Mirrors/wrapperr
2
0
Fork 0
mirror of https://github.com/aunefyren/wrapperr synced 2024-11-10 13:44:12 +00:00
Code Issues Projects Releases Packages Wiki Activity

Basic auth login

Browse source
This commit is contained in:
aunefyren 2023-10-24 15:56:37 +02:00
parent 4338ce7977
commit 160da683ec
5 changed files with 69 additions and 30 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
config_default.json
View file

@ -116,5 +116,6 @@
"use_logs": true,
"create_share_links": true,
"plex_auth": true,
"winter_theme": true
"winter_theme": true,
"basic_auth": true
}

1
files/config.go
View file

@ -132,6 +132,7 @@ func CreateConfigFile() error {
config.CreateShareLinks = true
config.WinterTheme = true
config.BasicAuth = false
config.WrapperrCustomize.StatsTopListLength = 10
config.WrapperrCustomize.ObfuscateOtherUsers = true
config.WrapperrCustomize.StatsOrderByDuration = true

2
models/models.go
View file

@ -55,6 +55,7 @@ type WrapperrConfig struct {
WrappedEnd int `json:"wrapped_end"`
WrapperrPort int `json:"wrapperr_port"`
PlexAuth bool `json:"plex_auth"`
BasicAuth bool `json:"basic_auth"`
WinterTheme bool `json:"winter_theme"`
}
@ -212,6 +213,7 @@ type WrapperrVersion struct {
ClientKey string `json:"client_key"`
WrapperrConfigured bool `json:"wrapperr_configured"`
WinterTheme bool `json:"winter_theme"`
BasicAuth bool `json:"basic_auth"`
Message string `json:"message"`
Error bool `json:"error"`
}

42
routes/no_auth.go
View file

@ -49,6 +49,7 @@ func ApiGetWrapperrVersion(w http.ResponseWriter, r *http.Request) {
Message: "Retrieved Wrapperr version.",
Error: false,
WrapperrRoot: config.WrapperrRoot,
BasicAuth: config.BasicAuth,
}
ip_string := utilities.GetOriginIPString(w, r)
@ -217,6 +218,13 @@ func ApiLogInAdmin(w http.ResponseWriter, r *http.Request) {
return
}
config, err := files.GetConfig()
if err != nil {
log.Println("Failed to load configuration file. Error: " + err.Error())
fmt.Println("Failed to load configuration file.")
return
}
if !admin {
log.Println("Admin login failed. Admin is not configured.")
utilities.RespondDefaultError(w, r, errors.New("No admin configured."), 400)
@ -231,30 +239,48 @@ func ApiLogInAdmin(w http.ResponseWriter, r *http.Request) {
return
}
// Read payload from Post input
reqBody, _ := ioutil.ReadAll(r.Body)
var admin_payload models.AdminConfig
json.Unmarshal(reqBody, &admin_payload)
var username string
var password string
if !config.BasicAuth {
// Read payload from Post input
reqBody, _ := ioutil.ReadAll(r.Body)
var admin_payload models.AdminConfig
json.Unmarshal(reqBody, &admin_payload)
username = admin_payload.AdminUsername
password = admin_payload.AdminPassword
} else {
usernameTwo, passwordTwo, okay := r.BasicAuth()
if !okay {
w.Header().Add("WWW-Authenticate", `Basic realm="Give username and password"`)
w.WriteHeader(http.StatusUnauthorized)
w.Write([]byte(`{"message": "No basic auth present"}`))
return
}
username = usernameTwo
password = passwordTwo
}
// Confirm username length
if len(admin_payload.AdminUsername) < 4 {
if len(username) < 4 {
log.Println("Admin creation failed. Admin username requires four or more characters.")
utilities.RespondDefaultError(w, r, errors.New("Admin username is too short. Four characters or more required."), 500)
return
}
// Confirm password length
if len(admin_payload.AdminPassword) < 8 {
if len(password) < 8 {
log.Println("Admin creation failed. Admin password requires eight or more characters.")
utilities.RespondDefaultError(w, r, errors.New("Admin password is too short. Eight characters or more required."), 500)
return
}
// Hash new password
password_validity := utilities.ComparePasswords(admin_config.AdminPassword, admin_payload.AdminPassword)
password_validity := utilities.ComparePasswords(admin_config.AdminPassword, password)
// Validate admin username and password
if !password_validity || admin_config.AdminUsername != admin_payload.AdminUsername {
if !password_validity || admin_config.AdminUsername != username {
ip_string := utilities.GetOriginIPString(w, r)
log.Println("Admin login failed. Incorrect admin username or password." + ip_string)
fmt.Println("Admin login failed. Incorrect admin username or password." + ip_string)

51
web/js/admin.js
View file

@ -3,21 +3,26 @@ function topFunction() {
document.documentElement.scrollTop = 0; // For Chrome, Firefox, IE and Opera
}
function login_menu() {
function login_menu(basic_auth) {
topFunction();
var html = '<h2>Admin Login</h2>';
html += '<form id="password_login_form" onsubmit="log_in();return false">'
html += '<form id="password_login_form" onsubmit="log_in(' + basic_auth + ');return false">'
html += '<div class="form-group newline">';
html += '<label for="username" title="The username chosen during first-time setup.">Username:</label>';
html += '<input type="text" class="form-control" id="username" value="" placeholder="" minlength=4 autocomplete="on" required />';
html += '</div>';
html += '<div class="form-group newline">';
html += '<label for="password" title="The password chosen during first-time setup.">Password:</label>';
html += '<input type="password" class="form-control" id="password" value="" autocomplete="off" required />';
html += '</div>';
if(!basic_auth) {
html += '<div class="form-group newline">';
html += '<label for="username" title="The username chosen during first-time setup.">Username:</label>';
html += '<input type="text" class="form-control" id="username" value="" placeholder="" minlength=4 autocomplete="on" required />';
html += '</div>';
html += '<div class="form-group newline">';
html += '<label for="password" title="The password chosen during first-time setup.">Password:</label>';
html += '<input type="password" class="form-control" id="password" value="" autocomplete="off" required />';
html += '</div>';
}
html += '<div class="form-group newline">';
html += '<div id="password_login_form_error"></div>';
@ -31,19 +36,23 @@ function login_menu() {
document.getElementById("setup").innerHTML = html;
}
function log_in() {
function log_in(basic_auth) {
// Disable button
document.getElementById("log_in_button").disabled = true;
document.getElementById("log_in_button").style.opacity = '0.5';
// Get variables
password = document.getElementById('password').value;
username = document.getElementById('username').value;
if(!basic_auth) {
password = document.getElementById('password').value;
username = document.getElementById('username').value;
admin_login_form = {"admin_password" : password, "admin_username" : username};
admin_login_form = {"admin_password" : password, "admin_username" : username};
var admin_login_data = JSON.stringify(admin_login_form);
var admin_login_data = JSON.stringify(admin_login_form);
} else {
var admin_login_data = ""
}
var xhttp = new XMLHttpRequest();
xhttp.onreadystatechange = function() {
@ -2451,7 +2460,7 @@ function get_wrapper_version() {
console.log("URL: " + api_url)
}
get_admin_state();
get_admin_state(result.basic_auth);
}
} else if(this.readyState == 4 && this.status !== 200) {
@ -2478,7 +2487,7 @@ function get_wrapper_version() {
}
// Get admin configuration state
function get_admin_state() {
function get_admin_state(basic_auth) {
var xhttp = new XMLHttpRequest();
xhttp.onreadystatechange = function() {
if (this.readyState == 4) {
@ -2499,9 +2508,9 @@ function get_admin_state() {
cookie = get_cookie('wrapperr-admin');
if(cookie) {
validate_cookie_admin(cookie);
validate_cookie_admin(cookie, basic_auth);
} else {
login_menu();
login_menu(basic_auth);
}
}
@ -2514,7 +2523,7 @@ function get_admin_state() {
}
// Validate admin login
function validate_cookie_admin(cookie) {
function validate_cookie_admin(cookie, basic_auth) {
var xhttp = new XMLHttpRequest();
xhttp.onreadystatechange = function() {
if (this.readyState == 4) {
@ -2527,7 +2536,7 @@ function validate_cookie_admin(cookie) {
if(result.error) {
set_cookie("wrapperr-admin", "", 1);
login_menu();
login_menu(basic_auth);
document.getElementById("password_login_form_error").innerHTML = result.message;
} else {
get_config(get_cookie('wrapperr-admin'));