forked from extern/dockge
Compare commits
7 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
|
f3dd323daa | ||
|
|
3848e8cbb9 | ||
|
|
5bbd3a906a | ||
|
|
fd7f539089 | ||
|
|
16a5f2a175 | ||
|
|
7a0d4fc62a | ||
|
|
d0712d77ab |
@ -194,6 +194,39 @@ export class DockgeServer {
|
||||
// Create Socket.io
|
||||
this.io = new socketIO.Server(this.httpServer, {
|
||||
cors,
|
||||
allowRequest: (req, callback) => {
|
||||
let isOriginValid = true;
|
||||
const bypass = isDev;
|
||||
|
||||
if (!bypass) {
|
||||
let host = req.headers.host;
|
||||
|
||||
// If this is set, it means the request is from the browser
|
||||
let origin = req.headers.origin;
|
||||
|
||||
// If this is from the browser, check if the origin is allowed
|
||||
if (origin) {
|
||||
try {
|
||||
let originURL = new URL(origin);
|
||||
|
||||
if (host !== originURL.host) {
|
||||
isOriginValid = false;
|
||||
log.error("auth", `Origin (${origin}) does not match host (${host}), IP: ${req.socket.remoteAddress}`);
|
||||
}
|
||||
} catch (e) {
|
||||
// Invalid origin url, probably not from browser
|
||||
isOriginValid = false;
|
||||
log.error("auth", `Invalid origin url (${origin}), IP: ${req.socket.remoteAddress}`);
|
||||
}
|
||||
} else {
|
||||
log.info("auth", `Origin is not set, IP: ${req.socket.remoteAddress}`);
|
||||
}
|
||||
} else {
|
||||
log.debug("auth", "Origin check is bypassed");
|
||||
}
|
||||
|
||||
callback(null, isOriginValid);
|
||||
}
|
||||
});
|
||||
|
||||
this.io.on("connection", async (socket: Socket) => {
|
||||
@ -578,4 +611,35 @@ export class DockgeServer {
|
||||
finalFunction() {
|
||||
log.info("server", "Graceful shutdown successful!");
|
||||
}
|
||||
|
||||
/**
|
||||
* Force connected sockets of a user to refresh and disconnect.
|
||||
* Used for resetting password.
|
||||
* @param {string} userID
|
||||
* @param {string?} currentSocketID
|
||||
*/
|
||||
disconnectAllSocketClients(userID: number, currentSocketID? : string) {
|
||||
for (const rawSocket of this.io.sockets.sockets.values()) {
|
||||
let socket = rawSocket as DockgeSocket;
|
||||
if (socket.userID === userID && socket.id !== currentSocketID) {
|
||||
try {
|
||||
socket.emit("refresh");
|
||||
socket.disconnect();
|
||||
} catch (e) {
|
||||
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
isSSL() {
|
||||
return this.config.sslKey && this.config.sslCert;
|
||||
}
|
||||
|
||||
getLocalWebSocketURL() {
|
||||
const protocol = this.isSSL() ? "wss" : "ws";
|
||||
const host = this.config.hostname || "localhost";
|
||||
return `${protocol}://${host}:${this.config.port}`;
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@ -211,6 +211,8 @@ export class MainSocketHandler extends SocketHandler {
|
||||
let user = await doubleCheckPassword(socket, password.currentPassword);
|
||||
await user.resetPassword(password.newPassword);
|
||||
|
||||
server.disconnectAllSocketClients(user.id, socket.id);
|
||||
|
||||
callback({
|
||||
ok: true,
|
||||
msg: "Password has been updated successfully.",
|
||||
@ -280,6 +282,18 @@ export class MainSocketHandler extends SocketHandler {
|
||||
}
|
||||
}
|
||||
});
|
||||
|
||||
// Disconnect all other socket clients of the user
|
||||
socket.on("disconnectOtherSocketClients", async () => {
|
||||
try {
|
||||
checkLogin(socket);
|
||||
server.disconnectAllSocketClients(socket.userID, socket.id);
|
||||
} catch (e) {
|
||||
if (e instanceof Error) {
|
||||
log.warn("disconnectOtherSocketClients", e.message);
|
||||
}
|
||||
}
|
||||
});
|
||||
}
|
||||
|
||||
async login(username : string, password : string) : Promise<User | null> {
|
||||
|
||||
@ -21,6 +21,11 @@ export interface LooseObject {
|
||||
[key: string]: any
|
||||
}
|
||||
|
||||
export interface BaseRes {
|
||||
ok: boolean;
|
||||
msg?: string;
|
||||
}
|
||||
|
||||
let randomBytes : (numBytes: number) => Uint8Array;
|
||||
initRandomBytes();
|
||||
|
||||
|
||||
@ -4,6 +4,8 @@ import readline from "readline";
|
||||
import { User } from "../backend/models/user";
|
||||
import { DockgeServer } from "../backend/dockge-server";
|
||||
import { log } from "../backend/log";
|
||||
import { io } from "socket.io-client";
|
||||
import { BaseRes } from "../backend/util-common";
|
||||
|
||||
console.log("== Dockge Reset Password Tool ==");
|
||||
|
||||
@ -12,11 +14,10 @@ const rl = readline.createInterface({
|
||||
output: process.stdout
|
||||
});
|
||||
|
||||
const server = new DockgeServer();
|
||||
|
||||
export const main = async () => {
|
||||
const server = new DockgeServer();
|
||||
|
||||
// Check if
|
||||
|
||||
console.log("Connecting the database");
|
||||
try {
|
||||
await Database.init(server);
|
||||
@ -47,12 +48,16 @@ export const main = async () => {
|
||||
// Reset all sessions by reset jwt secret
|
||||
await server.initJWTSecret();
|
||||
|
||||
console.log("Password reset successfully.");
|
||||
|
||||
// Disconnect all other socket clients of the user
|
||||
await disconnectAllSocketClients(user.username, password);
|
||||
|
||||
break;
|
||||
} else {
|
||||
console.log("Passwords do not match, please try again.");
|
||||
}
|
||||
}
|
||||
console.log("Password reset successfully.");
|
||||
}
|
||||
} catch (e) {
|
||||
if (e instanceof Error) {
|
||||
@ -79,6 +84,47 @@ function question(question : string) : Promise<string> {
|
||||
});
|
||||
}
|
||||
|
||||
function disconnectAllSocketClients(username : string, password : string) : Promise<void> {
|
||||
return new Promise((resolve) => {
|
||||
const url = server.getLocalWebSocketURL();
|
||||
|
||||
console.log("Connecting to " + url + " to disconnect all other socket clients");
|
||||
|
||||
// Disconnect all socket connections
|
||||
const socket = io(url, {
|
||||
transports: [ "websocket" ],
|
||||
reconnection: false,
|
||||
timeout: 5000,
|
||||
});
|
||||
socket.on("connect", () => {
|
||||
socket.emit("login", {
|
||||
username,
|
||||
password,
|
||||
}, (res : BaseRes) => {
|
||||
if (res.ok) {
|
||||
console.log("Logged in.");
|
||||
socket.emit("disconnectOtherSocketClients");
|
||||
} else {
|
||||
console.warn("Login failed.");
|
||||
console.warn("Please restart the server to disconnect all sessions.");
|
||||
}
|
||||
socket.close();
|
||||
});
|
||||
});
|
||||
|
||||
socket.on("connect_error", function () {
|
||||
// The localWebSocketURL is not guaranteed to be working for some complicated Uptime Kuma setup
|
||||
// Ask the user to restart the server manually
|
||||
console.warn("Failed to connect to " + url);
|
||||
console.warn("Please restart the server to disconnect all sessions manually.");
|
||||
resolve();
|
||||
});
|
||||
socket.on("disconnect", () => {
|
||||
resolve();
|
||||
});
|
||||
});
|
||||
}
|
||||
|
||||
if (!process.env.TEST_BACKEND) {
|
||||
main();
|
||||
}
|
||||
|
||||
@ -202,6 +202,10 @@ export default defineComponent({
|
||||
}
|
||||
}
|
||||
});
|
||||
|
||||
socket.on("refresh", () => {
|
||||
location.reload();
|
||||
});
|
||||
},
|
||||
|
||||
/**
|
||||
|
||||
Loading…
Reference in New Issue
Block a user