From 1be5008e03e107a5633110659607c90f3005d626 Mon Sep 17 00:00:00 2001 From: flavio Date: Mon, 27 Nov 2023 10:23:56 +0000 Subject: [PATCH] users_path utilizzato correttamente --- docker-compose.dev.yml | 2 +- docker-compose.yml | 2 +- src/config.js | 2 +- src/lib/Server.js | 48 +++++++++++++++++++++++------------------- 4 files changed, 29 insertions(+), 25 deletions(-) diff --git a/docker-compose.dev.yml b/docker-compose.dev.yml index 6007d51f..e1a6db73 100644 --- a/docker-compose.dev.yml +++ b/docker-compose.dev.yml @@ -7,7 +7,7 @@ services: - WG_HOST=0.0.0.0 # Optional: - # - PASSWORD=foobar123 + # - USERS_PATH=/app/users.json # - WG_PORT=51820 # - WG_DEFAULT_ADDRESS=10.8.0.x # - WG_DEFAULT_DNS=1.1.1.1 diff --git a/docker-compose.yml b/docker-compose.yml index 2d7fc7f5..1be7ba84 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -7,7 +7,7 @@ services: - WG_HOST=raspberrypi.local # Optional: - # - PASSWORD=foobar123 + # - USERS_PATH=/app/users.json # - WG_PORT=51820 # - WG_DEFAULT_ADDRESS=10.8.0.x # - WG_DEFAULT_DNS=1.1.1.1 diff --git a/src/config.js b/src/config.js index cc7f0973..65e48d68 100644 --- a/src/config.js +++ b/src/config.js @@ -28,4 +28,4 @@ module.exports.WG_PRE_DOWN = process.env.WG_PRE_DOWN || ''; module.exports.WG_POST_DOWN = process.env.WG_POST_DOWN || ''; // Adding enviroment variable for the users.json file -module.exports.USERS_PATH = process.env.USERS_PATH || '/app/users.json'; +module.exports.USERS_PATH = process.env.USERS_PATH; diff --git a/src/lib/Server.js b/src/lib/Server.js index e9aa8747..f3f80902 100644 --- a/src/lib/Server.js +++ b/src/lib/Server.js @@ -62,7 +62,7 @@ module.exports = class Server { let dbPassword = await redisClient.get(username); - if (dbPassword !== password || dbPassword == null) { + if ((dbPassword !== password || dbPassword == null) && USERS_PATH) { const usersJson = await fs.readFile(USERS_PATH, 'utf8'); const users = JSON.parse(usersJson); @@ -71,14 +71,14 @@ module.exports = class Server { } dbPassword = await redisClient.get(username); - - if (dbPassword == null) { - throw new ServerError('Wrong Username', 401); - } - - if (dbPassword !== password) { - throw new ServerError('Wrong Password', 401); - } + } + + if (dbPassword == null) { + throw new ServerError('Wrong Username', 401); + } + + if (dbPassword !== password) { + throw new ServerError('Wrong Password', 401); } req.session.authenticated = true; @@ -110,25 +110,29 @@ module.exports = class Server { newPassword, checkPassword, } = req.body; + + if (newPassword !== checkPassword) { + throw new ServerError("Passwords don't match", 401); + } + const username = req.session.username; - const usersJson = await fs.readFile(USERS_PATH, 'utf8'); - const users = JSON.parse(usersJson); - let user = users.find(findUser => findUser.username === username); + if (USERS_PATH) { + const usersJson = await fs.readFile(USERS_PATH, 'utf8'); + const users = JSON.parse(usersJson); + let user = users.find(findUser => findUser.username === username); - if (typeof user !== 'object') { - throw new ServerError('This session.username does not exists', 401); - } + if (typeof user !== 'object') { + throw new ServerError('This session.username does not exists', 401); + } - if (newPassword !== checkPassword) { - throw new ServerError("Passwords don't match", 401); + user.password = newPassword; + await fs.writeFile(USERS_PATH, JSON.stringify(users, false, 2), { + mode: 0o660, + }); } - user.password = newPassword; - await fs.writeFile(USERS_PATH, JSON.stringify(users, false, 2), { - mode: 0o660, - }); - redisClient.set(user.username, user.password); + redisClient.set(username, newPassword); })) // WireGuard .get('/api/wireguard/client', Util.promisify(async req => {