0e5dffb7fc
- Fixed dotenv path in app.js to properly load .env from backend root - Updated CORS to allow http://localhost:5173 (frontend URL) - Updated README.md with accurate project statistics (58 files, 6677+ lines) - Updated backend/README.md - marked as Production Ready - Updated frontend/README.md with complete feature list - All systems tested and working (backend + frontend)
4.3 KiB
4.3 KiB
Oltalama Backend API
Phishing test yönetim sistemi backend API'si.
✨ Özellikler
✅ Authentication - Session-based login/logout
✅ Company Management - Şirket CRUD & istatistikler
✅ Token Management - Tracking token oluşturma & mail gönderimi
✅ Tracking - IP, GeoIP, User-Agent tracking
✅ Telegram - Gerçek zamanlı bildirimler
✅ Mail - Gmail entegrasyonu (Nodemailer)
✅ Templates - HTML mail şablonları (Handlebars)
✅ Stats - Dashboard ve detaylı istatistikler
🚀 Kurulum
npm install
cp .env.example .env
# .env dosyasını düzenle
npm run db:migrate
npm run db:seed
npm run dev
📡 API Endpoints
Authentication
POST /api/auth/login - Giriş
POST /api/auth/logout - Çıkış
GET /api/auth/check - Session kontrolü
GET /api/auth/me - Kullanıcı bilgisi
Companies
GET /api/companies - Tüm şirketler
POST /api/companies - Yeni şirket
GET /api/companies/:id - Şirket detay
PUT /api/companies/:id - Şirket güncelle
DELETE /api/companies/:id - Şirket sil
GET /api/companies/:id/tokens - Şirket tokenları
GET /api/companies/:id/stats - Şirket istatistikleri
Tokens
GET /api/tokens - Tüm tokenlar
POST /api/tokens/create - Token oluştur
POST /api/tokens/create-and-send - Token oluştur + mail gönder
GET /api/tokens/:id - Token detay
PUT /api/tokens/:id - Token güncelle
DELETE /api/tokens/:id - Token sil
POST /api/tokens/:id/send - Mail gönder
GET /api/tokens/:id/clicks - Tıklama geçmişi
Tracking (Public)
GET /t/:token - Tracking endpoint (IP, GeoIP, Telegram)
Templates
GET /api/templates - Tüm şablonlar
GET /api/templates/:type - Şablon detay
POST /api/templates/preview - Önizleme
Settings
GET /api/settings - Tüm ayarlar
PUT /api/settings/gmail - Gmail ayarları
PUT /api/settings/telegram - Telegram ayarları
POST /api/settings/test-gmail - Gmail testi
POST /api/settings/test-telegram - Telegram testi
Stats
GET /api/stats/dashboard - Dashboard özet
GET /api/stats/recent-clicks - Son tıklamalar
GET /api/stats/by-company - Şirket bazlı stats
🔐 Default Credentials
Username: admin
Password: admin123
📊 Database
SQLite database: database/oltalama.db
Tablolar:
- companies (3 örnek şirket)
- tracking_tokens
- click_logs
- mail_templates (2 şablon)
- settings
- admin_user
🧪 Test
# Health check
curl http://localhost:3000/health
# Login
curl -X POST http://localhost:3000/api/auth/login \
-H "Content-Type: application/json" \
-d '{"username":"admin","password":"admin123"}'
📝 Environment Variables
PORT=3000
BASE_URL=http://localhost:3000
SESSION_SECRET=your-secret-key
# Gmail
GMAIL_USER=your-email@gmail.com
GMAIL_APP_PASSWORD=your-app-password
GMAIL_FROM_NAME=Güvenlik Ekibi
# Telegram
TELEGRAM_BOT_TOKEN=your-bot-token
TELEGRAM_CHAT_ID=your-chat-id
🏗️ Yapı
src/
├── config/ - Database, Logger, Session
├── controllers/ - Route handlers (auth, company, token, tracking, etc.)
├── middlewares/ - Auth, error handler, rate limiter
├── models/ - Sequelize models
├── routes/ - API routes
├── services/ - Business logic (mail, telegram, token)
├── utils/ - Helpers (geoip, user-agent parser, token generator)
├── validators/ - Joi schemas
├── public/ - Static files (landing page)
└── app.js - Express app
✅ Durum
Tamamlanan:
- ✅ Authentication sistem (session-based)
- ✅ Company yönetimi (CRUD + stats)
- ✅ Token yönetimi (CRUD + mail)
- ✅ Tracking endpoint (IP, GeoIP, User-Agent)
- ✅ Telegram bildirimleri (real-time)
- ✅ Mail gönderimi (Gmail + Handlebars)
- ✅ GeoIP tracking (geoip-lite)
- ✅ User-Agent parsing
- ✅ Stats & Analytics (dashboard)
- ✅ Landing page (redirect)
- ✅ Rate limiting & Security
- ✅ Session storage (SQLite)
- ✅ Migrations & Seeders
Production Ready! 🎉