Fabio/webssh2
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

chore: lint ./app/server/app.js still TODO for stop function #242

Browse source
This commit is contained in:
Bill Church 2021-05-13 13:47:35 -04:00
parent 36e4e68a16
commit ec2fcfb418
1 changed files with 134 additions and 125 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

259
app/server/app.js
View file

@ -1,30 +1,30 @@
'use strict'
/* jshint esversion: 6, asi: true, node: true */ /* jshint esversion: 6, asi: true, node: true */
/* eslint no-unused-expressions: ["error", { "allowShortCircuit": true, "allowTernary": true }] */ /* eslint no-unused-expressions: ["error", { "allowShortCircuit": true, "allowTernary": true }],
no-console: ["error", { allow: ["warn", "error"] }] */
// app.js // app.js
const path = require('path') const path = require('path');
const fs = require('fs') const fs = require('fs');
const nodeRoot = path.dirname(require.main.filename)
const configPath = path.join(nodeRoot, 'config.json') const nodeRoot = path.dirname(require.main.filename);
const publicPath = path.join(nodeRoot, 'client', 'public') const configPath = path.join(nodeRoot, 'config.json');
console.log('WebSSH2 service reading config from: ' + configPath) const publicPath = path.join(nodeRoot, 'client', 'public');
const express = require('express') const express = require('express');
const logger = require('morgan') const logger = require('morgan');
// sane defaults if config.json or parts are missing // sane defaults if config.json or parts are missing
let config = { let config = {
listen: { listen: {
ip: '0.0.0.0', ip: '0.0.0.0',
port: 2222 port: 2222,
}, },
http: { http: {
origins: ['localhost:2222'] origins: ['localhost:2222'],
}, },
user: { user: {
name: null, name: null,
password: null, password: null,
privatekey: null privatekey: null,
}, },
ssh: { ssh: {
host: null, host: null,
@ -33,25 +33,25 @@ let config = {
readyTimeout: 20000, readyTimeout: 20000,
keepaliveInterval: 120000, keepaliveInterval: 120000,
keepaliveCountMax: 10, keepaliveCountMax: 10,
allowedSubnets: [] allowedSubnets: [],
}, },
terminal: { terminal: {
cursorBlink: true, cursorBlink: true,
scrollback: 10000, scrollback: 10000,
tabStopWidth: 8, tabStopWidth: 8,
bellStyle: 'sound' bellStyle: 'sound',
}, },
header: { header: {
text: null, text: null,
background: 'green' background: 'green',
}, },
session: { session: {
name: 'WebSSH2', name: 'WebSSH2',
secret: 'mysecret' secret: 'mysecret',
}, },
options: { options: {
challengeButton: true, challengeButton: true,
allowreauth: true allowreauth: true,
}, },
algorithms: { algorithms: {
kex: [ kex: [
@ -59,7 +59,7 @@ let config = {
'ecdh-sha2-nistp384', 'ecdh-sha2-nistp384',
'ecdh-sha2-nistp521', 'ecdh-sha2-nistp521',
'diffie-hellman-group-exchange-sha256', 'diffie-hellman-group-exchange-sha256',
'diffie-hellman-group14-sha1' 'diffie-hellman-group14-sha1',
], ],
cipher: [ cipher: [
'aes128-ctr', 'aes128-ctr',
@ -69,42 +69,43 @@ let config = {
'aes128-gcm@openssh.com', 'aes128-gcm@openssh.com',
'aes256-gcm', 'aes256-gcm',
'aes256-gcm@openssh.com', 'aes256-gcm@openssh.com',
'aes256-cbc' 'aes256-cbc',
], ],
hmac: [ hmac: [
'hmac-sha2-256', 'hmac-sha2-256',
'hmac-sha2-512', 'hmac-sha2-512',
'hmac-sha1' 'hmac-sha1',
], ],
compress: [ compress: [
'none', 'none',
'zlib@openssh.com', 'zlib@openssh.com',
'zlib' 'zlib',
] ],
}, },
serverlog: { serverlog: {
client: false, client: false,
server: false server: false,
}, },
accesslog: false, accesslog: false,
verify: false, verify: false,
safeShutdownDuration: 300 safeShutdownDuration: 300,
} };
// test if config.json exists, if not provide error message but try to run // test if config.json exists, if not provide error message but try to run
// anyway // anyway
try { try {
if (fs.existsSync(configPath)) { if (fs.existsSync(configPath)) {
console.log('ephemeral_auth service reading config from: ' + configPath) // eslint-disable-next-line no-console
console.log(`webssh2 service reading config from: ${configPath}`);
config = require('read-config-ng')(configPath) // eslint-disable-line config = require('read-config-ng')(configPath) // eslint-disable-line
} else { } else {
console.error('\n\nERROR: Missing config.json for webssh. Current config: ' + JSON.stringify(config)) console.error(`\n\nERROR: Missing config.json for webssh. Current config: ${JSON.stringify(config)}`);
console.error('\n See config.json.sample for details\n\n') console.error('\n See config.json.sample for details\n\n');
} }
} catch (err) { } catch (err) {
console.error('\n\nERROR: Missing config.json for webssh. Current config: ' + JSON.stringify(config)) console.error(`\n\nERROR: Missing config.json for webssh. Current config: ${JSON.stringify(config)}`);
console.error('\n See config.json.sample for details\n\n') console.error('\n See config.json.sample for details\n\n');
console.error('ERROR:\n\n ' + err) console.error(`ERROR:\n\n ${err}`);
} }
const session = require('express-session')({ const session = require('express-session')({
@ -112,150 +113,158 @@ const session = require('express-session')({
name: config.session.name, name: config.session.name,
resave: true, resave: true,
saveUninitialized: false, saveUninitialized: false,
unset: 'destroy' unset: 'destroy',
}) });
const app = express()
const server = require('http').Server(app)
const myutil = require('./util')
myutil.setDefaultCredentials(config.user.name, config.user.password, config.user.privatekey)
const validator = require('validator')
const io = require('socket.io')(server, { serveClient: false, path: '/ssh/socket.io', origins: config.http.origins })
const socket = require('./socket')
const expressOptions = require('./expressOptions')
const favicon = require('serve-favicon')
const app = express();
const server = require('http').Server(app);
const validator = require('validator');
const io = require('socket.io')(server, { serveClient: false, path: '/ssh/socket.io', origins: config.http.origins });
const favicon = require('serve-favicon');
const socket = require('./socket');
const expressOptions = require('./expressOptions');
const myutil = require('./util');
myutil.setDefaultCredentials(config.user.name, config.user.password, config.user.privatekey);
// express // express
app.use(safeShutdownGuard) app.use(safeShutdownGuard);
app.use(session) app.use(session);
app.use(myutil.basicAuth) app.use(myutil.basicAuth);
if (config.accesslog) app.use(logger('common')) if (config.accesslog) app.use(logger('common'));
app.disable('x-powered-by') app.disable('x-powered-by');
// static files // static files
app.use('/ssh', express.static(publicPath, expressOptions)) app.use('/ssh', express.static(publicPath, expressOptions));
// favicon from root if being pre-fetched by browser to prevent a 404 // favicon from root if being pre-fetched by browser to prevent a 404
app.use(favicon(path.join(publicPath, 'favicon.ico'))) app.use(favicon(path.join(publicPath, 'favicon.ico')));
app.get('/ssh/reauth', function (req, res, next) { app.get('/ssh/reauth', (req, res, next) => {
const r = req.headers.referer || '/' const r = req.headers.referer || '/';
res.status(401).send('<!DOCTYPE html><html><head><meta http-equiv="refresh" content="0; url=' + r + '"></head><body bgcolor="#000"></body></html>') res.status(401).send(`<!DOCTYPE html><html><head><meta http-equiv="refresh" content="0; url=${r}"></head><body bgcolor="#000"></body></html>`);
}) next();
});
// eslint-disable-next-line complexity // eslint-disable-next-line complexity
app.get('/ssh/host/:host?', function (req, res, next) { app.get('/ssh/host/:host?', (req, res, next) => {
res.sendFile(path.join(path.join(publicPath, 'client.htm'))) res.sendFile(path.join(path.join(publicPath, 'client.htm')));
// capture, assign, and validated variables // capture, assign, and validated variables
req.session.ssh = { req.session.ssh = {
host: config.ssh.host || (validator.isIP(req.params.host + '') && req.params.host) || host: config.ssh.host || (validator.isIP(`${req.params.host}`) && req.params.host)
(validator.isFQDN(req.params.host) && req.params.host) || || (validator.isFQDN(req.params.host) && req.params.host)
(/^(([a-z]|[A-Z]|[0-9]|[!^(){}\-_~])+)?\w$/.test(req.params.host) && || (/^(([a-z]|[A-Z]|[0-9]|[!^(){}\-_~])+)?\w$/.test(req.params.host)
req.params.host), && req.params.host),
port: (validator.isInt(req.query.port + '', { min: 1, max: 65535 }) && port: (validator.isInt(`${req.query.port}`, { min: 1, max: 65535 })
req.query.port) || config.ssh.port, && req.query.port) || config.ssh.port,
localAddress: config.ssh.localAddress, localAddress: config.ssh.localAddress,
localPort: config.ssh.localPort, localPort: config.ssh.localPort,
header: { header: {
name: req.query.header || config.header.text, name: req.query.header || config.header.text,
background: req.query.headerBackground || config.header.background background: req.query.headerBackground || config.header.background,
}, },
algorithms: config.algorithms, algorithms: config.algorithms,
keepaliveInterval: config.ssh.keepaliveInterval, keepaliveInterval: config.ssh.keepaliveInterval,
keepaliveCountMax: config.ssh.keepaliveCountMax, keepaliveCountMax: config.ssh.keepaliveCountMax,
allowedSubnets: config.ssh.allowedSubnets, allowedSubnets: config.ssh.allowedSubnets,
term: (/^(([a-z]|[A-Z]|[0-9]|[!^(){}\-_~])+)?\w$/.test(req.query.sshterm) && term: (/^(([a-z]|[A-Z]|[0-9]|[!^(){}\-_~])+)?\w$/.test(req.query.sshterm)
req.query.sshterm) || config.ssh.term, && req.query.sshterm) || config.ssh.term,
terminal: { terminal: {
cursorBlink: (validator.isBoolean(req.query.cursorBlink + '') ? myutil.parseBool(req.query.cursorBlink) : config.terminal.cursorBlink), cursorBlink: (validator.isBoolean(`${req.query.cursorBlink}`) ? myutil.parseBool(req.query.cursorBlink) : config.terminal.cursorBlink),
scrollback: (validator.isInt(req.query.scrollback + '', { min: 1, max: 200000 }) && req.query.scrollback) ? req.query.scrollback : config.terminal.scrollback, scrollback: (validator.isInt(`${req.query.scrollback}`, { min: 1, max: 200000 }) && req.query.scrollback) ? req.query.scrollback : config.terminal.scrollback,
tabStopWidth: (validator.isInt(req.query.tabStopWidth + '', { min: 1, max: 100 }) && req.query.tabStopWidth) ? req.query.tabStopWidth : config.terminal.tabStopWidth, tabStopWidth: (validator.isInt(`${req.query.tabStopWidth}`, { min: 1, max: 100 }) && req.query.tabStopWidth) ? req.query.tabStopWidth : config.terminal.tabStopWidth,
bellStyle: ((req.query.bellStyle) && (['sound', 'none'].indexOf(req.query.bellStyle) > -1)) ? req.query.bellStyle : config.terminal.bellStyle bellStyle: ((req.query.bellStyle) && (['sound', 'none'].indexOf(req.query.bellStyle) > -1)) ? req.query.bellStyle : config.terminal.bellStyle,
}, },
allowreplay: config.options.challengeButton || (validator.isBoolean(req.headers.allowreplay + '') ? myutil.parseBool(req.headers.allowreplay) : false), allowreplay: config.options.challengeButton || (validator.isBoolean(`${req.headers.allowreplay}`) ? myutil.parseBool(req.headers.allowreplay) : false),
allowreauth: config.options.allowreauth || false, allowreauth: config.options.allowreauth || false,
mrhsession: ((validator.isAlphanumeric(req.headers.mrhsession + '') && req.headers.mrhsession) ? req.headers.mrhsession : 'none'), mrhsession: ((validator.isAlphanumeric(`${req.headers.mrhsession}`) && req.headers.mrhsession) ? req.headers.mrhsession : 'none'),
serverlog: { serverlog: {
client: config.serverlog.client || false, client: config.serverlog.client || false,
server: config.serverlog.server || false server: config.serverlog.server || false,
}, },
readyTimeout: (validator.isInt(req.query.readyTimeout + '', { min: 1, max: 300000 }) && readyTimeout: (validator.isInt(`${req.query.readyTimeout}`, { min: 1, max: 300000 })
req.query.readyTimeout) || config.ssh.readyTimeout && req.query.readyTimeout) || config.ssh.readyTimeout,
} };
if (req.session.ssh.header.name) validator.escape(req.session.ssh.header.name) if (req.session.ssh.header.name) validator.escape(req.session.ssh.header.name);
if (req.session.ssh.header.background) validator.escape(req.session.ssh.header.background) if (req.session.ssh.header.background) validator.escape(req.session.ssh.header.background);
}) });
// express error handling // express error handling
app.use(function (req, res, next) { app.use((req, res, next) => {
res.status(404).send("Sorry can't find that!") res.status(404).send("Sorry can't find that!");
}) next();
});
app.use(function (err, req, res, next) { app.use((err, req, res, next) => {
console.error(err.stack) console.error(err.stack);
res.status(500).send('Something broke!') res.status(500).send('Something broke!');
}) next();
});
// socket.io // socket.io
// expose express session with socket.request.session // expose express session with socket.request.session
io.use(function (socket, next) { io.use((socket, next) => {
(socket.request.res) (socket.request.res)
? session(socket.request, socket.request.res, next) ? session(socket.request, socket.request.res, next)
: next(next) // eslint disable-line : next(next); // eslint disable-line
}) });
// bring up socket // bring up socket
io.on('connection', socket) io.on('connection', socket);
// safe shutdown // safe shutdown
let shutdownMode = false let shutdownMode = false;
let shutdownInterval = 0 let shutdownInterval = 0;
let connectionCount = 0 let connectionCount = 0;
function safeShutdownGuard (req, res, next) { function safeShutdownGuard(req, res, next) {
if (shutdownMode) res.status(503).end('Service unavailable: Server shutting down') if (shutdownMode) res.status(503).end('Service unavailable: Server shutting down');
else return next() else return next();
} }
io.on('connection', function (socket) { io.on('connection', (socket) => {
connectionCount++ connectionCount += 1;
socket.on('disconnect', function () { socket.on('disconnect', () => {
if ((--connectionCount <= 0) && shutdownMode) { connectionCount -= 1;
stop('All clients disconnected') if ((connectionCount <= 0) && shutdownMode) {
stop('All clients disconnected');
} }
}) });
}) });
const signals = ['SIGTERM', 'SIGINT'] const signals = ['SIGTERM', 'SIGINT'];
signals.forEach(signal => process.on(signal, function () { signals.forEach((signal) => process.on(signal, () => {
if (shutdownMode) stop('Safe shutdown aborted, force quitting') if (shutdownMode) stop('Safe shutdown aborted, force quitting');
else if (connectionCount > 0) { else if (connectionCount > 0) {
let remainingSeconds = config.safeShutdownDuration let remainingSeconds = config.safeShutdownDuration;
shutdownMode = true shutdownMode = true;
const message = (connectionCount === 1) const message = (connectionCount === 1)
? ' client is still connected' ? ' client is still connected'
: ' clients are still connected' : ' clients are still connected';
console.error(connectionCount + message) console.error(connectionCount + message);
console.error('Starting a ' + remainingSeconds + ' seconds countdown') console.error(`Starting a ${remainingSeconds} seconds countdown`);
console.error('Press Ctrl+C again to force quit') console.error('Press Ctrl+C again to force quit');
shutdownInterval = setInterval(function () { shutdownInterval = setInterval(() => {
if ((remainingSeconds--) <= 0) { remainingSeconds -= 1;
stop('Countdown is over') if ((remainingSeconds) <= 0) {
stop('Countdown is over');
} else { } else {
io.sockets.emit('shutdownCountdownUpdate', remainingSeconds) io.sockets.emit('shutdownCountdownUpdate', remainingSeconds);
} }
}, 1000) }, 1000);
} else stop() } else stop();
})) }));
// clean stop // clean stop
function stop (reason) { function stop(reason) {
shutdownMode = false shutdownMode = false;
if (reason) console.log('Stopping: ' + reason) // eslint-disable-next-line no-console
if (shutdownInterval) clearInterval(shutdownInterval) if (reason) console.log(`Stopping: ${reason}`);
io.close() if (shutdownInterval) clearInterval(shutdownInterval);
server.close() io.close();
server.close();
} }
module.exports = { server: server, config: config } module.exports = { server, config };