Fabio/webssh2
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

feat: credentials over http post for #290

Browse source
This commit is contained in:
Bill Church 2022-07-07 11:21:49 -04:00
parent 40cbb35616
commit 5b8f88cfef
4 changed files with 32 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

9
README.md
View file

@ -41,6 +41,8 @@ http://localhost:2222/ssh/host/127.0.0.1
You will be prompted for credentials to use on the SSH server via HTTP Basic authentcaiton. This is to permit usage with some SSO systems that can replay credentials over HTTP basic. You will be prompted for credentials to use on the SSH server via HTTP Basic authentcaiton. This is to permit usage with some SSO systems that can replay credentials over HTTP basic.
Alternatively in main for testing, you can send credentials via POST with the variables "username" and "userpassword".
# Customizing client files # Customizing client files
See [BUILDING.md](BUILDING.md) for more details. See [BUILDING.md](BUILDING.md) for more details.
@ -83,6 +85,13 @@ docker run --name webssh2 -d -p 2222:2222 -v `pwd`/app/config.json:/usr/src/conf
# Options # Options
## POST request vars (in main branch for testing)
* **username** - _string_ - username to log into ssh with
* **userpassword** _string_ password to log into ssh with
TODO: Add the vars from the GET requests below as well.
## GET request vars ## GET request vars
* **port=** - _integer_ - port of SSH server (defaults to 22) * **port=** - _integer_ - port of SSH server (defaults to 22)

3
app/server/app.js
View file

@ -41,6 +41,9 @@ app.use(session);
if (config.accesslog) app.use(logger('common')); if (config.accesslog) app.use(logger('common'));
app.disable('x-powered-by'); app.disable('x-powered-by');
app.use(favicon(path.join(publicPath, 'favicon.ico'))); app.use(favicon(path.join(publicPath, 'favicon.ico')));
app.use(express.urlencoded({ extended: true }));
app.post('/ssh/host/:host?', connect);
app.post('/ssh', express.static(publicPath, config.express.ssh));
app.use('/ssh', express.static(publicPath, config.express.ssh)); app.use('/ssh', express.static(publicPath, config.express.ssh));
app.use(basicAuth); app.use(basicAuth);
app.get('/ssh/reauth', reauth); app.get('/ssh/reauth', reauth);

14
app/server/form.html Normal file
View file

@ -0,0 +1,14 @@
<html>
<head><title>Post Test</title></head>
<body>
<h1>Credentials over HTTP POST test</h1>
<p>This is a test to demonstrate sending credentials over POST instead of requiring HTTP Basic. If you use this, be sure to secure the app/site with HTTPS!</p>
<form method="POST" action="http://localhost:2222/ssh/host/192.168.0.1">
<label for="username">Username</label>
<input name="username">
<label for="userpassword">Password</label>
<input name="userpassword" type="password">
<button>Login</button>
</form>
</body>
</html>

6
app/server/routes.js
View file

@ -26,6 +26,12 @@ exports.reauth = function reauth(req, res) {
exports.connect = function connect(req, res) { exports.connect = function connect(req, res) {
res.sendFile(path.join(path.join(publicPath, 'client.htm'))); res.sendFile(path.join(path.join(publicPath, 'client.htm')));
if (req.method === 'POST' && req.body.username && req.body.userpassword) {
req.session.username = req.body.username;
req.session.userpassword = req.body.userpassword;
}
// capture, assign, and validate variables // capture, assign, and validate variables
req.session.ssh = { req.session.ssh = {
host: host: