Browse Source

users_path utilizzato correttamente

pull/665/head
flavio 3 years ago
parent
commit
1be5008e03
  1. 2
      docker-compose.dev.yml
  2. 2
      docker-compose.yml
  3. 2
      src/config.js
  4. 48
      src/lib/Server.js

2
docker-compose.dev.yml

@ -7,7 +7,7 @@ services:
- WG_HOST=0.0.0.0
# Optional:
# - PASSWORD=foobar123
# - USERS_PATH=/app/users.json
# - WG_PORT=51820
# - WG_DEFAULT_ADDRESS=10.8.0.x
# - WG_DEFAULT_DNS=1.1.1.1

2
docker-compose.yml

@ -7,7 +7,7 @@ services:
- WG_HOST=raspberrypi.local
# Optional:
# - PASSWORD=foobar123
# - USERS_PATH=/app/users.json
# - WG_PORT=51820
# - WG_DEFAULT_ADDRESS=10.8.0.x
# - WG_DEFAULT_DNS=1.1.1.1

2
src/config.js

@ -28,4 +28,4 @@ module.exports.WG_PRE_DOWN = process.env.WG_PRE_DOWN || '';
module.exports.WG_POST_DOWN = process.env.WG_POST_DOWN || '';
// Adding enviroment variable for the users.json file
module.exports.USERS_PATH = process.env.USERS_PATH || '/app/users.json';
module.exports.USERS_PATH = process.env.USERS_PATH;

48
src/lib/Server.js

@ -62,7 +62,7 @@ module.exports = class Server {
let dbPassword = await redisClient.get(username);
if (dbPassword !== password || dbPassword == null) {
if ((dbPassword !== password || dbPassword == null) && USERS_PATH) {
const usersJson = await fs.readFile(USERS_PATH, 'utf8');
const users = JSON.parse(usersJson);
@ -71,14 +71,14 @@ module.exports = class Server {
}
dbPassword = await redisClient.get(username);
if (dbPassword == null) {
throw new ServerError('Wrong Username', 401);
}
if (dbPassword !== password) {
throw new ServerError('Wrong Password', 401);
}
}
if (dbPassword == null) {
throw new ServerError('Wrong Username', 401);
}
if (dbPassword !== password) {
throw new ServerError('Wrong Password', 401);
}
req.session.authenticated = true;
@ -110,25 +110,29 @@ module.exports = class Server {
newPassword,
checkPassword,
} = req.body;
if (newPassword !== checkPassword) {
throw new ServerError("Passwords don't match", 401);
}
const username = req.session.username;
const usersJson = await fs.readFile(USERS_PATH, 'utf8');
const users = JSON.parse(usersJson);
let user = users.find(findUser => findUser.username === username);
if (USERS_PATH) {
const usersJson = await fs.readFile(USERS_PATH, 'utf8');
const users = JSON.parse(usersJson);
let user = users.find(findUser => findUser.username === username);
if (typeof user !== 'object') {
throw new ServerError('This session.username does not exists', 401);
}
if (typeof user !== 'object') {
throw new ServerError('This session.username does not exists', 401);
}
if (newPassword !== checkPassword) {
throw new ServerError("Passwords don't match", 401);
user.password = newPassword;
await fs.writeFile(USERS_PATH, JSON.stringify(users, false, 2), {
mode: 0o660,
});
}
user.password = newPassword;
await fs.writeFile(USERS_PATH, JSON.stringify(users, false, 2), {
mode: 0o660,
});
redisClient.set(user.username, user.password);
redisClient.set(username, newPassword);
}))
// WireGuard
.get('/api/wireguard/client', Util.promisify(async req => {

Loading…
Cancel
Save