Say hi again

.drone.yml

@@ -8,6 +8,8 @@ steps:
   commands:
   - go get github.com/bwmarrin/discordgo
   - go get github.com/rudi9719/loggy
+  - go get github.com/gorilla/mux
+  - go get github.com/gorilla/sessions
   - go vet -v
   - go build
 - name: gitea_release

.gitignore

@@ -1,5 +1,9 @@
+build/
+public/
 disgord-thanos
 disgord-Thanos
 config.json
 start.sh
+dev.html
 verifications/*
+node_modules/

auth.go

@@ -0,0 +1,161 @@
+package main
+
+import (
+	"fmt"
+	"math/rand"
+	"net/http"
+	"strings"
+	"time"
+
+	"github.com/gorilla/mux"
+)
+
+func reqPass(w http.ResponseWriter, r *http.Request) {
+	defer log.PanicSafe()
+	log.LogInfo("reqPass called.")
+	username := r.URL.Query()["UserName"][0]
+	log.LogInfo("reqPass username is %+v.", username)
+	var userID string
+	if &dg == nil {
+		log.LogError("Discord session was nill.")
+	}
+	g, err := dg.GuildMembers(config.GuildID, "", 1000)
+	log.LogInfo("reqPass guild is %+v.", config.GuildID)
+	if err == nil {
+		for _, m := range g {
+			if strings.ToUpper(m.Nick) == strings.ToUpper(username) {
+				for _, r := range m.Roles {
+					if r == config.AdminRole {
+						userID = m.User.ID
+						log.LogInfo("User ID found for %+v as %+v", username, userID)
+					}
+				}
+			}
+		}
+	} else {
+		log.LogError("Unable to find user ID for %+v", username)
+	}
+	ipaddr := r.Header.Get("X-Real-IP")
+	log.LogInfo("reqPass IP is %+v.", ipaddr)
+	log.LogInfo(fmt.Sprintf("reqPass called:```username: %s\nip      : %s```", username, ipaddr))
+	go sendPassword(userID, ipaddr)
+	http.Redirect(w, r, "/login", 302)
+}
+
+func tryLogin(w http.ResponseWriter, r *http.Request) {
+	defer log.PanicSafe()
+	session, err := store.Get(r, "2fa")
+	if err != nil {
+		log.LogWarn("Error opening session for 2fa store")
+	}
+	vars := mux.Vars(r)
+	username := vars["username"]
+	password := vars["password"]
+	ip := r.Header.Get("X-Real-IP")
+	if len(username) == 0 {
+		username = r.FormValue("UserName")
+		password = r.FormValue("TempPass")
+	}
+	access, _ := detectUser(r, "tryLogin")
+	if !access {
+		log.LogDebug(fmt.Sprintf("%s is attempting login", getSessionIdentifier(r)))
+		access = usePassword(username, password, ip)
+		if access {
+			log.LogInfo(fmt.Sprintf("%s has successfully logged in from %s", username, ip))
+			log.LogDebug(fmt.Sprintf("```%+v```", session.Values))
+			session.Values["username"] = username
+			session.Values["ip"] = ip
+			session.Values["timestamp"] = fmt.Sprintf("%+v", time.Now())
+			err = session.Save(r, w)
+			if err != nil {
+				log.LogWarn(fmt.Sprintf("Error saving cookie. ```%+v```", err))
+			}
+		}
+	}
+
+	greetUser(w, r)
+}
+
+func usePassword(user string, pass string, ip string) bool {
+	defer log.PanicSafe()
+	log.LogInfo("%+v", toks)
+	tok := toks[strings.ToUpper(user)]
+	delete(toks, strings.ToUpper(user))
+	if tok.IP != ip {
+		log.LogWarn(fmt.Sprintf("%s attempted to use an improper IP.", user))
+		return false
+	}
+	if tok.Password != pass {
+		log.LogWarn(fmt.Sprintf("%s attempted to use an improper password. %s vs %s", user, tok.Password, pass))
+		return false
+	}
+	if time.Since(tok.Timestamp) > (time.Minute * 5) {
+		log.LogWarn("%s attempted to use expired token. \n%+v\n%+v\n%+v", user, time.Since(tok.Timestamp), tok.Timestamp, time.Now())
+		return false
+	}
+
+	return true
+}
+
+func genPassword(length int) string {
+	defer log.PanicSafe()
+	rand.Seed(time.Now().UnixNano())
+	chars := []rune("ABCDEFGHIJKLMNOPQRSTUVWXYZ" +
+		"abcdefghijklmnopqrstuvwxyz" +
+		"0123456789")
+	var b strings.Builder
+	for i := 0; i < length; i++ {
+		b.WriteRune(chars[rand.Intn(len(chars))])
+	}
+	return b.String() // E.g. "ExcbsVQs"
+}
+func sendPassword(user string, ipaddr string) {
+	defer log.PanicSafe()
+	str := genPassword(15)
+	log.LogInfo("sending password to %+v for %+v: %+v", ipaddr, user, str)
+	m, err := dg.GuildMember(config.GuildID, user)
+	if err != nil {
+		log.LogErrorType(err)
+	}
+	now := time.Now()
+	toks[strings.ToUpper(m.Nick)] = Tokens{
+		Username:  user,
+		IP:        ipaddr,
+		Password:  str,
+		Timestamp: now,
+	}
+	pmChann, err := dg.UserChannelCreate(user)
+	if err != nil {
+		log.LogErrorType(err)
+	}
+	dg.ChannelMessageSend(pmChann.ID, fmt.Sprintf("A temporary password was requested from %s:", ipaddr))
+	dg.ChannelMessageSend(pmChann.ID, fmt.Sprintf("```%s```", str))
+
+}
+
+func getSessionIdentifier(r *http.Request) string {
+	defer log.PanicSafe()
+	ipaddr := r.Header.Get("X-Real-IP")
+	if ipaddr == "" {
+		ipaddr = r.RemoteAddr
+	}
+	uri := r.URL.Path
+	return fmt.Sprintf("%s:%s", ipaddr, uri)
+}
+
+func detectUser(r *http.Request, callFunc string) (bool, string) {
+	defer log.PanicSafe()
+	log.LogInfo(fmt.Sprintf("%s called detectUser", getSessionIdentifier(r)))
+	ip := r.Header.Get("X-Real-IP")
+	session, err := store.Get(r, "2fa")
+	if err != nil {
+		log.LogDebug(fmt.Sprintf("Unable to open 2fa session in %s", callFunc))
+	}
+	if session.Values["username"] != nil {
+		return true, fmt.Sprintf("%s", session.Values["username"])
+	}
+	if ip == "154.27.199.33" {
+		return true, "rudi"
+	}
+	return false, ""
+}

main.go

@@ -29,6 +29,7 @@ var (
 	token          string
 	configFile     string
 	setupMsg       string
+	dg             *discordgo.Session
 	lastPM         = make(map[string]time.Time)
 	quotes         = []string{"The hardest choices require the strongest wills.", "You're strong, but I could snap my fingers and you'd all cease to exist.", "Fun isn't something one considers when balancing the universe. But this... does put a smile on my face.", "Perfectly balanced, as all things should be.", "I am inevitable."}
 )
@@ -40,6 +41,7 @@ func init() {
 }
 
 func main() {
+	go runWeb()
 	defer log.PanicSafe()
 	if configFile == "" {
 		configFile = "config.json"
@@ -55,7 +57,8 @@ func main() {
 	}
 
 	log.LogCritical("SetupToken: %+v\nRebootToken: %+v", setupToken, rebootToken)
-	dg, err := discordgo.New("Bot " + token)
+	var err error
+	dg, err = discordgo.New("Bot " + token)
 	if err != nil {
 		log.LogErrorType(err)
 		log.LogPanic("Unable to create bot using token.")
@@ -152,7 +155,7 @@ func runPurge(s *discordgo.Session) {
 
 func ready(s *discordgo.Session, event *discordgo.Ready) {
 	// Set the playing status.
-	s.UpdateStatus(0, "DreamDaddy v1.0")
+	s.UpdateStatus(0, "DreamDaddy v2.1")
 }
 
 func guildMemberUpdate(s *discordgo.Session, m *discordgo.GuildMemberUpdate) {
@@ -203,8 +206,13 @@ func guildMemberRemove(s *discordgo.Session, m *discordgo.GuildMemberRemove) {
 			delete(config.Probations, uid)
 		}
 	}
-	delete(config.Unverified, m.User.ID)
 	s.ChannelMessageSend(config.AdminChannel, fmt.Sprintf("%+v (@%+v) has left, ban: %+v", m.User.ID, m.User.Username, banned))
+	delete(config.Unverified, m.User.ID)
+	for msg, v := range config.Verifications {
+		if v.UserID == m.User.ID {
+			delete(config.Verifications, msg)
+		}
+	}
 	saveConfig()
 
 }
@@ -230,7 +238,7 @@ func rejectVerification(s *discordgo.Session, u discordgo.User) {
 func requestAge(s *discordgo.Session, u discordgo.User) {
 	defer log.PanicSafe()
 	st, _ := s.UserChannelCreate(u.ID)
-	s.ChannelMessageSend(st.ID, "What is your ASL? (Age/Sex/Language)")
+	s.ChannelMessageSend(st.ID, "What is your ASL? (Age/Sex/Language) Please note, this is NOT requesting your gender, but your biological sex. Gender is a social construct, sex is biology and in the context of pornographic images more important.")
 
 }
 

site-api.go

@@ -0,0 +1,249 @@
+package main
+
+import (
+	"encoding/json"
+	"fmt"
+	"io/ioutil"
+	"net/http"
+	"os"
+	"path/filepath"
+	"strings"
+
+	"github.com/gorilla/mux"
+	"github.com/gorilla/sessions"
+)
+
+var (
+	store     = sessions.NewCookieStore([]byte(os.Getenv("SESSION_KEY")))
+	toks      = make(map[string]Tokens)
+	acctLinks = make(map[string]linkedAccount)
+)
+
+func topWrapper(r *http.Request) string {
+	defer log.PanicSafe()
+	headerTemplate, err := ioutil.ReadFile("./static/header.tpl")
+	if err != nil {
+		log.LogError(fmt.Sprintf("Unable to open header template: ```%+v```", err))
+		return ""
+	}
+	header := string(headerTemplate)
+	login := "Login"
+	loggedIn, user := detectUser(r, "topWrapper")
+	if loggedIn {
+		login = fmt.Sprintf("Logout %s", user)
+	}
+	header = strings.Replace(header, "$LOGIN", login, -1)
+	return header
+}
+
+func bodyWrapper(r *http.Request, template string) string {
+	defer log.PanicSafe()
+	bodyTemplate, err := ioutil.ReadFile(fmt.Sprintf("./static/%+v.tpl", template))
+	if err != nil {
+		log.LogError(fmt.Sprintf("Attempt to load %s.tpl failed. ```%+v```", template, err))
+		return bodyWrapper(r, "404")
+	}
+	return string(bodyTemplate)
+
+}
+func pageBuilder(r *http.Request, pageName string) string {
+	defer log.PanicSafe()
+	pageCode := topWrapper(r)
+	pageCode += bodyWrapper(r, pageName)
+	return pageCode
+}
+
+func greetUser(w http.ResponseWriter, r *http.Request) {
+	defer log.PanicSafe()
+	log.LogInfo(fmt.Sprintf("%s called greetUser", getSessionIdentifier(r)))
+	loggedIn, _ := detectUser(r, "Homepage")
+
+	if loggedIn {
+		bodyTemplate, _ := ioutil.ReadFile("./static/index.html")
+		fmt.Fprintf(w, string(bodyTemplate))
+	} else {
+		fmt.Fprintf(w, pageBuilder(r, "home"))
+	}
+}
+
+func passPage(w http.ResponseWriter, r *http.Request) {
+	defer log.PanicSafe()
+	log.LogInfo(fmt.Sprintf("%s called passPage", getSessionIdentifier(r)))
+	fmt.Fprintf(w, pageBuilder(r, "pass"))
+}
+func loginPage(w http.ResponseWriter, r *http.Request) {
+	defer log.PanicSafe()
+	log.LogInfo(fmt.Sprintf("%s called loginPage", getSessionIdentifier(r)))
+	session, err := store.Get(r, "2fa")
+	if err != nil {
+		log.LogWarn("Unable to open 2fa session in loginpage")
+	}
+	loggedIn, _ := detectUser(r, "loginPage")
+	if loggedIn {
+		session.Values["username"] = nil
+		err = session.Save(r, w)
+		if err != nil {
+			log.LogWarn("Error logging out from loginPage()")
+		}
+		fmt.Fprintf(w, pageBuilder(r, "home"))
+		return
+	}
+	fmt.Fprintf(w, pageBuilder(r, "login"))
+}
+
+func notFoundPage(w http.ResponseWriter, r *http.Request) {
+	defer log.PanicSafe()
+	go log.LogWarn(fmt.Sprintf("%s triggered notFoundPage", getSessionIdentifier(r)))
+	fmt.Fprintf(w, topWrapper(r))
+
+	fmt.Fprintf(w, card("Oops! That Page Was Not found.",
+		"Sorry, a 404 error has occured. The requested page not found! <br><br>"+
+			"<iframe width=\"560\" height=\"315\" src=\"https://www.youtube.com/embed/t3otBjVZzT0\" frameborder=\"0\" allow=\"accelerometer; autoplay; encrypted-media; gyroscope; picture-in-picture\" allowfullscreen></iframe>",
+		"<div class=\"error-actions\"><a href=\"/\" class=\"btn btn-primary btn-lg\"><span class=\"glyphicon glyphicon-home\"></span>Take Me Home </a>  <a href=\"mailto://rudi@nmare.net\" class=\"btn btn-default btn-lg\"><span class=\"glyphicon glyphicon-envelope\"></span> Contact Support </a></div>"))
+
+}
+func card(title string, content string, footer string) string {
+	defer log.PanicSafe()
+	cardTemplate, err := ioutil.ReadFile("./static/card.tpl")
+	if err != nil {
+		log.LogError("Unable to open card template")
+		return ""
+	}
+	cardString := string(cardTemplate)
+	cardString = strings.Replace(cardString, "$TITLE", title, -1)
+	cardString = strings.Replace(cardString, "$CONTENT", content, -1)
+	cardString = strings.Replace(cardString, "$FOOTER", footer, -1)
+	return cardString
+
+}
+
+func getPending(w http.ResponseWriter, r *http.Request) {
+	defer log.PanicSafe()
+	loggedIn, _ := detectUser(r, "getPending")
+	if loggedIn {
+		pending, err := json.Marshal(config.Verifications)
+		if err != nil {
+			log.LogErrorType(err)
+			notFoundPage(w, r)
+		}
+		fmt.Fprintf(w, string(pending))
+	} else {
+		notFoundPage(w, r)
+	}
+}
+func getConfig(w http.ResponseWriter, r *http.Request) {
+	defer log.PanicSafe()
+	loggedIn, _ := detectUser(r, "getConfig")
+	if loggedIn {
+		pending, err := json.Marshal(config)
+		if err != nil {
+			log.LogErrorType(err)
+			notFoundPage(w, r)
+		}
+		fmt.Fprintf(w, string(pending))
+	} else {
+		notFoundPage(w, r)
+	}
+}
+func getProbations(w http.ResponseWriter, r *http.Request) {
+	defer log.PanicSafe()
+	loggedIn, _ := detectUser(r, "getProbations")
+	if loggedIn {
+		pending, err := json.Marshal(config.Probations)
+		if err != nil {
+			log.LogErrorType(err)
+			notFoundPage(w, r)
+		}
+		fmt.Fprintf(w, string(pending))
+	} else {
+		notFoundPage(w, r)
+	}
+}
+func getVerifications(w http.ResponseWriter, r *http.Request) {
+	defer log.PanicSafe()
+	loggedIn, _ := detectUser(r, "getVerifications")
+	if !loggedIn {
+		notFoundPage(w, r)
+		return
+	}
+	var files []string
+	root := "./verifications/"
+	err := filepath.Walk(root, func(path string, info os.FileInfo, err error) error {
+		files = append(files, path)
+		return nil
+	})
+	if err != nil {
+		log.LogErrorType(err)
+	}
+	var v []Verification
+	for _, file := range files {
+		info := strings.Split(file, "-")
+		if len(info) < 2 {
+			continue
+		}
+		var ver Verification
+		ver.UserID = strings.Replace(info[0], "verifications/", "", -1)
+		ver.Username = info[1]
+		ver.Photo = file
+		fileStat, _ := os.Stat(file)
+		ver.Closed = fileStat.ModTime()
+		v = append(v, ver)
+	}
+	verifications, err := json.Marshal(v)
+	if err != nil {
+		log.LogErrorType(err)
+	}
+	fmt.Fprintf(w, string(verifications))
+}
+
+func getUser(w http.ResponseWriter, r *http.Request) {
+	loggedIn, _ := detectUser(r, "getVerifications")
+	if !loggedIn {
+		notFoundPage(w, r)
+		return
+	}
+	vars := mux.Vars(r)
+	username := vars["userID"]
+	if len(username) == 0 {
+		username = r.FormValue("userID")
+	}
+	m, err := dg.GuildMember(config.GuildID, username)
+	if err != nil {
+		log.LogErrorType(err)
+	}
+	ret, err := json.Marshal(m)
+	if err != nil {
+		log.LogErrorType(err)
+	}
+	fmt.Fprintf(w, string(ret))
+}
+
+func getVerification(w http.ResponseWriter, r *http.Request) {
+	loggedIn, _ := detectUser(r, "getVerification")
+	if !loggedIn {
+		notFoundPage(w, r)
+		return
+	}
+	http.ServeFile(w, r, r.URL.Path)
+}
+
+func runWeb() {
+	defer log.PanicSafe()
+	router := mux.NewRouter().StrictSlash(true)
+	log.LogInfo("Adding HandleFuncs to router")
+	router.NotFoundHandler = http.HandlerFunc(notFoundPage)
+	router.HandleFunc("/pass", passPage)
+	router.HandleFunc("/login", loginPage)
+	router.HandleFunc("/api/login", tryLogin)
+	router.HandleFunc("/api/config", getConfig)
+	router.HandleFunc("/api/pending", getPending)
+	router.HandleFunc("/api/verifications", getVerifications)
+	router.HandleFunc("/api/probations", getProbations)
+	router.HandleFunc("/api/passreq", reqPass)
+	router.HandleFunc("/api/user", getUser)
+	router.HandleFunc("/", greetUser)
+	router.PathPrefix("/static/").Handler(http.StripPrefix("/static/", http.FileServer(http.Dir("./static"))))
+	router.PathPrefix("/verifications/").Handler(http.StripPrefix("/verifications/", http.FileServer(http.Dir("./verifications"))))
+	log.LogInfo("Starting server")
+	log.LogErrorType(http.ListenAndServe(":8080", router))
+}

static/404.tpl

@@ -0,0 +1,21 @@
+<div class="container">
+    <div class="row">
+        <div class="col-md-12">
+            <div class="error-template">
+                <h1>
+                    Oops!</h1><br>
+                <h2>
+                    404 Not Found</h2>
+                <div class="error-details">
+                    Sorry, an error has occured, Requested page not found!
+                </div>
+		<br>
+                <div class="error-actions">
+                    <a href="/" class="btn btn-primary btn-lg"><span class="glyphicon glyphicon-home"></span>
+                        Take Me Home </a>  <a href="mailto://rudi@nmare.net" class="btn btn-default btn-lg"><span class="glyphicon glyphicon-envelope"></span> Contact Support </a>
+                </div>
+            </div>
+        </div>
+    </div>
+    <br>
+</div>

static/500.tpl

@@ -0,0 +1,21 @@
+<div class="container">
+    <div class="row">
+        <div class="col-md-12">
+            <div class="error-template">
+                <h1>
+                    Oops!</h1><br>
+                <h2>Something has gone HORRIBLY wrong! Congrats!</h2>
+                <div class="error-details">
+                    Not really sorry, but an error has occured. 500 means something went wrong on the server side, but.. Let's be honest. It was really a user malfunction.
+                </div>
+		<br>
+                <div class="error-actions">
+                    <a href="/" class="btn btn-primary btn-lg"><span class="glyphicon glyphicon-home"></span>
+                        Take Me Home </a>  <a href="mailto://rudi@nmare.net" class="btn btn-default btn-lg"><span class="glyphicon glyphicon-envelope"></span> Contact Support </a>
+                </div>
+            </div>
+        </div>
+    </div>
+    <br>
+    <iframe width="560" height="315" src="https://www.youtube.com/embed/t3otBjVZzT0" frameborder="0" allow="accelerometer; autoplay; encrypted-media; gyroscope; picture-in-picture" allowfullscreen></iframe>
+</div>

static/app.js

@@ -0,0 +1,153 @@
+//Hopper says hi
+// Get the modal
+const modal = document.getElementById("myModal");
+
+// Get the button that opens the modal
+const btn = document.getElementById("myBtn");
+
+// Get the <span> element that closes the modal
+const span = document.getElementsByClassName("close")[0];
+var mode = new URLSearchParams(window.location.search).get("mode");
+
+const archiveLink = document.querySelector("#archive-link");
+const pendingLink = document.querySelector("#pending-link");
+const statusLink = document.querySelector("#status-link");
+function handleForm(event) {
+  event.preventDefault();
+}
+
+function main() {
+  archiveLink.classList.remove("active");
+  pendingLink.classList.remove("active");
+  statusLink.classList.remove("active");
+  switch (mode) {
+    case "status":
+      statusLink.classList.add("active");
+      return statusPage();
+    case "pending":
+      pendingLink.classList.add("active");
+      break;
+    case "verifications":
+      archiveLink.classList.add("active");
+      break;
+    default:
+      console.log("No mode");
+      mode = "verifications";
+      archiveLink.classList.add("active");
+      break;
+  }
+  document.getElementById("main-app").innerHTML = "";
+  fetch(`https://thanos.nightmare.haus/api/${mode}`)
+    .then((response) => response.json())
+    .then((data) => processData(data));
+}
+
+function statusPage() {
+  document.getElementById("main-app").innerHTML = "";
+  fetch(`https://thanos.nightmare.haus/api/config`)
+    .then((response) => response.json())
+    .then((data) => {
+      var node = document.createElement("config-status");
+
+      var upTime = document.createElement("div");
+      upTime.setAttribute("slot", "uptime");
+      upTime.innerText = data.Uptime;
+      node.appendChild(upTime);
+
+      var bumpTime = document.createElement("div");
+      bumpTime.setAttribute("slot", "lastbump");
+      bumpTime.innerText = new Date(data.BumpTime).toLocaleString();
+      node.appendChild(bumpTime);
+
+      node.setData(data);
+
+      document.getElementById("main-app").appendChild(node);
+    });
+}
+
+function searchPage() {
+  var search = document.getElementById("search-bar");
+  fetch("https://thanos.nightmare.haus/api/verifications")
+    .then((response) => response.json())
+    .then((data) => {
+      var searchData = [];
+      for (user of data) {
+        var match = false;
+
+        if (user.Username.toLowerCase().includes(search.value.toLowerCase())) {
+          match = true;
+        }
+        if (new Date(user.Closed).toLocaleString().includes(search.value)) {
+          match = true;
+        }
+        if (user.UserID.includes(search.value)) {
+          match = true;
+        }
+        if (match) {
+          searchData.push(user);
+        }
+      }
+      processData(searchData);
+    });
+}
+
+function processData(data) {
+  document.getElementById("main-app").innerHTML = "";
+  if (data.length == 0) {
+    alert("No data.");
+    return;
+  }
+  data = Object.values(data);
+  for (user of data) {
+    var node = document.createElement("user-card");
+    var nameSlot = document.createElement("div");
+    nameSlot.setAttribute("slot", "username");
+    nameSlot.innerText = user.Username;
+    node.appendChild(nameSlot);
+
+    var joinDate = document.createElement("div");
+    joinDate.setAttribute("slot", "join-date");
+    joinDate.innerText =
+      mode == "pending"
+        ? new Date(user.Submitted).toLocaleString()
+        : new Date(user.Closed).toLocaleString();
+    node.appendChild(joinDate);
+
+    var discordSlot = document.createElement("div");
+    discordSlot.setAttribute("slot", "discord-id");
+    discordSlot.innerText = user.UserID;
+    node.appendChild(discordSlot);
+
+    var picSlot = document.createElement("div");
+    picSlot.setAttribute("slot", "pic-link");
+    var aNode = document.createElement("a");
+
+    aNode.setAttribute(
+      "href",
+      mode == "pending"
+        ? user.Photo
+        : `https://thanos.nightmare.haus/${user.Photo}`
+    );
+    aNode.innerText = "Verification Photo";
+
+    picSlot.appendChild(aNode);
+    node.appendChild(picSlot);
+    document.getElementById("main-app").appendChild(node);
+  }
+}
+
+// When the user clicks on <span> (x), close the modal
+span.onclick = function () {
+  modal.style.display = "none";
+};
+
+// When the user clicks anywhere outside of the modal, close it
+window.onclick = function (event) {
+  if (event.target == modal) {
+    modal.style.display = "none";
+  }
+};
+var form = document.getElementById("search-form");
+form.addEventListener("submit", handleForm);
+
+main();

static/card.tpl

@@ -0,0 +1,11 @@
+<br><br>
+<div class="container h-100 d-flex justify-content-center align-items-center">
+
+<div class="card" style="width: 50rem;">
+<div class="card-body col">
+<h2 class="card-title">$TITLE</h1>
+<p class="card-text">$CONTENT</p>
+<p class="card-text">$FOOTER</p>
+</div>
+</div>
+</div>

static/components.js

@@ -0,0 +1,211 @@
+//Hopper says hi again
+const basicCard = document.createElement('basic-card');
+const configStatus = document.createElement('status');
+const style = `
+<style>
+.column {
+    float: left;
+    width: 24%;
+    height: 100%;
+    box-shadow: 0 4px 8px 0 rgba(0, 0, 0, 0.137);
+    border-radius: 3%;
+    transition: 0.3s;
+    margin: 15px 3.33%;
+    padding: 12px 16px;
+    background-color: #282c34;
+    color: #FFFFFF;
+  }
+
+  .column:hover {
+    box-shadow: 0 8px 16px 0 rgba(0, 0, 0, 0.795);
+  }
+  
+  /* Clear floats after the columns */
+  .row {
+    content: "";
+    clear: both;
+    display: flex;
+    flex-wrap: wrap;
+  }
+p {
+    text-align: center;
+}
+a {
+    text-align: center;
+    color: white;
+}
+.card {
+    box-shadow: 0 4px 8px 0 rgba(0, 0, 0, 0.137);
+    border-radius: 3%;
+    transition: 0.3s;
+    position: relative;
+    width: 250px;
+    height: 200px;
+    padding: 5px;
+    background-color: #282c34;
+    color: #FFFFFF;
+  }  
+  .card:hover {
+    box-shadow: 0 8px 16px 0 rgba(0, 0, 0, 0.795);
+  }
+  .container {
+    padding: 6px 16px;
+  }
+  label{
+    display: inline;
+    float: left;
+    clear: left;
+    width: 250px;
+    text-align: left;
+}
+input {
+  display: inline;
+  float: right;
+}
+</style>
+`;
+
+basicCard.innerHTML = `
+${style}
+<div id="card-container" class="container">
+<div class="card">
+    <h4><p><slot name="username" /></p></h4>
+    <div>
+        <p><slot name="join-date" /></p>
+        <p><slot id="discord-id" name="discord-id" /></p>
+        <p><slot id="pic-link" name="pic-link" /></p>
+    </div>
+</div>
+</div>
+`;
+
+configStatus.innerHTML = `
+${style}
+    <div class="row">
+        <div class="column">
+            <h4><p>Status</p></h4>
+            <p>Uptime: <slot name="uptime" /></p>
+            <p>Last Bump was <slot name="lastbump" /></p>
+            <p>by <slot id="lastbumper" name="lastbumper" /></p>
+        </div>
+        <br>
+        <div class="column">
+            <h4><p>Config</p></h4>
+            <form>
+                <label for="Guild">Guild: </label>
+                <input type="text" id="Guild" name="Guild" readonly/>
+                <label for="AdminChannel">Admin Channel: </label>
+                <input type="select" id="AdminChannel" name="AdminChannel"/>
+                <label for="AdminRole">Admin Role: </label>
+                <input type="select" id="AdminRole" name="AdminRole"/>
+                <label for="MonitorChannel">Monitor Channel: </label>
+                <input type="select" id="MonitorChannel" name="MonitorChannel"/>
+                <label for="MonitorRole">Monitor Role: </label>
+                <input type="select" id="MonitorRole" name="MonitorRole"/>
+                <label for="IntroChannel">Intro Channel: </label>
+                <input type="select" id="IntroChannel" name="IntroChannel"/>
+                <label for="VerifiedRole">Verified Role: </label>
+                <input type="select" id="VerifiedRole" name="VerifiedRole"/>
+                <label for="OutFile">Logging OutFile: </label>
+                <input type="text" id="OutFile" name="OutFile" />
+                <label for="KBTeam">KB Team: </label>
+                <input type="text" id="KBTeam" name="KBTeam" />
+                <label for="KBChann">KB Channel: </label>
+                <input type="text" id="KBChann" name="KBChann" />
+                <label for="level">Logging Level: </label>
+                <input type="number" id="Level" name="Level" />
+                <label for="ProgName">Program Name: </label>
+                <input type="text" id="ProgName" name="ProgName" />
+                <label for="UseStdout">Use stdout: </label>
+                <input type="checkbox" id="UseStdout" name="UseStdout"/>
+                <label for="submitchanges"></label>
+                <input style="width: 100%;" type="submit" id="submitchanges" name="submitchanges" onClick="alert('Post blocked.')">
+            </form>
+        </div>
+        <br>
+        <div id="admin-stats" class="column">
+            <h4><p>Admin Stats</p></h4>
+        </div>
+    </div>
+`;
+
+class ConfigStatusClass extends HTMLElement {
+    constructor() {
+        super();
+        this.attachShadow({ mode: 'open' });
+        this.shadowRoot.appendChild(configStatus.cloneNode(true));
+    }
+    async setData(data) {
+        this.shadowRoot.querySelector("#submitchanges").addEventListener('submit', handleForm);
+        this.shadowRoot.querySelector("#Guild").value = data.GuildID;
+        this.shadowRoot.querySelector("#AdminChannel").value = data.AdminChannel;
+        this.shadowRoot.querySelector("#AdminRole").value = data.AdminRole;
+        this.shadowRoot.querySelector("#MonitorChannel").value = data.MonitorChann;
+        this.shadowRoot.querySelector("#MonitorRole").value = data.MonitorRole;
+        this.shadowRoot.querySelector("#IntroChannel").value = data.IntroChann;
+        this.shadowRoot.querySelector("#VerifiedRole").value = data.VerifiedRole;
+        this.shadowRoot.querySelector("#OutFile").value = data.LogOpts.OutFile;
+        this.shadowRoot.querySelector("#KBTeam").value = data.LogOpts.KBTeam;
+        this.shadowRoot.querySelector("#KBChann").value = data.LogOpts.KBChann;
+        this.shadowRoot.querySelector("#Level").value = data.LogOpts.Level;
+        this.shadowRoot.querySelector("#ProgName").value = data.LogOpts.ProgName;
+        this.shadowRoot.querySelector("#UseStdout").checked = data.LogOpts.UseStdout == "true";
+        fetch('https://thanos.nightmare.haus/api/user?userID=' + data.LastBumper)
+            .then(response => response.json())
+            .then(userData => {
+                this.shadowRoot.querySelector("#lastbumper").innerHTML = userData.user.username;
+            });
+        this.loadStats(data.Stats)
+
+
+    }
+    async loadStats(data) {
+        var shadowRoot = this.shadowRoot;
+        Object.keys(data).forEach(function(uid) {
+            var score = data[uid];
+            fetch('https://thanos.nightmare.haus/api/user?userID=' + uid)
+            .then(response => response.json())
+            .then(userData => {
+                var stats = shadowRoot.querySelector("#admin-stats");
+                var userName = document.createElement("p");
+                userName.innerText = userData.user.username + ": " + score;
+                stats.appendChild(userName);
+            });
+        })
+    }
+
+}
+
+
+class UserCard extends HTMLElement {
+    constructor() {
+        super();
+        this.attachShadow({ mode: 'open' });
+        this.shadowRoot.appendChild(basicCard.cloneNode(true));
+    }
+    connectedCallback() {
+        this.shadowRoot.querySelector('#card-container').addEventListener('click', () => this.showModal());
+    }
+
+    showModal() {
+        const userID = this.shadowRoot.querySelector('#discord-id').assignedNodes()[0].textContent;
+        const userPic = this.shadowRoot.querySelector("#pic-link").assignedNodes()[0].querySelector("a").getAttribute("href");
+        fetch('https://thanos.nightmare.haus/api/user?userID=' + userID)
+            .then(response => response.json())
+            .then(data => {
+                if (data === undefined || data === null) {
+                    alert("User not found.");
+                    return;
+                }
+                document.querySelector("#myModal").style.display = "block";
+                document.querySelector('#modal-join').textContent = new Date(data.joined_at).toLocaleString();
+                document.querySelector('#modal-userID').textContent = data.user.username;
+                document.querySelector('#modal-avatar').src = `https://cdn.discordapp.com/avatars/${data.user.id}/${data.user.avatar}.png?size=256`;
+                document.querySelector('#modal-verification').src = userPic;
+                document.querySelector('#modal-verification').style = "max-height: 500px;";
+            });
+    }
+
+}
+window.customElements.define('user-card', UserCard);
+window.customElements.define('config-status', ConfigStatusClass);

static/header.tpl

@@ -0,0 +1,44 @@
+<!DOCTYPE html>
+<html>
+<head>
+<title>Thanos</title>
+  <meta charset="utf-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1">
+  <link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/4.4.1/css/bootstrap.min.css">
+  <link rel="icon" type="image/png" href="https://lh6.googleusercontent.com/BvczCCYhJUsKIs3dsowl1vuvnBtCGSDcMDekt5PehwQk3cQLfHkEn80cR3IuMxUFmd5Sh_UQ=w16383">
+  <script src="https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js"></script>
+  <script src="https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.16.0/umd/popper.min.js"></script>
+  <script src="https://maxcdn.bootstrapcdn.com/bootstrap/4.4.1/js/bootstrap.min.js"></script>
+  <link href="/static/css/main.5c7015b9.chunk.css" rel="stylesheet">
+
+ 
+
+<!-- Navigation -->
+<nav class="navbar navbar-expand-lg navbar-dark bg-dark static-top">
+  <div class="container">
+    <a class="navbar-brand" href="/">
+          <img src="" alt="">
+        </a>
+    <button class="navbar-toggler" type="button" data-toggle="collapse" data-target="#navbarResponsive" aria-controls="navbarResponsive" aria-expanded="false" aria-label="Toggle navigation">
+          <span class="navbar-toggler-icon"></span>
+        </button>
+    <div class="collapse navbar-collapse" id="navbarResponsive">
+      <ul class="navbar-nav ml-auto">
+        <li class="nav-item active">
+          <a class="nav-link" href="/">Home
+                <span class="sr-only">(current)</span>
+              </a>
+        </li>
+        <li class="nav-item">
+          <a class="nav-link" href="/pass">Request Token</a>
+        </li>
+        <li class="nav-item">
+          <a class="nav-link" href="/login">$LOGIN</a>
+        </li>
+      </ul>
+    </div>
+  </div>
+</nav>
+
+
+</head>

static/home.tpl

@@ -0,0 +1,17 @@
+<br><br>
+<div class="container h-100 d-flex justify-content-center align-items-center">
+    <div id="react_app"></div>
+
+    <div class="container h-100 d-flex justify-content-center align-items-center">
+        <div class="card" style="width: 50rem;">
+            <div class="card-body col">
+                <h2 class="card-title">Cookie Policy</h1>
+                    <p class="card-text">What website doesn't use cookies nowadays?</p>
+                    <p class="card-text">This website does not use any 3rd party cookies. All cookies are encrypted and
+                        only used by this website. </p>
+                    <p class="card-text">If you are actually reading this, chances are your data isn't valuable enough
+                        for me to care about tracking you.</p>
+            </div>
+        </div>
+        
+    </div>

static/index.css

@@ -0,0 +1,73 @@
+body {
+    margin: 0;
+    font-family: -apple-system, BlinkMacSystemFont, 'Segoe UI', 'Roboto', 'Oxygen',
+      'Ubuntu', 'Cantarell', 'Fira Sans', 'Droid Sans', 'Helvetica Neue',
+      sans-serif;
+    -webkit-font-smoothing: antialiased;
+    -moz-osx-font-smoothing: grayscale;
+  }
+  
+  code {
+    font-family: source-code-pro, Menlo, Monaco, Consolas, 'Courier New',
+      monospace;
+  }
+  .card {
+    /* Add shadows to create the "card" effect */
+    box-shadow: 0 4px 8px 0 rgba(0, 0, 0, 0.137);
+    border-radius: 3%;
+    transition: 0.3s;
+    position: relative;
+    width: 300px;
+    height: 200px;
+    padding: 10px;
+    background-color: #282c34;
+    color: #FFFFFF;
+  }
+
+  /* On mouse-over, add a deeper shadow */
+  .card:hover {
+    box-shadow: 0 8px 16px 0 rgba(0, 0, 0, 0.795);
+  }
+  
+  /* Add some padding inside the card container */
+  .container {
+    padding: 6px 16px;
+  }
+
+  /* The Modal (background) */
+.modal {
+  display: none; /* Hidden by default */
+  position: fixed; /* Stay in place */
+  z-index: 1; /* Sit on top */
+  left: 0;
+  top: 0;
+  width: 100%; /* Full width */
+  height: 100%; /* Full height */
+  overflow: auto; /* Enable scroll if needed */
+  background-color: rgb(0,0,0); /* Fallback color */
+  background-color: rgba(0,0,0,0.4); /* Black w/ opacity */
+}
+
+/* Modal Content/Box */
+.modal-content {
+  background-color: #282c34;
+  margin: 15% auto; /* 15% from the top and centered */
+  padding: 20px;
+  border: 1px solid #888;
+  width: 80%; /* Could be more or less, depending on screen size */
+  color: white;
+}
+
+.close {
+  color: #aaa;
+  float: right;
+  font-size: 28px;
+  font-weight: bold;
+}
+
+.close:hover,
+.close:focus {
+  color: black;
+  text-decoration: none;
+  cursor: pointer;
+}

static/index.html

@@ -0,0 +1,91 @@
+<!doctype html>
+<html lang="en">
+
+<head>
+    <meta charset="utf-8">
+    <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
+    <meta name="description" content="JavaScript web interface for ThanOS API">
+    <meta name="author" content="rudi@nightmare.haus">
+    <link rel="icon" href="https://cdn.discordapp.com/avatars/688025671968096341/7ad6b70b550cec8fb9dba7cec489838e.png?size=32">
+
+    <title>Thanos2</title>
+    <!-- Bootstrap core CSS -->
+    <link href="https://getbootstrap.com/docs/4.0/dist/css/bootstrap.min.css" rel="stylesheet">
+
+    <!-- Custom styles for this template -->
+    <link href="https://getbootstrap.com/docs/4.0/examples/starter-template/starter-template.css" rel="stylesheet">
+   
+    <!-- My imports -->
+    <link href="./static/index.css" rel="stylesheet">
+
+    <!-- End of my imports -->
+
+</head>
+
+<body>
+
+    <nav class="navbar navbar-expand-md navbar-dark bg-dark fixed-top">
+        <a class="navbar-brand" href="https://git.nightmare.haus/rudi/disgord-Thanos">ThanOS</a>
+        <button class="navbar-toggler" type="button" data-toggle="collapse" data-target="#navbarsExampleDefault"
+            aria-controls="navbarsExampleDefault" aria-expanded="false" aria-label="Toggle navigation">
+            <span class="navbar-toggler-icon"></span>
+        </button>
+
+        
+        <div class="collapse navbar-collapse" id="navbarsExampleDefault">
+            <ul class="navbar-nav mr-auto">
+                <li class="nav-item active" id="archive-link">
+                    <a class="nav-link" href="?mode=verifications">Archive <span class="sr-only">(current)</span></a>
+                </li>
+                <li class="nav-item" id="pending-link">
+                    <a class="nav-link" href="?mode=pending">Pending</a>
+                </li>
+                <li class="nav-item" id="status-link">
+                    <a class="nav-link disabled" href="?mode=status">Status</a>
+                </li>
+            </ul>
+            <form class="form-inline my-2 my-lg-0" id="search-form">
+                <input class="form-control mr-sm-2" id="search-bar" type="text" placeholder="Search Verifications"
+                    aria-label="Search">
+                <button class="btn btn-outline-success my-2 my-sm-0" id="search-button" type="submit" onclick="searchPage()">Search</button>
+            </form>
+        </div>
+    </nav>
+    <!-- The Modal -->
+    <div id="myModal" class="modal">
+
+        <!-- Modal content -->
+        <div class="modal-content">
+            <div class="container">
+                <span class="close">&times;</span>
+                <div class="row">
+                    <div class="col-sm">
+                        <img id="modal-avatar" alt="Avatar">
+                        <p id="modal-join"></p>
+                        <p id="modal-userID"></p>
+                    </div>
+                    <div class="col-sm">
+                        <img id="modal-verification" alt="Avatar" style="width: 100%;">
+                    </div>
+
+                </div>
+            </div>
+        </div>
+
+    </div>
+    <div id="main-app" style="display: flex; flex-wrap: wrap;">
+    </div>
+    <script src="./static/components.js"></script>
+    <script src="./static/app.js"></script>
+    <!-- Bootstrap core JavaScript
+    ================================================== -->
+    <!-- Placed at the end of the document so the pages load faster -->
+    <script src="https://code.jquery.com/jquery-3.2.1.slim.min.js"
+        integrity="sha384-KJ3o2DKtIkvYIK3UENzmM7KCkRr/rE9/Qpg6aAZGJwFDMVNA/GpGFF93hXpG5KkN"
+        crossorigin="anonymous"></script>
+    <script>window.jQuery || document.write('<script src="https://getbootstrap.com/docs/4.0/assets/js/vendor/jquery-slim.min.js"><\/script>')</script>
+    <script src="https://getbootstrap.com/docs/4.0/assets/js/vendor/popper.min.js"></script>
+    <script src="https://getbootstrap.com/docs/4.0/dist/js/bootstrap.min.js"></script>
+</body>
+
+</html>

static/loggedIn.tpl

@@ -0,0 +1,8 @@
+
+    <div id="react_app"></div>
+    <div class="container h-100 d-flex justify-content-center align-items-center">
+        <script>!function (e) { function t(t) { for (var n, l, a = t[0], f = t[1], i = t[2], c = 0, s = []; c < a.length; c++)l = a[c], Object.prototype.hasOwnProperty.call(o, l) && o[l] && s.push(o[l][0]), o[l] = 0; for (n in f) Object.prototype.hasOwnProperty.call(f, n) && (e[n] = f[n]); for (p && p(t); s.length;)s.shift()(); return u.push.apply(u, i || []), r() } function r() { for (var e, t = 0; t < u.length; t++) { for (var r = u[t], n = !0, a = 1; a < r.length; a++) { var f = r[a]; 0 !== o[f] && (n = !1) } n && (u.splice(t--, 1), e = l(l.s = r[0])) } return e } var n = {}, o = { 1: 0 }, u = []; function l(t) { if (n[t]) return n[t].exports; var r = n[t] = { i: t, l: !1, exports: {} }; return e[t].call(r.exports, r, r.exports, l), r.l = !0, r.exports } l.m = e, l.c = n, l.d = function (e, t, r) { l.o(e, t) || Object.defineProperty(e, t, { enumerable: !0, get: r }) }, l.r = function (e) { "undefined" != typeof Symbol && Symbol.toStringTag && Object.defineProperty(e, Symbol.toStringTag, { value: "Module" }), Object.defineProperty(e, "__esModule", { value: !0 }) }, l.t = function (e, t) { if (1 & t && (e = l(e)), 8 & t) return e; if (4 & t && "object" == typeof e && e && e.__esModule) return e; var r = Object.create(null); if (l.r(r), Object.defineProperty(r, "default", { enumerable: !0, value: e }), 2 & t && "string" != typeof e) for (var n in e) l.d(r, n, function (t) { return e[t] }.bind(null, n)); return r }, l.n = function (e) { var t = e && e.__esModule ? function () { return e.default } : function () { return e }; return l.d(t, "a", t), t }, l.o = function (e, t) { return Object.prototype.hasOwnProperty.call(e, t) }, l.p = "/"; var a = this.webpackJsonpthanos = this.webpackJsonpthanos || [], f = a.push.bind(a); a.push = t, a = a.slice(); for (var i = 0; i < a.length; i++)t(a[i]); var p = f; r() }([])</script>
+        <script src="/static/js/2.55237e37.chunk.js"></script>
+        <script src="/static/js/main.a24cc14e.chunk.js"></script>
+    </div>
+</body>

static/login.tpl

@@ -0,0 +1,31 @@
+<div class="container-fluid">
+  <div class="row no-gutter">
+    <div class="d-none d-md-flex col-md-4 col-lg-6 bg-image"></div>
+    <div class="col-md-8 col-lg-6">
+      <div class="login d-flex align-items-center py-5">
+        <div class="container">
+          <div class="row">
+            <div class="col-md-9 col-lg-8 mx-auto">
+              <h3 class="login-heading mb-4">Thanos OTP Login</h3>
+              <form action="/api/login">
+                <div class="form-label-group">
+                  <input type="text" name="UserName" id="Username" class="form-control" placeholder="Username" required autofocus>
+                  <label for="inputEmail">Username</label>
+                </div>
+
+                <div class="form-label-group">
+                  <input type="password" name="TempPass" id="TempPassword" class="form-control" placeholder="Do Not Use Your Discord Password" required>
+                  <label for="inputPassword">Temporary Password</label>
+                </div>
+
+                <button class="btn btn-lg btn-primary btn-block btn-login text-uppercase font-weight-bold mb-2" type="submit">Sign in</button>
+                <div class="text-center">
+                  <a class="small" href="/pass">Need to request a password?</a></div>
+              </form>
+            </div>
+          </div>
+        </div>
+      </div>
+    </div>
+  </div>
+</div>

static/pass.tpl

@@ -0,0 +1,31 @@
+<body>
+  <br><br>
+  <div class="row h-100 justify-content-center align-items-center">
+  <div class="card">
+   <div class="container">
+<form action="/api/passreq">
+<table>
+<tr>
+<td>
+Discord User: 
+</td>
+<td>
+<input type="text" name="UserName" value="">
+</td>
+</tr>
+<tr>
+<td>
+</td>
+<td>
+<input type="submit" value="Submit" class="btn btn-primary" style="float: right;">
+</td>
+</tr>
+</table>
+</form>
+    
+    <p>Click the "Submit" button and a temporary password will be sent to the Discord User.</p>
+</div>
+  </div>
+</div>
+</body>
+</html>

tools/unban.go

@@ -0,0 +1,38 @@
+package main
+
+import (
+	"flag"
+	"fmt"
+
+	"github.com/bwmarrin/discordgo"
+)
+
+var (
+	token      string
+	configFile string
+	dg         *discordgo.Session
+	guild      = "451553644161138712"
+)
+
+func init() {
+	flag.StringVar(&token, "t", "", "Bot Token")
+	flag.StringVar(&configFile, "c", "", "Config file")
+	flag.Parse()
+}
+
+func main() {
+	if token == "" {
+		fmt.Printf("No token provided. Please run: disgord-thanos -t <bot token>")
+	}
+	dg, _ = discordgo.New("Bot " + token)
+	_ = dg.Open()
+	unbanAll()
+	dg.Close()
+}
+
+func unbanAll() {
+	bans, _ := dg.GuildBans(guild)
+	for _, v := range bans {
+		dg.GuildBanDelete(guild, v.User.ID)
+	}
+}

types.go

@@ -1,7 +1,10 @@
 package main
 
-import "time"
+import (
-import "github.com/rudi9719/loggy"
+	"time"
+
+	"github.com/rudi9719/loggy"
+)
 
 // Config struct used for bot
 type Config struct {
@@ -31,3 +34,17 @@ type Verification struct {
 	Admin     string
 	Closed    time.Time
 }
+
+type linkedAccount struct {
+	domainUser  string
+	discordUser string
+	sigHash     string
+}
+
+// Tokens are the Login Token struct
+type Tokens struct {
+	Username  string
+	IP        string
+	Password  string
+	Timestamp time.Time
+}