http auth api feature

Author: serghey-rodin

bin/v-add-web-domain-httpauth

@@ -0,0 +1,108 @@
+#!/bin/bash
+# info: add password protection for web domain
+# options: USER DOMAIN AUTH_USER AUTH_PASSWORD [RESTART]
+#
+# The call is used for securing web domain with http auth
+
+
+#----------------------------------------------------------#
+#                    Variable&Function                     #
+#----------------------------------------------------------#
+
+# Argument defenition
+user=$1
+domain=$2
+auth_user=$3
+password=$4
+restart=${5-yes}
+
+# Includes
+source $VESTA/func/main.sh
+source $VESTA/func/domain.sh
+source $VESTA/conf/vesta.conf
+
+# Hiding password
+A4='******'
+EVENT="$DATE $TIME $SCRIPT $A1 $A2 $A3 $A4 $A5 $A6 $A7 $A8 $A9"
+
+# Definining htpasswd file
+htaccess="$HOMEDIR/$user/conf/web/$WEB_SYSTEM.$domain.conf_htaccess"
+htpasswd="$HOMEDIR/$user/conf/web/$WEB_SYSTEM.$domain.htpasswd"
+docroot="$HOMEDIR/$user/web/$domain/public_html"
+
+
+#----------------------------------------------------------#
+#                    Verifications                         #
+#----------------------------------------------------------#
+
+check_args '4' "$#" 'USER DOMAIN AUTH_USER AUTH_PASSWORD [RESTART]'
+validate_format 'user' 'domain'
+is_system_enabled "$WEB_SYSTEM" 'WEB_SYSTEM'
+is_object_valid 'user' 'USER' "$user"
+is_object_unsuspended 'user' 'USER' "$user"
+is_object_valid 'web' 'DOMAIN' "$domain"
+is_object_unsuspended 'web' 'DOMAIN' "$domain"
+is_password_valid
+get_domain_values 'web'
+if [ ! -z "$(echo "$AUTH_USER" |tr : '\n' |grep ^$auth_user$)" ]; then
+    echo "Error: auth user $auth_user already exists"
+    log_event "$E_EXISTS" "$EVENT"
+    exit $E_EXISTS
+fi
+
+
+#----------------------------------------------------------#
+#                       Action                             #
+#----------------------------------------------------------#
+
+# Adding htaccess password protection
+if [ ! -e "$htaccess" ]; then
+    if [ "$WEB_SYSTEM" != 'nginx' ]; then
+        echo "<Directory $docroot>" > $htaccess
+        echo "    AuthUserFile $htpasswd" >> $htaccess
+        echo "    AuthName \"$domain access\"" >> $htaccess
+        echo "    AuthType Basic" >> $htaccess
+        echo "    Require valid-user" >> $htaccess
+        echo "</Directory>" >> $htaccess
+    else
+        echo "auth_basic  \"$domain password access\";" > $htaccess
+        echo "auth_basic_user_file    $htpasswd;" >> $htaccess
+    fi
+    restart_required='yes'
+fi
+
+# Adding httpasswd user
+auth_hash=$($BIN/v-generate-password-hash htpasswd htpasswd $password)
+touch $htpasswd
+sed -i "/^$auth_user:/d" $htpasswd
+echo "$auth_user:$auth_hash" >> $htpasswd
+
+# Restarting web server
+if [ "$restart" != 'no' ] && [ "$restart_required" = 'yes' ]; then
+    $BIN/v-restart-web
+fi
+
+
+#----------------------------------------------------------#
+#                       Vesta                              #
+#----------------------------------------------------------#
+
+# Preparing web.conf keys
+if [ ! -z "$AUTH_USER" ]; then
+    auth_user="$AUTH_USER:$auth_user"
+    auth_hash="$AUTH_HASH:$auth_hash"
+else
+    # Adding new key into web.conf
+    add_object_key "web" 'DOMAIN' "$domain" 'AUTH_USER' 'U_DISK'
+    add_object_key "web" 'DOMAIN' "$domain" 'AUTH_HASH' 'U_DISK'
+fi
+
+# Updating config
+update_object_value 'web' 'DOMAIN' "$domain" '$AUTH_USER' "$auth_user"
+update_object_value 'web' 'DOMAIN' "$domain" '$AUTH_HASH' "$auth_hash"
+
+# Logging
+log_history "added http auth user $httpauth_user on $domain"
+log_event "$OK" "$EVENT"
+
+exit

bin/v-change-web-domain-httpauth

@@ -0,0 +1,80 @@
+#!/bin/bash
+# info: change password for http auth user
+# options: USER DOMAIN AUTH_USER AUTH_PASSWORD
+#
+# The call is used for chaning http auth user password
+
+
+#----------------------------------------------------------#
+#                    Variable&Function                     #
+#----------------------------------------------------------#
+
+# Argument defenition
+user=$1
+domain=$2
+auth_user=$3
+password=$4
+
+# Includes
+source $VESTA/func/main.sh
+source $VESTA/func/domain.sh
+source $VESTA/conf/vesta.conf
+
+# Hiding password
+A4='******'
+EVENT="$DATE $TIME $SCRIPT $A1 $A2 $A3 $A4 $A5 $A6 $A7 $A8 $A9"
+
+# Definining htpasswd file
+htpasswd="$HOMEDIR/$user/conf/web/$WEB_SYSTEM.$domain.htpasswd"
+
+
+#----------------------------------------------------------#
+#                    Verifications                         #
+#----------------------------------------------------------#
+
+check_args '4' "$#" 'USER DOMAIN AUTH_USER AUTH_PASSWORD [RESTART]'
+validate_format 'user' 'domain'
+is_system_enabled "$WEB_SYSTEM" 'WEB_SYSTEM'
+is_object_valid 'user' 'USER' "$user"
+is_object_unsuspended 'user' 'USER' "$user"
+is_object_valid 'web' 'DOMAIN' "$domain"
+is_object_unsuspended 'web' 'DOMAIN' "$domain"
+is_password_valid
+get_domain_values 'web'
+if [ -z "$(echo "$AUTH_USER" |tr : '\n' |grep ^$auth_user$)" ]; then
+    echo "Error: auth user $auth_user doesn't exist"
+    log_event "$E_NOTEXIST" "$EVENT"
+    exit $E_NOTEXIST
+fi
+
+
+#----------------------------------------------------------#
+#                       Action                             #
+#----------------------------------------------------------#
+
+# Adding httpasswd user
+auth_hash=$($BIN/v-generate-password-hash htpasswd htpasswd $password)
+touch $htpasswd
+sed -i "/^$auth_user:/d" $htpasswd
+echo "$auth_user:$auth_hash" >> $htpasswd
+
+
+#----------------------------------------------------------#
+#                       Vesta                              #
+#----------------------------------------------------------#
+
+# Rebuilding AUTH_HASH variable
+position=$(echo $AUTH_USER |tr ':' '\n' |grep -n '' |grep ":$auth_user$" |\
+    cut -f 1 -d:)
+auth_hash=$(echo $AUTH_HASH |tr ':' '\n' |grep -n '' |\
+    sed -e "s%^$position:.*%$position:$auth_hash%" |\
+    cut -f 2 -d :| sed -e "/^$/d"| sed -e ':a;N;$!ba;s/\n/:/g')
+
+# Updating config
+update_object_value 'web' 'DOMAIN' "$domain" '$AUTH_HASH' "$auth_hash"
+
+# Logging
+log_history "changed auth user $httpauth_user password on $domain"
+log_event "$OK" "$EVENT"
+
+exit

bin/v-delete-web-domain-httpauth

@@ -0,0 +1,87 @@
+#!/bin/bash
+# info: delete http auth user
+# options: USER DOMAIN AUTH_USER [RESTART]
+#
+# The call is used for deleting http auth user
+
+
+#----------------------------------------------------------#
+#                    Variable&Function                     #
+#----------------------------------------------------------#
+
+# Argument defenition
+user=$1
+domain=$2
+auth_user=$3
+restart=${4-yes}
+
+# Includes
+source $VESTA/func/main.sh
+source $VESTA/func/domain.sh
+source $VESTA/conf/vesta.conf
+
+# Definining htpasswd file
+htaccess="$HOMEDIR/$user/conf/web/$WEB_SYSTEM.$domain.conf_htaccess"
+htpasswd="$HOMEDIR/$user/conf/web/$WEB_SYSTEM.$domain.htpasswd"
+
+
+#----------------------------------------------------------#
+#                    Verifications                         #
+#----------------------------------------------------------#
+
+check_args '3' "$#" 'USER DOMAIN AUTH_USER [RESTART]'
+validate_format 'user' 'domain'
+is_system_enabled "$WEB_SYSTEM" 'WEB_SYSTEM'
+is_object_valid 'user' 'USER' "$user"
+is_object_unsuspended 'user' 'USER' "$user"
+is_object_valid 'web' 'DOMAIN' "$domain"
+is_object_unsuspended 'web' 'DOMAIN' "$domain"
+is_password_valid
+get_domain_values 'web'
+if [ -z "$(echo "$AUTH_USER" |tr : '\n' |grep ^$auth_user$)" ]; then
+    echo "Error: auth user $auth_user doesn't exist"
+    log_event "$E_NOTEXIST" "$EVENT"
+    exit $E_NOTEXIST
+fi
+
+
+#----------------------------------------------------------#
+#                       Action                             #
+#----------------------------------------------------------#
+
+# Deleting auth user
+sed -i "/^$auth_user:/d" $htpasswd
+
+# Deleting password protection
+if [ "$(echo "$AUTH_USER" |tr : '\n' |wc -l)" -le 1 ]; then
+    rm -f $htaccess
+    restart_required='yes'
+fi
+
+# Restarting web server
+if [ "$restart" != 'no' ] && [ "$restart_required" = 'yes' ]; then
+    $BIN/v-restart-web
+fi
+
+
+#----------------------------------------------------------#
+#                       Vesta                              #
+#----------------------------------------------------------#
+
+# Rebuilding FTP variables
+position=$(echo $AUTH_USER |tr ':' '\n' |grep -n '' |grep ":$auth_user$" |\
+    cut -f 1 -d:)
+auth_user=$(echo $AUTH_USER |tr ':' '\n' |grep -n '' |grep -v "^$position:" |\
+    cut -f 2 -d :| sed -e "/^$/d"| sed -e ':a;N;$!ba;s/\n/:/g')
+auth_hash=$(echo $AUTH_HASH |tr ':' '\n' |grep -n '' |grep -v "^$position:" |\
+    cut -f 2 -d :| sed -e ':a;N;$!ba;s/\n/:/g')
+
+# Update config
+update_object_value 'web' 'DOMAIN' "$domain" '$AUTH_USER' "$auth_user"
+update_object_value 'web' 'DOMAIN' "$domain" '$AUTH_HASH' "$auth_hash"
+
+# Logging
+log_history "changed auth user $httpauth_user password on $domain"
+log_event "$OK" "$EVENT"
+
+exit

bin/v-generate-password-hash

@@ -32,5 +32,10 @@ if ($crypt == 'sha-512' ) {
     $hash = str_replace('$rounds=5000','',$hash);
 }
 
+// Generating base64 hash
+if ($crypt == 'htpasswd' ) {
+    $hash = crypt($password, base64_encode($password));
+}
+
 // Printing result
 echo $hash . "\n";

bin/v-list-web-domain

@@ -76,7 +76,7 @@ conf=$USER_DATA/web.conf
 
 # Defining fileds to select
 fields='$DOMAIN $IP $IP6 $U_DISK $U_BANDWIDTH $TPL $ALIAS $STATS $STATS_USER
-    $SSL $SSL_HOME $FTP_USER $FTP_PATH $BACKEND $PROXY $PROXY_EXT
+    $SSL $SSL_HOME $FTP_USER $FTP_PATH $BACKEND $PROXY $PROXY_EXT $AUTH_USER
     $DOCUMENT_ROOT $SUSPENDED $TIME $DATE'
 
 # Defining document root

bin/v-list-web-domains

@@ -35,7 +35,7 @@ conf=$USER_DATA/web.conf
 
 # Defining fileds to select
 fields="\$DOMAIN \$IP \$IP6 \$U_DISK \$U_BANDWIDTH \$TPL \$ALIAS \$STATS"
-fields="$fields \$STATS_USER \$SSL \$SSL_HOME \$FTP_USER \$FTP_PATH"
+fields="$fields \$STATS_USER \$SSL \$SSL_HOME \$FTP_USER \$FTP_PATH \$AUTH_USER"
 fields="$fields \$BACKEND \$PROXY \$PROXY_EXT \$SUSPENDED \$TIME \$DATE"
 
 # Listing domains