fix one time links (#1304)
Closes #1302 Co-authored-by: Bernd Storath <999999bst@gmail.com>
This commit is contained in:
Bernd Storath
+15
-3
@@ -33,7 +33,7 @@ const {
|
||||
LANG,
|
||||
UI_TRAFFIC_STATS,
|
||||
UI_CHART_TYPE,
|
||||
UI_SHOW_LINKS,
|
||||
WG_ENABLE_ONE_TIME_LINKS,
|
||||
UI_ENABLE_SORT_CLIENTS,
|
||||
WG_ENABLE_EXPIRES_TIME,
|
||||
} = require('../config');
|
||||
@@ -106,9 +106,9 @@ module.exports = class Server {
|
||||
return `"${UI_CHART_TYPE}"`;
|
||||
}))
|
||||
|
||||
.get('/api/ui-show-links', defineEventHandler((event) => {
|
||||
.get('/api/wg-enable-one-time-links', defineEventHandler((event) => {
|
||||
setHeader(event, 'Content-Type', 'application/json');
|
||||
return `${UI_SHOW_LINKS}`;
|
||||
return `${WG_ENABLE_ONE_TIME_LINKS}`;
|
||||
}))
|
||||
|
||||
.get('/api/ui-sort-clients', defineEventHandler((event) => {
|
||||
@@ -133,6 +133,12 @@ module.exports = class Server {
|
||||
};
|
||||
}))
|
||||
.get('/cnf/:clientOneTimeLink', defineEventHandler(async (event) => {
|
||||
if (WG_ENABLE_ONE_TIME_LINKS === 'false') {
|
||||
throw createError({
|
||||
status: 404,
|
||||
message: 'Invalid state',
|
||||
});
|
||||
}
|
||||
const clientOneTimeLink = getRouterParam(event, 'clientOneTimeLink');
|
||||
const clients = await WireGuard.getClients();
|
||||
const client = clients.find((client) => client.oneTimeLink === clientOneTimeLink);
|
||||
@@ -254,6 +260,12 @@ module.exports = class Server {
|
||||
return { success: true };
|
||||
}))
|
||||
.post('/api/wireguard/client/:clientId/generateOneTimeLink', defineEventHandler(async (event) => {
|
||||
if (WG_ENABLE_ONE_TIME_LINKS === 'false') {
|
||||
throw createError({
|
||||
status: 404,
|
||||
message: 'Invalid state',
|
||||
});
|
||||
}
|
||||
const clientId = getRouterParam(event, 'clientId');
|
||||
if (clientId === '__proto__' || clientId === 'constructor' || clientId === 'prototype') {
|
||||
throw createError({ status: 403 });
|
||||
|
||||
+21
-4
@@ -25,6 +25,7 @@ const {
|
||||
WG_PRE_DOWN,
|
||||
WG_POST_DOWN,
|
||||
WG_ENABLE_EXPIRES_TIME,
|
||||
WG_ENABLE_ONE_TIME_LINKS,
|
||||
} = require('../config');
|
||||
|
||||
module.exports = class WireGuard {
|
||||
@@ -152,7 +153,8 @@ ${client.preSharedKey ? `PresharedKey = ${client.preSharedKey}\n` : ''
|
||||
? new Date(client.expiredAt)
|
||||
: null,
|
||||
allowedIPs: client.allowedIPs,
|
||||
oneTimeLink: client.oneTimeLink ? client.oneTimeLink : null,
|
||||
oneTimeLink: client.oneTimeLink ?? null,
|
||||
oneTimeLinkExpiresAt: client.oneTimeLinkExpiresAt ?? null,
|
||||
downloadableConfig: 'privateKey' in client,
|
||||
persistentKeepalive: null,
|
||||
latestHandshakeAt: null,
|
||||
@@ -310,6 +312,7 @@ Endpoint = ${WG_HOST}:${WG_CONFIG_PORT}`;
|
||||
const client = await this.getClient({ clientId });
|
||||
const key = `${clientId}-${Math.floor(Math.random() * 1000)}`;
|
||||
client.oneTimeLink = Math.abs(CRC32.str(key)).toString(16);
|
||||
client.oneTimeLinkExpiresAt = new Date(Date.now() + 5 * 60 * 1000);
|
||||
client.updatedAt = new Date();
|
||||
await this.saveConfig();
|
||||
}
|
||||
@@ -317,6 +320,7 @@ Endpoint = ${WG_HOST}:${WG_CONFIG_PORT}`;
|
||||
async eraseOneTimeLink({ clientId }) {
|
||||
const client = await this.getClient({ clientId });
|
||||
client.oneTimeLink = null;
|
||||
client.oneTimeLinkExpiresAt = null;
|
||||
client.updatedAt = new Date();
|
||||
await this.saveConfig();
|
||||
}
|
||||
@@ -396,8 +400,9 @@ Endpoint = ${WG_HOST}:${WG_CONFIG_PORT}`;
|
||||
|
||||
async cronJobEveryMinute() {
|
||||
const config = await this.getConfig();
|
||||
let needSaveConfig = false;
|
||||
// Expires Feature
|
||||
if (WG_ENABLE_EXPIRES_TIME === 'true') {
|
||||
let needSaveConfig = false;
|
||||
for (const client of Object.values(config.clients)) {
|
||||
if (client.enabled !== true) continue;
|
||||
if (client.expiredAt !== null && new Date() > new Date(client.expiredAt)) {
|
||||
@@ -407,10 +412,22 @@ Endpoint = ${WG_HOST}:${WG_CONFIG_PORT}`;
|
||||
client.updatedAt = new Date();
|
||||
}
|
||||
}
|
||||
if (needSaveConfig) {
|
||||
await this.saveConfig();
|
||||
}
|
||||
// One Time Link Feature
|
||||
if (WG_ENABLE_ONE_TIME_LINKS === 'true') {
|
||||
for (const client of Object.values(config.clients)) {
|
||||
if (client.oneTimeLink !== null && new Date() > new Date(client.oneTimeLinkExpiresAt)) {
|
||||
debug(`Client ${client.id} One Time Link expired.`);
|
||||
needSaveConfig = true;
|
||||
client.oneTimeLink = null;
|
||||
client.oneTimeLinkExpiresAt = null;
|
||||
client.updatedAt = new Date();
|
||||
}
|
||||
}
|
||||
}
|
||||
if (needSaveConfig) {
|
||||
await this.saveConfig();
|
||||
}
|
||||
}
|
||||
|
||||
};
|
||||
|
||||
Reference in New Issue
Block a user