salvacybersec/balikci
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
0e5dffb7fcb05713e872a5307d95cda67212e7a2
balikci/backend/README.md
salvacybersec 0e5dffb7fc fix: CORS configuration and update all README files 
- Fixed dotenv path in app.js to properly load .env from backend root
- Updated CORS to allow http://localhost:5173 (frontend URL)
- Updated README.md with accurate project statistics (58 files, 6677+ lines)
- Updated backend/README.md - marked as Production Ready
- Updated frontend/README.md with complete feature list
- All systems tested and working (backend + frontend)
2025-11-10 17:09:35 +03:00

172 lines
4.3 KiB
Markdown
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

# Oltalama Backend API
Phishing test yönetim sistemi backend API'si.
## ✨ Özellikler
**Authentication** - Session-based login/logout
**Company Management** - Şirket CRUD & istatistikler
**Token Management** - Tracking token oluşturma & mail gönderimi
**Tracking** - IP, GeoIP, User-Agent tracking
**Telegram** - Gerçek zamanlı bildirimler
**Mail** - Gmail entegrasyonu (Nodemailer)
**Templates** - HTML mail şablonları (Handlebars)
**Stats** - Dashboard ve detaylı istatistikler
## 🚀 Kurulum
```bash
npm install
cp .env.example .env
# .env dosyasını düzenle
npm run db:migrate
npm run db:seed
npm run dev
```
## 📡 API Endpoints
### Authentication
```
POST /api/auth/login - Giriş
POST /api/auth/logout - Çıkış
GET /api/auth/check - Session kontrolü
GET /api/auth/me - Kullanıcı bilgisi
```
### Companies
```
GET /api/companies - Tüm şirketler
POST /api/companies - Yeni şirket
GET /api/companies/:id - Şirket detay
PUT /api/companies/:id - Şirket güncelle
DELETE /api/companies/:id - Şirket sil
GET /api/companies/:id/tokens - Şirket tokenları
GET /api/companies/:id/stats - Şirket istatistikleri
```
### Tokens
```
GET /api/tokens - Tüm tokenlar
POST /api/tokens/create - Token oluştur
POST /api/tokens/create-and-send - Token oluştur + mail gönder
GET /api/tokens/:id - Token detay
PUT /api/tokens/:id - Token güncelle
DELETE /api/tokens/:id - Token sil
POST /api/tokens/:id/send - Mail gönder
GET /api/tokens/:id/clicks - Tıklama geçmişi
```
### Tracking (Public)
```
GET /t/:token - Tracking endpoint (IP, GeoIP, Telegram)
```
### Templates
```
GET /api/templates - Tüm şablonlar
GET /api/templates/:type - Şablon detay
POST /api/templates/preview - Önizleme
```
### Settings
```
GET /api/settings - Tüm ayarlar
PUT /api/settings/gmail - Gmail ayarları
PUT /api/settings/telegram - Telegram ayarları
POST /api/settings/test-gmail - Gmail testi
POST /api/settings/test-telegram - Telegram testi
```
### Stats
```
GET /api/stats/dashboard - Dashboard özet
GET /api/stats/recent-clicks - Son tıklamalar
GET /api/stats/by-company - Şirket bazlı stats
```
## 🔐 Default Credentials
```
Username: admin
Password: admin123
```
## 📊 Database
SQLite database: `database/oltalama.db`
**Tablolar:**
- companies (3 örnek şirket)
- tracking_tokens
- click_logs
- mail_templates (2 şablon)
- settings
- admin_user
## 🧪 Test
```bash
# Health check
curl http://localhost:3000/health
# Login
curl -X POST http://localhost:3000/api/auth/login \
-H "Content-Type: application/json" \
-d '{"username":"admin","password":"admin123"}'
```
## 📝 Environment Variables
```env
PORT=3000
BASE_URL=http://localhost:3000
SESSION_SECRET=your-secret-key
# Gmail
GMAIL_USER=your-email@gmail.com
GMAIL_APP_PASSWORD=your-app-password
GMAIL_FROM_NAME=Güvenlik Ekibi
# Telegram
TELEGRAM_BOT_TOKEN=your-bot-token
TELEGRAM_CHAT_ID=your-chat-id
```
## 🏗️ Yapı
```
src/
├── config/ - Database, Logger, Session
├── controllers/ - Route handlers (auth, company, token, tracking, etc.)
├── middlewares/ - Auth, error handler, rate limiter
├── models/ - Sequelize models
├── routes/ - API routes
├── services/ - Business logic (mail, telegram, token)
├── utils/ - Helpers (geoip, user-agent parser, token generator)
├── validators/ - Joi schemas
├── public/ - Static files (landing page)
└── app.js - Express app
```
## ✅ Durum
**Tamamlanan:**
- ✅ Authentication sistem (session-based)
- ✅ Company yönetimi (CRUD + stats)
- ✅ Token yönetimi (CRUD + mail)
- ✅ Tracking endpoint (IP, GeoIP, User-Agent)
- ✅ Telegram bildirimleri (real-time)
- ✅ Mail gönderimi (Gmail + Handlebars)
- ✅ GeoIP tracking (geoip-lite)
- ✅ User-Agent parsing
- ✅ Stats & Analytics (dashboard)
- ✅ Landing page (redirect)
- ✅ Rate limiting & Security
- ✅ Session storage (SQLite)
- ✅ Migrations & Seeders
**Production Ready!** 🎉
Reference in New Issue View Git Blame Copy Permalink