From c4b802e28210fcc32b2e5af8cfe3218467d4c7d2 Mon Sep 17 00:00:00 2001
From: Keith Irwin <git@ki9.us>
Date: Wed, 2 Nov 2022 12:13:36 -0600
Subject: [PATCH] Initial deletion code

---
 back/lib/admin/user/add |  2 +-
 back/lib/admin/user/del | 58 +++++++++++++++++++++++++++++++++++++++++
 2 files changed, 59 insertions(+), 1 deletion(-)

diff --git a/back/lib/admin/user/add b/back/lib/admin/user/add
index 55ca20c..0842c40 100755
--- a/back/lib/admin/user/add
+++ b/back/lib/admin/user/add
@@ -1,5 +1,5 @@
 #!/bin/bash
-# FILE:       	user_add
+# FILE:       	admin/user/add
 # DESCRIPTION:	Add a new user
 # USAGE:      	add remote_ip querystring
 # QUERYSTRING:	?t=$token&host=$hostname&user=$username
diff --git a/back/lib/admin/user/del b/back/lib/admin/user/del
index e69de29..73ea648 100755
--- a/back/lib/admin/user/del
+++ b/back/lib/admin/user/del
@@ -0,0 +1,58 @@
+#!/bin/bash
+# FILE:       	admin/user/del
+# DESCRIPTION:	Delete a user
+# USAGE:      	del remote_ip querystring
+# QUERYSTRING:	?t=$token&user=$username
+# ERRORS:
+# 	 3: bad args/usage
+# 	 4: Wireguard not installed
+# 	 5: vars file not found
+# 	 6: Servers file not found
+# 	 7: Token file not found
+# 	 8: Invalid token
+# 	 9: Username not provided
+
+CONFIG_FILE='/etc/wgapi/config'
+SERVERS_FILE='/etc/wgapi/servers'
+if ! [ ${#} -eq 2 ]; then
+	printf 'ERROR! Bad input: %s %s\n' "${0}" "${*}" >>"${LOGFILE}"
+	exit 3
+fi & if ! [ -x '/usr/bin/wg' ]; then
+	printf 'ERROR! %s could not find /usr/bin/wg\n' "${0}" >>"${LOGFILE}"
+	exit 4
+fi & if ! [ -f "${CONFIG_FILE}" ]; then
+	printf 'ERROR! %s could not find %s!\n' "${0}" "${CONFIG_FILE}" >>"${LOGFILE}"
+	exit 5
+fi
+source "${CONFIG_FILE}"
+if ! [ -f "${SERVERS_FILE}" ]; then
+	printf 'ERROR! %s could not find %s!\n' "${0}" "${SERVERS_FILE}" >>"${LOGFILE}"
+	exit 6
+fi & if ! [ -f "${TOKENS_FILE}" ]; then
+	printf 'ERROR! %s could not find %s!\n' "${0}" "${TOKENS_FILE}" >>"${LOGFILE}"
+	exit 7
+fi
+ip="${1}"
+qs="$(<<<"${2}" tr '&' '\n' | sed 's/?//')"
+
+# Check token
+token_fail(){
+	printf 'Rejecting admin %s request for new peer due to %s token\n' "${ip}" "${1}" >>"${LOGFILE}"
+	printf 'Invalid token\n' | "${LIB_DIR}/http_res" 403
+	exit 8
+}
+saved_token="$(grep "${ip}" "${TOKENS_FILE}" | cut -f2)"
+[ "${saved_token}" == "" ] && token_fail 'missing' &
+<<<"${qs}" grep -qx "t=${saved_token}" || token_fail 'mismatched'
+printf '%s token was valid\n' "${ip}" >>"${LOGFILE}"
+
+# Check username
+username="$(<<<"${qs}" grep -oP 'user=(.*)' | sed 's/^user=//')"
+if [[ "${username}" == "" ]]; then
+	printf 'ERROR! Username "%s" missing!\n' "${username}" >>"${LOGFILE}"
+	printf 'Username missing!\n' | "${LIB_DIR}/http_res" 400
+	exit 9
+else
+	printf 'Admin %s requested deletion of user "%s"\n' "${ip}" "${username}" >>"${LOGFILE}"
+fi
+