pkg/web/routes.go

// Fail2ban UI - A Swiss made, management interface for Fail2ban.
//
// Copyright (C) 2026 Swissmakers GmbH (https://swissmakers.ch)
//
// Licensed under the GNU General Public License, Version 3 (GPL-3.0)
// You may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
//     https://www.gnu.org/licenses/gpl-3.0.en.html
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.

package web

import (
	"github.com/gin-gonic/gin"
)

// =========================================================================
//  Route Registration
// =========================================================================

func RegisterRoutes(r *gin.Engine, hub *Hub) {
	SetWebSocketHub(hub)

	// Public routes; do not require authentication
	authRoutes := r.Group("/auth")
	{
		authRoutes.GET("/login", LoginHandler)
		authRoutes.GET("/callback", CallbackHandler)
		authRoutes.GET("/logout", LogoutHandler)
		authRoutes.GET("/status", AuthStatusHandler)
		authRoutes.GET("/user", UserInfoHandler)
	}

	// Initialize authentication middleware; all routes below here require authentication
	r.Use(AuthMiddleware())

	// Default currently "/" renders the dashboard -> TODO: To run f2b-UI on a different (sub)-path, we need to prefix that.
	r.GET("/", renderIndexPage)

	// API routes group
	api := r.Group("/api")
	{
		// Internal call from frontend to the Fail2ban-UI backend to get the summary of the servers (banned IPs per active jail)
		api.GET("/summary", SummaryHandler)

		// External API calls from Fail2ban servers that notify Fail2Ban-UI backend about ban/unban events that where triggered.
		api.POST("/ban", BanNotificationHandler)
		api.POST("/unban", UnbanNotificationHandler)

		// Internal API calls from frontend (e.g. manual actions) to backend to execute Ban / Unban
		api.POST("/jails/:jail/unban/:ip", UnbanIPHandler)
		api.POST("/jails/:jail/ban/:ip", BanIPHandler)

		// Internal API calls for jail-filter management (TODO: rename API-call)
		api.GET("/jails/:jail/config", GetJailFilterConfigHandler)
		api.POST("/jails/:jail/config", SetJailFilterConfigHandler)
		api.POST("/jails/:jail/logpath/test", TestLogpathHandler)
		api.GET("/jails/manage", ManageJailsHandler)
		api.POST("/jails/manage", UpdateJailManagementHandler)
		api.POST("/jails", CreateJailHandler)
		api.DELETE("/jails/:jail", DeleteJailHandler)

		// Internal API calls for filter management
		api.GET("/filters", ListFiltersHandler)
		api.GET("/filters/:filter/content", GetFilterContentHandler)
		api.POST("/filters/test", TestFilterHandler)
		api.POST("/filters", CreateFilterHandler)
		api.DELETE("/filters/:filter", DeleteFilterHandler)

		// Internal API calls for Fail2ban-UI settings
		api.GET("/settings", GetSettingsHandler)
		api.POST("/settings", UpdateSettingsHandler)
		api.POST("/settings/test-email", TestEmailHandler)

		// Internal API calls for advanced actions
		api.GET("/advanced-actions/blocks", ListPermanentBlocksHandler)
		api.DELETE("/advanced-actions/blocks", ClearPermanentBlocksHandler)
		api.POST("/advanced-actions/test", AdvancedActionsTestHandler)

		// Internal API calls for Fail2ban-UI server management
		api.GET("/servers", ListServersHandler)
		api.POST("/servers", UpsertServerHandler)
		api.DELETE("/servers/:id", DeleteServerHandler)
		api.POST("/servers/:id/default", SetDefaultServerHandler)
		api.GET("/ssh/keys", ListSSHKeysHandler)
		api.POST("/servers/:id/test", TestServerHandler)

		// Internal API to restart Fail2ban
		api.POST("/fail2ban/restart", RestartFail2banHandler)

		// Internal API calls to get the stats of the bans
		api.GET("/events/bans", ListBanEventsHandler)
		api.DELETE("/events/bans", ClearBanEventsHandler)
		api.GET("/events/bans/stats", BanStatisticsHandler)
		api.GET("/events/bans/insights", BanInsightsHandler)

		// WebSocket endpoint
		api.GET("/ws", WebSocketHandler(hub))

		// Internal & external API to get the version of the Fail2ban-UI and check for updates
		api.GET("/version", GetVersionHandler)
	}
}
Update file-headers and add a testing geoip_notify script 2025-01-29 19:49:51 +01:00			`// Fail2ban UI - A Swiss made, management interface for Fail2ban.`
			`//`
Fix console logger file and reorder routes, add comments for interlnal/external APIs 2026-02-15 20:55:52 +01:00			`// Copyright (C) 2026 Swissmakers GmbH (https://swissmakers.ch)`
Update file-headers and add a testing geoip_notify script 2025-01-29 19:49:51 +01:00			`//`
			`// Licensed under the GNU General Public License, Version 3 (GPL-3.0)`
			`// You may not use this file except in compliance with the License.`
			`// You may obtain a copy of the License at`
			`//`
			`// https://www.gnu.org/licenses/gpl-3.0.en.html`
			`//`
			`// Unless required by applicable law or agreed to in writing, software`
			`// distributed under the License is distributed on an "AS IS" BASIS,`
			`// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.`
			`// See the License for the specific language governing permissions and`
			`// limitations under the License.`

initial push 2025-01-25 16:21:14 +01:00			`package web`

			`import (`
			`"github.com/gin-gonic/gin"`
			`)`

Fix console logger file and reorder routes, add comments for interlnal/external APIs 2026-02-15 20:55:52 +01:00			`// =========================================================================`
			`// Route Registration`
			`// =========================================================================`

Implementing WebSocked Support for immediately ban-messages 2025-12-15 20:12:41 +01:00			`func RegisterRoutes(r gin.Engine, hub Hub) {`
			`SetWebSocketHub(hub)`
Prepare for a multi-language implementation 2025-02-06 21:41:54 +01:00
Fix console logger file and reorder routes, add comments for interlnal/external APIs 2026-02-15 20:55:52 +01:00			`// Public routes; do not require authentication`
Add optional OIDC authentication with Keycloak, Authentik, and Pocket-ID support 2026-01-19 22:09:54 +01:00			`authRoutes := r.Group("/auth")`
			`{`
			`authRoutes.GET("/login", LoginHandler)`
			`authRoutes.GET("/callback", CallbackHandler)`
			`authRoutes.GET("/logout", LogoutHandler)`
			`authRoutes.GET("/status", AuthStatusHandler)`
			`authRoutes.GET("/user", UserInfoHandler)`
			`}`

Fix console logger file and reorder routes, add comments for interlnal/external APIs 2026-02-15 20:55:52 +01:00			`// Initialize authentication middleware; all routes below here require authentication`
Add optional OIDC authentication with Keycloak, Authentik, and Pocket-ID support 2026-01-19 22:09:54 +01:00			`r.Use(AuthMiddleware())`

Fix console logger file and reorder routes, add comments for interlnal/external APIs 2026-02-15 20:55:52 +01:00			`// Default currently "/" renders the dashboard -> TODO: To run f2b-UI on a different (sub)-path, we need to prefix that.`
Add optional OIDC authentication with Keycloak, Authentik, and Pocket-ID support 2026-01-19 22:09:54 +01:00			`r.GET("/", renderIndexPage)`
initial push 2025-01-25 16:21:14 +01:00
Fix console logger file and reorder routes, add comments for interlnal/external APIs 2026-02-15 20:55:52 +01:00			`// API routes group`
Adding first needed config update functions for later implementation 2025-01-26 20:05:07 +01:00			`api := r.Group("/api")`
			`{`
Fix console logger file and reorder routes, add comments for interlnal/external APIs 2026-02-15 20:55:52 +01:00			`// Internal call from frontend to the Fail2ban-UI backend to get the summary of the servers (banned IPs per active jail)`
Adding first needed config update functions for later implementation 2025-01-26 20:05:07 +01:00			`api.GET("/summary", SummaryHandler)`
Fix console logger file and reorder routes, add comments for interlnal/external APIs 2026-02-15 20:55:52 +01:00
			`// External API calls from Fail2ban servers that notify Fail2Ban-UI backend about ban/unban events that where triggered.`
			`api.POST("/ban", BanNotificationHandler)`
			`api.POST("/unban", UnbanNotificationHandler)`

			`// Internal API calls from frontend (e.g. manual actions) to backend to execute Ban / Unban`
Adding first needed config update functions for later implementation 2025-01-26 20:05:07 +01:00			`api.POST("/jails/:jail/unban/:ip", UnbanIPHandler)`
Added manual block section and BanIP method to for all connectors, like the UnbanIP functionallity 2026-01-07 16:14:48 +01:00			`api.POST("/jails/:jail/ban/:ip", BanIPHandler)`
initial push 2025-01-25 16:21:14 +01:00
Fix console logger file and reorder routes, add comments for interlnal/external APIs 2026-02-15 20:55:52 +01:00			`// Internal API calls for jail-filter management (TODO: rename API-call)`
Adding first needed config update functions for later implementation 2025-01-26 20:05:07 +01:00			`api.GET("/jails/:jail/config", GetJailFilterConfigHandler)`
			`api.POST("/jails/:jail/config", SetJailFilterConfigHandler)`
Refactor jail.local and jail.d management 2025-12-03 20:43:44 +01:00			`api.POST("/jails/:jail/logpath/test", TestLogpathHandler)`
Implement basic jail management (turn off and on) and fix some old stuff 2025-02-26 16:55:21 +01:00			`api.GET("/jails/manage", ManageJailsHandler)`
			`api.POST("/jails/manage", UpdateJailManagementHandler)`
Fix loading wrong filter problem, implement creation and deletion of filters and jails, fix some css mismatches, update the handlers and routes 2025-12-30 01:10:49 +01:00			`api.POST("/jails", CreateJailHandler)`
			`api.DELETE("/jails/:jail", DeleteJailHandler)`
Implement basic jail management (turn off and on) and fix some old stuff 2025-02-26 16:55:21 +01:00
Fix console logger file and reorder routes, add comments for interlnal/external APIs 2026-02-15 20:55:52 +01:00			`// Internal API calls for filter management`
			`api.GET("/filters", ListFiltersHandler)`
			`api.GET("/filters/:filter/content", GetFilterContentHandler)`
			`api.POST("/filters/test", TestFilterHandler)`
			`api.POST("/filters", CreateFilterHandler)`
			`api.DELETE("/filters/:filter", DeleteFilterHandler)`
Implement version check on load, if the footer has data-update-check=true,it fetches /api/version and sets the version badge. No request is made when update check is disabled. 2026-02-02 20:46:55 +01:00
Fix console logger file and reorder routes, add comments for interlnal/external APIs 2026-02-15 20:55:52 +01:00			`// Internal API calls for Fail2ban-UI settings`
Add planned routes for next release features 2025-01-25 21:18:29 +01:00			`api.GET("/settings", GetSettingsHandler)`
			`api.POST("/settings", UpdateSettingsHandler)`
Implement mail functioning / handling and sending from golang via API 2025-01-30 11:00:14 +01:00			`api.POST("/settings/test-email", TestEmailHandler)`
Fix console logger file and reorder routes, add comments for interlnal/external APIs 2026-02-15 20:55:52 +01:00
			`// Internal API calls for advanced actions`
First steps to implement a advanced-actions function to block recurring offenders before fail2ban 2025-11-18 15:02:50 +01:00			`api.GET("/advanced-actions/blocks", ListPermanentBlocksHandler)`
Added new clear function-calls for the recent-stored-events and as well the permanent-block list 2026-02-21 17:23:33 +01:00			`api.DELETE("/advanced-actions/blocks", ClearPermanentBlocksHandler)`
First steps to implement a advanced-actions function to block recurring offenders before fail2ban 2025-11-18 15:02:50 +01:00			`api.POST("/advanced-actions/test", AdvancedActionsTestHandler)`
Adding first needed config update functions for later implementation 2025-01-26 20:05:07 +01:00
Fix console logger file and reorder routes, add comments for interlnal/external APIs 2026-02-15 20:55:52 +01:00			`// Internal API calls for Fail2ban-UI server management`
Refactor the whole backend to support remote-fail2ban machines over ssh or over a agent-api(needs to be build) 2025-11-12 15:52:34 +01:00			`api.GET("/servers", ListServersHandler)`
			`api.POST("/servers", UpsertServerHandler)`
			`api.DELETE("/servers/:id", DeleteServerHandler)`
			`api.POST("/servers/:id/default", SetDefaultServerHandler)`
			`api.GET("/ssh/keys", ListSSHKeysHandler)`
			`api.POST("/servers/:id/test", TestServerHandler)`

Fix console logger file and reorder routes, add comments for interlnal/external APIs 2026-02-15 20:55:52 +01:00			`// Internal API to restart Fail2ban`
rework the reload function. we must change that to restart, because fail2ban does not apply all changes on reload only 2025-02-26 17:44:13 +01:00			`api.POST("/fail2ban/restart", RestartFail2banHandler)`
Implement basic ban-API call back to Go-application for handling 2025-01-29 23:48:06 +01:00
Fix console logger file and reorder routes, add comments for interlnal/external APIs 2026-02-15 20:55:52 +01:00			`// Internal API calls to get the stats of the bans`
Refactor the whole backend to support remote-fail2ban machines over ssh or over a agent-api(needs to be build) 2025-11-12 15:52:34 +01:00			`api.GET("/events/bans", ListBanEventsHandler)`
Added new clear function-calls for the recent-stored-events and as well the permanent-block list 2026-02-21 17:23:33 +01:00			`api.DELETE("/events/bans", ClearBanEventsHandler)`
Refactor the whole backend to support remote-fail2ban machines over ssh or over a agent-api(needs to be build) 2025-11-12 15:52:34 +01:00			`api.GET("/events/bans/stats", BanStatisticsHandler)`
Implement filtering for ban event-history, simple aggregation and insights 2025-11-17 13:29:50 +01:00			`api.GET("/events/bans/insights", BanInsightsHandler)`
Implementing WebSocked Support for immediately ban-messages 2025-12-15 20:12:41 +01:00
			`// WebSocket endpoint`
			`api.GET("/ws", WebSocketHandler(hub))`
Fix console logger file and reorder routes, add comments for interlnal/external APIs 2026-02-15 20:55:52 +01:00
			`// Internal & external API to get the version of the Fail2ban-UI and check for updates`
			`api.GET("/version", GetVersionHandler)`
Adding first needed config update functions for later implementation 2025-01-26 20:05:07 +01:00			`}`
initial push 2025-01-25 16:21:14 +01:00			`}`