forked from mirrors/amnezia-wg-easy
Merge remote-tracking branch 'upstream/master' into add-custom-port-and-interface
This commit is contained in:
Comet1903
commit
52fa781f13
31 changed files with 3739 additions and 676 deletions
|
|
@ -1,6 +1,8 @@
|
|||
'use strict';
|
||||
|
||||
const path = require('path');
|
||||
const bcrypt = require('bcryptjs');
|
||||
const crypto = require('node:crypto');
|
||||
|
||||
const express = require('express');
|
||||
const expressSession = require('express-session');
|
||||
|
|
@ -12,6 +14,7 @@ const WireGuard = require('../services/WireGuard');
|
|||
|
||||
const {
|
||||
PORT,
|
||||
WEBUI_HOST,
|
||||
RELEASE,
|
||||
PASSWORD,
|
||||
} = require('../config');
|
||||
|
|
@ -25,17 +28,20 @@ module.exports = class Server {
|
|||
.use('/', express.static(path.join(__dirname, '..', 'www')))
|
||||
.use(express.json())
|
||||
.use(expressSession({
|
||||
secret: String(Math.random()),
|
||||
secret: crypto.randomBytes(256).toString('hex'),
|
||||
resave: true,
|
||||
saveUninitialized: true,
|
||||
cookie: {
|
||||
httpOnly: true,
|
||||
},
|
||||
}))
|
||||
|
||||
.get('/api/release', (Util.promisify(async () => {
|
||||
return RELEASE;
|
||||
})))
|
||||
|
||||
// Authentication
|
||||
.get('/api/session', Util.promisify(async req => {
|
||||
// Authentication
|
||||
.get('/api/session', Util.promisify(async (req) => {
|
||||
const requiresPassword = !!process.env.PASSWORD;
|
||||
const authenticated = requiresPassword
|
||||
? !!(req.session && req.session.authenticated)
|
||||
|
|
@ -46,7 +52,7 @@ module.exports = class Server {
|
|||
authenticated,
|
||||
};
|
||||
}))
|
||||
.post('/api/session', Util.promisify(async req => {
|
||||
.post('/api/session', Util.promisify(async (req) => {
|
||||
const {
|
||||
password,
|
||||
} = req.body;
|
||||
|
|
@ -65,7 +71,7 @@ module.exports = class Server {
|
|||
debug(`New Session: ${req.session.id}`);
|
||||
}))
|
||||
|
||||
// WireGuard
|
||||
// WireGuard
|
||||
.use((req, res, next) => {
|
||||
if (!PASSWORD) {
|
||||
return next();
|
||||
|
|
@ -75,18 +81,34 @@ module.exports = class Server {
|
|||
return next();
|
||||
}
|
||||
|
||||
if (req.path.startsWith('/api/') && req.headers['authorization']) {
|
||||
const authorizationHash = bcrypt.createHash('bcrypt')
|
||||
.update(req.headers['authorization'])
|
||||
.digest('hex');
|
||||
const passwordHash = bcrypt.createHash('bcrypt')
|
||||
.update(PASSWORD)
|
||||
.digest('hex');
|
||||
if (bcrypt.timingSafeEqual(Buffer.from(authorizationHash), Buffer.from(passwordHash))) {
|
||||
return next();
|
||||
}
|
||||
|
||||
return res.status(401).json({
|
||||
error: 'Incorrect Password',
|
||||
});
|
||||
}
|
||||
|
||||
return res.status(401).json({
|
||||
error: 'Not Logged In',
|
||||
});
|
||||
})
|
||||
.delete('/api/session', Util.promisify(async req => {
|
||||
.delete('/api/session', Util.promisify(async (req) => {
|
||||
const sessionId = req.session.id;
|
||||
|
||||
req.session.destroy();
|
||||
|
||||
debug(`Deleted Session: ${sessionId}`);
|
||||
}))
|
||||
.get('/api/wireguard/client', Util.promisify(async req => {
|
||||
.get('/api/wireguard/client', Util.promisify(async (req) => {
|
||||
return WireGuard.getClients();
|
||||
}))
|
||||
.get('/api/wireguard/client/:clientId/qrcode.svg', Util.promisify(async (req, res) => {
|
||||
|
|
@ -108,35 +130,47 @@ module.exports = class Server {
|
|||
res.header('Content-Type', 'text/plain');
|
||||
res.send(config);
|
||||
}))
|
||||
.post('/api/wireguard/client', Util.promisify(async req => {
|
||||
.post('/api/wireguard/client', Util.promisify(async (req) => {
|
||||
const { name } = req.body;
|
||||
return WireGuard.createClient({ name });
|
||||
}))
|
||||
.delete('/api/wireguard/client/:clientId', Util.promisify(async req => {
|
||||
.delete('/api/wireguard/client/:clientId', Util.promisify(async (req) => {
|
||||
const { clientId } = req.params;
|
||||
return WireGuard.deleteClient({ clientId });
|
||||
}))
|
||||
.post('/api/wireguard/client/:clientId/enable', Util.promisify(async req => {
|
||||
.post('/api/wireguard/client/:clientId/enable', Util.promisify(async (req, res) => {
|
||||
const { clientId } = req.params;
|
||||
if (clientId === '__proto__' || clientId === 'constructor' || clientId === 'prototype') {
|
||||
res.end(403);
|
||||
}
|
||||
return WireGuard.enableClient({ clientId });
|
||||
}))
|
||||
.post('/api/wireguard/client/:clientId/disable', Util.promisify(async req => {
|
||||
.post('/api/wireguard/client/:clientId/disable', Util.promisify(async (req, res) => {
|
||||
const { clientId } = req.params;
|
||||
if (clientId === '__proto__' || clientId === 'constructor' || clientId === 'prototype') {
|
||||
res.end(403);
|
||||
}
|
||||
return WireGuard.disableClient({ clientId });
|
||||
}))
|
||||
.put('/api/wireguard/client/:clientId/name', Util.promisify(async req => {
|
||||
.put('/api/wireguard/client/:clientId/name', Util.promisify(async (req, res) => {
|
||||
const { clientId } = req.params;
|
||||
if (clientId === '__proto__' || clientId === 'constructor' || clientId === 'prototype') {
|
||||
res.end(403);
|
||||
}
|
||||
const { name } = req.body;
|
||||
return WireGuard.updateClientName({ clientId, name });
|
||||
}))
|
||||
.put('/api/wireguard/client/:clientId/address', Util.promisify(async req => {
|
||||
.put('/api/wireguard/client/:clientId/address', Util.promisify(async (req, res) => {
|
||||
const { clientId } = req.params;
|
||||
if (clientId === '__proto__' || clientId === 'constructor' || clientId === 'prototype') {
|
||||
res.end(403);
|
||||
}
|
||||
const { address } = req.body;
|
||||
return WireGuard.updateClientAddress({ clientId, address });
|
||||
}))
|
||||
|
||||
.listen(PORT, () => {
|
||||
debug(`Listening on http://0.0.0.0:${PORT}`);
|
||||
.listen(PORT, WEBUI_HOST, () => {
|
||||
debug(`Listening on http://${WEBUI_HOST}:${PORT}`);
|
||||
});
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -21,7 +21,7 @@ module.exports = class Util {
|
|||
// eslint-disable-next-line func-names
|
||||
return function(req, res) {
|
||||
Promise.resolve().then(async () => fn(req, res))
|
||||
.then(result => {
|
||||
.then((result) => {
|
||||
if (res.headersSent) return;
|
||||
|
||||
if (typeof result === 'undefined') {
|
||||
|
|
@ -34,7 +34,7 @@ module.exports = class Util {
|
|||
.status(200)
|
||||
.json(result);
|
||||
})
|
||||
.catch(error => {
|
||||
.catch((error) => {
|
||||
if (typeof error === 'string') {
|
||||
error = new Error(error);
|
||||
}
|
||||
|
|
|
|||
|
|
@ -157,7 +157,7 @@ AllowedIPs = ${client.address}/32`;
|
|||
.trim()
|
||||
.split('\n')
|
||||
.slice(1)
|
||||
.forEach(line => {
|
||||
.forEach((line) => {
|
||||
const [
|
||||
publicKey,
|
||||
preSharedKey, // eslint-disable-line no-unused-vars
|
||||
|
|
@ -169,7 +169,7 @@ AllowedIPs = ${client.address}/32`;
|
|||
persistentKeepalive,
|
||||
] = line.split('\t');
|
||||
|
||||
const client = clients.find(client => client.publicKey === publicKey);
|
||||
const client = clients.find((client) => client.publicKey === publicKey);
|
||||
if (!client) return;
|
||||
|
||||
client.latestHandshakeAt = latestHandshakeAt === '0'
|
||||
|
|
@ -234,7 +234,7 @@ Endpoint = ${WG_HOST}:${WG_PORT}`;
|
|||
// Calculate next IP
|
||||
let address;
|
||||
for (let i = 2; i < 255; i++) {
|
||||
const client = Object.values(config.clients).find(client => {
|
||||
const client = Object.values(config.clients).find((client) => {
|
||||
return client.address === WG_DEFAULT_ADDRESS.replace('x', i);
|
||||
});
|
||||
|
||||
|
|
@ -249,8 +249,9 @@ Endpoint = ${WG_HOST}:${WG_PORT}`;
|
|||
}
|
||||
|
||||
// Create Client
|
||||
const clientId = uuid.v4();
|
||||
const id = uuid.v4();
|
||||
const client = {
|
||||
id,
|
||||
name,
|
||||
address,
|
||||
privateKey,
|
||||
|
|
@ -263,7 +264,7 @@ Endpoint = ${WG_HOST}:${WG_PORT}`;
|
|||
enabled: true,
|
||||
};
|
||||
|
||||
config.clients[clientId] = client;
|
||||
config.clients[id] = client;
|
||||
|
||||
await this.saveConfig();
|
||||
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue