-197949-unsplash.jpg"},
76 | },
77 | "nasa": {
78 | Background: &background{URL: "https://impactdevelopment.github.io/Resources/textures/backgrounds/nasa-53884-unsplash.jpg"},
79 | },
80 | "olivier-miche": {
81 | Background: &background{URL: "https://impactdevelopment.github.io/Resources/textures/backgrounds/olivier-miche-508901-unsplash.jpg"},
82 | },
83 | "pascal-debrunner": {
84 | Background: &background{URL: "https://impactdevelopment.github.io/Resources/textures/backgrounds/pascal-debrunner-634122-unsplash.jpg"},
85 | },
86 | "patrick-fore": {
87 | Background: &background{URL: "https://impactdevelopment.github.io/Resources/textures/backgrounds/patrick-fore-562304-unsplash.jpg"},
88 | },
89 | "stephan-seeber": {
90 | Background: &background{URL: "https://impactdevelopment.github.io/Resources/textures/backgrounds/stephan-seeber-507791-unsplash.jpg"},
91 | },
92 | "stephen-wheeler": {
93 | Background: &background{URL: "https://impactdevelopment.github.io/Resources/textures/backgrounds/stephen-wheeler-732168-unsplash.jpg"},
94 | },
95 | "tanya-nevidoma": {
96 | Background: &background{URL: "https://impactdevelopment.github.io/Resources/textures/backgrounds/tanya-nevidoma-1085291-unsplash.jpg"},
97 | },
98 | "vashishtha-jogi": {
99 | Background: &background{URL: "https://impactdevelopment.github.io/Resources/textures/backgrounds/vashishtha-jogi-101218-unsplash.jpg"},
100 | },
101 | "wolfgang-hasselmann": {
102 | Background: &background{URL: "https://impactdevelopment.github.io/Resources/textures/backgrounds/wolfgang-hasselmann-1403514-unsplash.jpg"},
103 | },
104 | "yuriy-garnaev": {
105 | Background: &background{URL: "https://impactdevelopment.github.io/Resources/textures/backgrounds/yuriy-garnaev-395879-unsplash.jpg"},
106 | },
107 | }
108 |
--------------------------------------------------------------------------------
/src/util/urls.go:
--------------------------------------------------------------------------------
1 | package util
2 |
3 | import (
4 | "fmt"
5 | "net/url"
6 | "os"
7 | "strings"
8 | )
9 |
10 | func init() {
11 | // Run on init to panic early if we typo our hardcoded urls
12 | addr := GetServerURL()
13 | fmt.Println("Server URL is", addr)
14 | }
15 |
16 | func GetServerURL() *url.URL {
17 | var (
18 | addr *url.URL
19 | err error
20 | )
21 |
22 | if env := os.Getenv("SERVER_URL"); env != "" {
23 | addr, err = url.Parse(env)
24 | } else {
25 | port := strings.TrimSpace(os.Getenv("PORT"))
26 | switch port {
27 | case "80":
28 | port = ""
29 | case "":
30 | port = ":3000"
31 | default:
32 | port = ":" + port
33 | }
34 |
35 | addr, err = url.Parse("http://localhost" + port)
36 | }
37 |
38 | if err != nil {
39 | panic("Failed to parse server url")
40 | }
41 |
42 | return addr
43 | }
44 |
45 | // SetQuery changes the query parameters on the given url
46 | func SetQuery(address *url.URL, key, value string) {
47 | query := address.Query()
48 | query.Set(key, value)
49 | address.RawQuery = query.Encode()
50 | }
51 |
52 | // GetSubdomains tries to return the subdomain part from a host or hostname using ugly hacks.
53 | func GetSubdomains(host string) string {
54 | domains := []string{"localhost"}
55 | ogTLD := []string{"com", "org", "net", "int", "edu", "gov", "mil", "biz"}
56 | ccTLD := []string{"ac", "ad", "ae", "af", "ag", "ai", "al", "am", "ao", "aq", "ar", "as", "at", "au", "aw", "ax", "az", "ba", "bb", "bd", "be", "bf", "bg", "bh", "bi", "bj", "bm", "bn", "bo", "br", "bs", "bt", "bw", "by", "bz", "ca", "cc", "cd", "cf", "cg", "ch", "ci", "ck", "cl", "cm", "cn", "co", "cr", "cu", "cv", "cw", "cx", "cy", "cz", "de", "dj", "dk", "dm", "do", "dz", "ec", "ee", "eg", "er", "es", "et", "eu", "fi", "fj", "fk", "fm", "fo", "fr", "ga", "gd", "ge", "gf", "gg", "gh", "gi", "gl", "gm", "gn", "gp", "gq", "gr", "gs", "gt", "gu", "gw", "gy", "hk", "hm", "hn", "hr", "ht", "hu", "id", "ie", "il", "im", "in", "io", "iq", "ir", "is", "it", "je", "jm", "jo", "jp", "ke", "kg", "kh", "ki", "km", "kn", "kp", "kr", "kw", "ky", "kz", "la", "lb", "lc", "li", "lk", "lr", "ls", "lt", "lu", "lv", "ly", "ma", "mc", "md", "me", "mg", "mh", "mk", "ml", "mm", "mn", "mo", "mp", "mq", "mr", "ms", "mt", "mu", "mv", "mw", "mx", "my", "mz", "na", "nc", "ne", "nf", "ng", "ni", "nl", "no", "np", "nr", "nu", "nz", "om", "pa", "pe", "pf", "pg", "ph", "pk", "pl", "pm", "pn", "pr", "ps", "pt", "pw", "py", "qa", "re", "ro", "rs", "ru", "rw", "sa", "sb", "sc", "sd", "se", "sg", "sh", "si", "sk", "sl", "sm", "sn", "so", "sr", "ss", "st", "su", "sv", "sx", "sy", "sz", "tc", "td", "tf", "tg", "th", "tj", "tk", "tl", "tm", "tn", "to", "tr", "tt", "tv", "tw", "tz", "ua", "ug", "uk", "us", "uy", "uz", "va", "vc", "ve", "vg", "vi", "vn", "vu", "wf", "ws", "ye", "yt", "za", "zm", "zw", "xn--lgbbat1ad8j", "xn--y9a3aq", "xn--mgbcpq6gpa1a", "xn--54b7fta0cc", "xn--90ais", "xn--90ae", "xn--fiqs8s", "xn--fiqz9s", "xn--wgbh1c", "xn--e1a4c", "xn--qxa6a", "xn--node", "xn--qxam", "xn--j6w193g", "xn--h2brj9c", "xn--mgbbh1a71e", "xn--fpcrj9c3d", "xn--gecrj9c", "xn--s9brj9c", "xn--xkc2dl3a5ee0h", "xn--45brj9c", "xn--2scrj9c", "xn--rvc1e0am3e", "xn--45br5cyl", "xn--3hcrj9c", "xn--mgbbh1a", "xn--h2breg3eve", "xn--h2brj9c8c", "xn--mgbgu82a", "xn--mgba3a4f16a", "xn--mgbtx2b", "xn--mgbayh7gpa", "xn--80ao21a", "xn--q7ce6a", "xn--mix082f", "xn--mix891f", "xn--mgbx4cd0ab", "xn--mgbah1a3hjkrd", "xn--l1acc", "xn--mgbc0a9azcg", "xn--d1alf", "xn--mgb9awbf", "xn--mgbai9azgqp6j", "xn--ygbi2ammx", "xn--wgbl6a", "xn--p1ai", "xn--mgberp4a5d4ar", "xn--90a3ac", "xn--yfro4i67o", "xn--clchc0ea0b2g2a9gcd", "xn--3e0b707e", "xn--fzc2c9e2c", "xn--xkc2al3hye2a", "xn--mgbpl2fh", "xn--ogbpf8fl", "xn--kprw13d", "xn--kpry57d", "xn--o3cw4h", "xn--pgbs0dh", "xn--j1amh", "xn--mgbaam7a8h", "xn--mgb2ddes"}
57 | localTLD := []string{"example", "invalid", "local", "test"}
58 | sLD := []string{"com", "co", "me", "net", "org", "sch", "edu"}
59 |
60 | host = stripPort(host)
61 |
62 | tld := getTLD(host)
63 | host = stripTLD(host)
64 |
65 | if contains(domains, tld) {
66 | return host
67 | }
68 |
69 | if contains(localTLD, tld) {
70 | return stripTLD(host)
71 | }
72 |
73 | if contains(ogTLD, tld) {
74 | return stripTLD(host)
75 | }
76 |
77 | if contains(ccTLD, tld) {
78 | tld2 := getTLD(host)
79 | host2 := stripTLD(host)
80 | // check 2nd level domain on ccTLDs
81 | if contains(sLD, tld2) {
82 | return stripTLD(host2)
83 | }
84 | return host2
85 | }
86 | return ""
87 | }
88 |
89 | func stripPort(host string) string {
90 | i := strings.LastIndex(host, ":")
91 | if i < 0 {
92 | return host
93 | }
94 | return host[:i]
95 | }
96 |
97 | func getTLD(domain string) string {
98 | i := strings.LastIndex(domain, ".")
99 | if i < 0 {
100 | return domain
101 | }
102 | return domain[i+1:]
103 | }
104 |
105 | func stripTLD(domain string) string {
106 | i := strings.LastIndex(domain, ".")
107 | if i < 0 {
108 | return ""
109 | }
110 | return domain[:i]
111 | }
112 |
113 | func contains(slice []string, entry string) bool {
114 | for _, value := range slice {
115 | if value == entry {
116 | return true
117 | }
118 | }
119 | return false
120 | }
121 |
--------------------------------------------------------------------------------
/src/util/http_test.go:
--------------------------------------------------------------------------------
1 | package util
2 |
3 | import (
4 | "bytes"
5 | "io/ioutil"
6 | "net/http"
7 | "strconv"
8 | "testing"
9 |
10 | "github.com/stretchr/testify/assert"
11 | )
12 |
13 | // testRoundTripper implements http.RoundTripper
14 | type testRoundTripper func(req *http.Request, body string) *http.Response
15 |
16 | func (f testRoundTripper) RoundTrip(req *http.Request) (*http.Response, error) {
17 | // Read body if it exists so we can pass it on as a string
18 | var body []byte
19 | if req.Body != nil {
20 | defer req.Body.Close()
21 | body, _ = ioutil.ReadAll(req.Body)
22 | }
23 |
24 | return f(req, string(body)), nil
25 | }
26 |
27 | //testClient returns *http.Client with Transport replaced to avoid making real calls
28 | func testClient(roundTripFunc testRoundTripper) *http.Client {
29 | return &http.Client{
30 | Transport: roundTripFunc,
31 | }
32 | }
33 |
34 | // testResponse reduces some of the boilerplate needed in a testClient's testRoundTripper callback
35 | func testResponse(status int, body string, headers map[string]string) *http.Response {
36 | h := http.Header{}
37 | if headers != nil {
38 | for key, value := range headers {
39 | h.Set(key, value)
40 | }
41 | }
42 |
43 | return &http.Response{
44 | StatusCode: status,
45 | Body: ioutil.NopCloser(bytes.NewBufferString(body)),
46 | Header: h,
47 | }
48 | }
49 |
50 | type (
51 | testStruct1 struct {
52 | It string `json:"it" xml:"it" form:"it"`
53 | }
54 | testStruct2 struct {
55 | That string `json:"that" xml:"that" form:"that"`
56 | }
57 | )
58 |
59 | func TestGet(t *testing.T) {
60 | request, err := GetRequest("http://example.com/some/path")
61 | assert.NoError(t, err)
62 |
63 | // Override client to avoid actually sending request
64 | request.client = testClient(func(req *http.Request, body string) *http.Response {
65 | // Test request parameters
66 | assert.Equal(t, req.URL.String(), "http://example.com/some/path")
67 | assert.Equal(t, req.Method, http.MethodGet)
68 | assert.Empty(t, body)
69 |
70 | assert.Equal(t, "ImpactServer", req.UserAgent())
71 | assert.Equal(t, "ImpactServer", req.Header.Get("User-Agent"))
72 |
73 | return testResponse(http.StatusOK, "OK", nil)
74 | })
75 |
76 | response, err := request.Do()
77 | assert.NoError(t, err)
78 |
79 | assert.True(t, response.Ok())
80 | assert.Equal(t, 200, response.Code())
81 | assert.Equal(t, "200 OK", response.Status())
82 |
83 | body := response.String()
84 | assert.Equal(t, "OK", body)
85 |
86 | assert.NoError(t, err)
87 | assert.Equal(t, "OK", body)
88 | }
89 |
90 | func TestJSON(t *testing.T) {
91 | reqBody := testStruct1{"Hello, world"}
92 | request, err := JSONRequest("http://example.com/some/other/path", reqBody)
93 | assert.NoError(t, err)
94 |
95 | // Override client to avoid actually sending request
96 | request.client = testClient(func(req *http.Request, body string) *http.Response {
97 | // Test request parameters
98 | assert.Equal(t, req.URL.String(), "http://example.com/some/other/path")
99 | assert.Equal(t, req.Method, http.MethodPost)
100 | assert.Equal(t, `{"it":"Hello, world"}`, body)
101 |
102 | assert.Equal(t, "ImpactServer", req.UserAgent())
103 | assert.Equal(t, "application/json", req.Header.Get("Content-Type"))
104 | length, err := strconv.Atoi(req.Header.Get("Content-Length"))
105 | assert.NoError(t, err)
106 | assert.Equal(t, len(body), length)
107 |
108 | return testResponse(http.StatusOK, `{"that":"thing"}`, nil)
109 | })
110 |
111 | response, err := request.Do()
112 | assert.NoError(t, err)
113 |
114 | assert.True(t, response.Ok())
115 | assert.Equal(t, 200, response.Code())
116 | assert.Equal(t, "200 OK", response.Status())
117 |
118 | body := testStruct2{}
119 | err = response.JSON(&body)
120 | assert.NoError(t, err)
121 | assert.Equal(t, testStruct2{"thing"}, body)
122 | assert.Equal(t, "thing", body.That)
123 | }
124 |
125 | func TestXML(t *testing.T) {
126 | reqBody := testStruct1{"Hello, world"}
127 | request, err := XMLRequest("http://example.com/some/other/path", reqBody)
128 | assert.NoError(t, err)
129 |
130 | // Override client to avoid actually sending request
131 | request.client = testClient(func(req *http.Request, body string) *http.Response {
132 | // Test request parameters
133 | assert.Equal(t, req.URL.String(), "http://example.com/some/other/path")
134 | assert.Equal(t, req.Method, http.MethodPost)
135 | assert.Equal(t, ``+"\n"+`
60 |
101 |
61 |
67 |
62 |
66 | Impact supports Minecraft 1.16.5, 1.15.2, 1.14.4, 1.13.2, 1.12.2, 1.12.1, 1.12, and 1.11.2.
63 |Impact does NOT support cracked/non-premium launchers.
64 | 65 |
68 |
100 |
69 |
77 |
78 |
98 |
99 | Alternatives
70 |
71 | Please note, this list is manually compiled. We cannot garentee its acuracy nor can we promise to keep it up to date.
72 |
73 | The projects listed here are third-party projects, not afiliated with Impact in any way. We do not endorse them and cannot garentee they are safe to use.
74 |
| Name | 80 |Cost | 81 |Notes | 82 |Versions | 83 |
|---|---|---|---|
| Future | 86 |One-time purchase | 87 |Future is a premium client with support for the latest versions, popular with players on various anarchy servers. Impact, sponsered by Future™ | 88 |1.14.4, 1.13.2, 1.12.2, 1.8.9 | 89 |
| Aristois | 92 |Free (optional donation perks) | 93 |Aristois is a free (closed-source) mod that aims to be always up-to-date with the latest minecraft versions. It can be installed with support for Fabric, Forge, MultiMC, and more. | 94 |1.8.9 through 1.18.2 | 95 |
25 | Click here to reset your password or copy the following link if that doesn't work: 26 |
27 |28 | %s 29 |` 30 | ) 31 | 32 | func resetPassword(c echo.Context) error { 33 | var body struct { 34 | Email string `json:"email" form:"email" query:"email"` 35 | } 36 | err := c.Bind(&body) 37 | if err != nil { 38 | return err 39 | } 40 | if body.Email == "" { 41 | return echo.NewHTTPError(http.StatusBadRequest, "email is required") 42 | } 43 | 44 | err = recaptcha.Verify(c) 45 | if err != nil { 46 | return err 47 | } 48 | 49 | user := database.LookupUserByEmail(strings.TrimSpace(body.Email)) 50 | if user == nil { 51 | return echo.NewHTTPError(http.StatusBadRequest, "user not found") 52 | } 53 | 54 | token, err := genToken(user.ID) 55 | if err != nil { 56 | return err 57 | } 58 | resetURL := util.GetServerURL() 59 | resetURL.Path = "/forgotpassword.html" 60 | resetURL.RawQuery = url.Values{"token": {token.String()}}.Encode() 61 | 62 | // Send user an email, don't just give anyone a token lol 63 | message := mailgun.MG.NewMessage("Impact
129 |
171 |
172 |
184 |
185 |
186 |
187 |
195 |
196 |
197 |
198 |
--------------------------------------------------------------------------------
130 |
131 |
169 |
170 | The Discord has been terminated. Check back here later.