feat: HTTP Basic Authentication and auto-connection with /ssh/host/<hostIP>
This commit is contained in:
Bill Church
parent
aec8be86b4
commit
a0affca261
3 changed files with 33 additions and 1 deletions
|
|
@ -1,10 +1,13 @@
|
|||
// server
|
||||
// app/connectionHandler.js
|
||||
const createDebug = require("debug")
|
||||
var path = require("path")
|
||||
var fs = require("fs")
|
||||
var extend = require("util")._extend
|
||||
const debug = createDebug("webssh2:connectionHandler")
|
||||
|
||||
function handleConnection(req, res, urlParams) {
|
||||
debug("Handling connection")
|
||||
urlParams = urlParams || {}
|
||||
|
||||
const clientPath = path.resolve(
|
||||
|
|
@ -31,7 +34,6 @@ function handleConnection(req, res, urlParams) {
|
|||
host: urlParams.host || sshCredentials.host || '',
|
||||
port: urlParams.port || sshCredentials.port || 22,
|
||||
username: sshCredentials.username || '',
|
||||
password: sshCredentials.password || ''
|
||||
},
|
||||
autoConnect: !!req.session.sshCredentials
|
||||
}
|
||||
|
|
|
|||
|
|
@ -6,6 +6,7 @@ const express = require('express')
|
|||
const router = express.Router()
|
||||
const handleConnection = require('./connectionHandler')
|
||||
const basicAuth = require('basic-auth')
|
||||
const { sanitizeObject } = require('./utils')
|
||||
|
||||
function auth(req, res, next) {
|
||||
debug('Authenticating user with HTTP Basic Auth')
|
||||
|
|
@ -31,6 +32,18 @@ router.get('/', function (req, res) {
|
|||
// Scenario 2: Auth required, uses HTTP Basic Auth
|
||||
router.get('/host/:host', auth, function (req, res) {
|
||||
debug(`Accessed /ssh/host/${req.params.host} route`)
|
||||
const { host, port = 22 } = req.params;
|
||||
req.session.sshCredentials.host = host
|
||||
req.session.sshCredentials.port = port
|
||||
|
||||
// Sanitize the sshCredentials object before logging
|
||||
const sanitizedCredentials = sanitizeObject(
|
||||
JSON.parse(JSON.stringify(req.session.sshCredentials))
|
||||
);
|
||||
|
||||
// Log the sanitized credentials
|
||||
debug('/ssh//host/ Credentials: ', sanitizedCredentials);
|
||||
|
||||
handleConnection(req, res, { host: req.params.host })
|
||||
})
|
||||
|
||||
|
|
|
|||
|
|
@ -32,6 +32,16 @@ function handleConnection(socket, config) {
|
|||
removeExistingListeners(socket)
|
||||
setupInitialSocketListeners(socket, config)
|
||||
|
||||
if (socket.handshake.session.sshCredentials) {
|
||||
const { username, password, host, port } =
|
||||
socket.handshake.session.sshCredentials
|
||||
|
||||
if (username && password && host && port) {
|
||||
handleAuthentication(socket, { username, password, host, port }, config)
|
||||
return
|
||||
}
|
||||
}
|
||||
|
||||
// Emit an event to the client to request authentication
|
||||
if (!authenticated) {
|
||||
debug(
|
||||
|
|
@ -86,6 +96,13 @@ function handleConnection(socket, config) {
|
|||
* @param {Object} config - The configuration object
|
||||
*/
|
||||
function handleAuthentication(socket, creds, config) {
|
||||
if (!creds.username && !creds.password) {
|
||||
creds.username = sshCredentials.username
|
||||
creds.password = sshCredentials.password
|
||||
creds.host = sshCredentials.host
|
||||
creds.port = sshCredentials.port
|
||||
}
|
||||
|
||||
// If reauth, creds from this function should take precedence
|
||||
if (creds && isValidCredentials(creds)) {
|
||||
// Store new credentials in session, overriding any existing ones
|
||||
|
|
|
|||
Loading…
Reference in a new issue