Files
3x-ui/internal/web/service/integration/nord.go
T
MHSanaei fa1a19c03c style: adopt golangci-lint v2 and resolve all findings
Add .golangci.yml (v2): the standard linters plus bodyclose, errorlint, noctx, misspell, rowserrcheck, sqlclosecheck, unconvert, usestdlibvars, with gofumpt + goimports formatters. Enable the std-error-handling exclusion preset for idiomatic Close/Remove/Setenv ignores; scope-exclude SA1019 (parser.ParseDir in tools/openapigen) and ST1005 (intentional capitalized user-facing error copy that tests assert verbatim). No inline nolint directives were introduced.

Resolve all 217 findings behavior-preserving: gofumpt/goimports formatting, explicit blank assignment on intentionally ignored errors, errors.Is/errors.As and %w wrapping, context-aware stdlib calls (CommandContext/QueryContext/NewRequestWithContext/Dialer), staticcheck simplifications, removed redundant conversions, http.StatusOK and http.MethodGet, inlined the go:fix intPtr helper, and deferred sql rows Close. Add a golangci CI job mirroring the existing Go jobs.
2026-06-27 15:42:22 +02:00

161 lines
3.8 KiB
Go

package integration
import (
"context"
"encoding/json"
"fmt"
"io"
"net/http"
"time"
"github.com/mhsanaei/3x-ui/v3/internal/util/common"
"github.com/mhsanaei/3x-ui/v3/internal/web/service"
)
type NordService struct {
service.SettingService
}
var nordHTTPClient = &http.Client{Timeout: 15 * time.Second}
// maxResponseSize limits the maximum size of NordVPN API responses (10 MB).
const maxResponseSize = 10 << 20
func (s *NordService) GetCountries() (string, error) {
req, reqErr := http.NewRequestWithContext(context.Background(), http.MethodGet, "https://api.nordvpn.com/v1/countries", nil)
if reqErr != nil {
return "", reqErr
}
resp, err := nordHTTPClient.Do(req)
if err != nil {
return "", err
}
defer resp.Body.Close()
if resp.StatusCode != http.StatusOK {
return "", common.NewErrorf("NordVPN API error: %s", resp.Status)
}
body, err := io.ReadAll(io.LimitReader(resp.Body, maxResponseSize))
if err != nil {
return "", err
}
return string(body), nil
}
func (s *NordService) GetServers(countryId string) (string, error) {
// Validate countryId is numeric to prevent URL injection
for _, c := range countryId {
if c < '0' || c > '9' {
return "", common.NewError("invalid country ID")
}
}
url := fmt.Sprintf("https://api.nordvpn.com/v2/servers?limit=0&filters[servers_technologies][id]=35&filters[country_id]=%s", countryId)
req, reqErr := http.NewRequestWithContext(context.Background(), http.MethodGet, url, nil)
if reqErr != nil {
return "", reqErr
}
resp, err := nordHTTPClient.Do(req)
if err != nil {
return "", err
}
defer resp.Body.Close()
if resp.StatusCode != http.StatusOK {
return "", common.NewErrorf("NordVPN API error: %s", resp.Status)
}
body, err := io.ReadAll(io.LimitReader(resp.Body, maxResponseSize))
if err != nil {
return "", err
}
var data map[string]any
if err := json.Unmarshal(body, &data); err != nil {
return string(body), nil
}
servers, ok := data["servers"].([]any)
if !ok {
return string(body), nil
}
var filtered []any
for _, s := range servers {
if server, ok := s.(map[string]any); ok {
if load, ok := server["load"].(float64); ok && load > 7 {
filtered = append(filtered, s)
}
}
}
data["servers"] = filtered
result, _ := json.Marshal(data)
return string(result), nil
}
func (s *NordService) SetKey(privateKey string) (string, error) {
if privateKey == "" {
return "", common.NewError("private key cannot be empty")
}
nordData := map[string]string{
"private_key": privateKey,
"token": "",
}
data, _ := json.Marshal(nordData)
err := s.SetNord(string(data))
if err != nil {
return "", err
}
return string(data), nil
}
func (s *NordService) GetCredentials(token string) (string, error) {
url := "https://api.nordvpn.com/v1/users/services/credentials"
req, err := http.NewRequestWithContext(context.Background(), http.MethodGet, url, nil)
if err != nil {
return "", err
}
req.SetBasicAuth("token", token)
resp, err := nordHTTPClient.Do(req)
if err != nil {
return "", err
}
defer resp.Body.Close()
if resp.StatusCode != http.StatusOK {
return "", common.NewErrorf("NordVPN API error: %s", resp.Status)
}
body, err := io.ReadAll(io.LimitReader(resp.Body, maxResponseSize))
if err != nil {
return "", err
}
var creds map[string]any
if err := json.Unmarshal(body, &creds); err != nil {
return "", err
}
privateKey, ok := creds["nordlynx_private_key"].(string)
if !ok || privateKey == "" {
return "", common.NewError("failed to retrieve NordLynx private key")
}
nordData := map[string]string{
"private_key": privateKey,
"token": token,
}
data, _ := json.Marshal(nordData)
err = s.SetNord(string(data))
if err != nil {
return "", err
}
return string(data), nil
}
func (s *NordService) GetNordData() (string, error) {
return s.GetNord()
}
func (s *NordService) DelNordData() error {
return s.SetNord("")
}