mirror of
https://github.com/Ylianst/MeshCentral.git
synced 2025-02-12 11:01:52 +00:00
Added authCookie to all multiparty forms
This commit is contained in:
Ylian Saint-Hilaire
parent
1270c3fbd5
commit
947f6327fc
4 changed files with 36 additions and 9 deletions
|
|
@ -1,6 +1,6 @@
|
||||||
{
|
{
|
||||||
"name": "meshcentral",
|
"name": "meshcentral",
|
||||||
"version": "0.4.1-m",
|
"version": "0.4.1-n",
|
||||||
"keywords": [
|
"keywords": [
|
||||||
"Remote Management",
|
"Remote Management",
|
||||||
"Intel AMT",
|
"Intel AMT",
|
||||||
|
|
|
||||||
File diff suppressed because one or more lines are too long
|
|
@ -873,6 +873,7 @@
|
||||||
<div id=d3localmode style="display:none">
|
<div id=d3localmode style="display:none">
|
||||||
<div>Upload File</div>
|
<div>Upload File</div>
|
||||||
<form id=d3localmodeform method=post enctype=multipart/form-data action=uploadfile.ashx target=fileUploadFrame>
|
<form id=d3localmodeform method=post enctype=multipart/form-data action=uploadfile.ashx target=fileUploadFrame>
|
||||||
|
<input type=text id=d3auth name=auth style="display:none" />
|
||||||
<input type=text id=d3attrib name=attrib style="display:none" />
|
<input type=text id=d3attrib name=attrib style="display:none" />
|
||||||
<input type=file id=d3localFile name=files onchange=d3setActions() />
|
<input type=file id=d3localFile name=files onchange=d3setActions() />
|
||||||
<input type=submit id=d3submit style="display:none" />
|
<input type=submit id=d3submit style="display:none" />
|
||||||
|
|
@ -6491,6 +6492,7 @@
|
||||||
function p15uploadCore2() {
|
function p15uploadCore2() {
|
||||||
if (xxdialogMode) return;
|
if (xxdialogMode) return;
|
||||||
Q('d3localmodeform').action = 'uploadmeshcorefile.ashx';
|
Q('d3localmodeform').action = 'uploadmeshcorefile.ashx';
|
||||||
|
Q('d3auth').value = authCookie;
|
||||||
Q('d3attrib').value = currentNode._id;
|
Q('d3attrib').value = currentNode._id;
|
||||||
setDialogMode(3, "Upload Mesh Agent Core", 3, p15uploadCoreEx2);
|
setDialogMode(3, "Upload Mesh Agent Core", 3, p15uploadCoreEx2);
|
||||||
d3init();
|
d3init();
|
||||||
|
|
@ -6836,6 +6838,7 @@
|
||||||
if (xxdialogMode) return false;
|
if (xxdialogMode) return false;
|
||||||
var x = 'Restore the server using a backup, <span style=color:red>this will delete the existing server data</span>. Only do this if you know what you are doing.<br /><br />';
|
var x = 'Restore the server using a backup, <span style=color:red>this will delete the existing server data</span>. Only do this if you know what you are doing.<br /><br />';
|
||||||
x += '<form action="/restoreserver.ashx" enctype="multipart/form-data" method="post"><div>';
|
x += '<form action="/restoreserver.ashx" enctype="multipart/form-data" method="post"><div>';
|
||||||
|
x += '<input type=hidden name=auth value=' + authCookie + '>';
|
||||||
x += '<input id=account_dlgFileInput type=file name=datafile style=width:100% accept=".zip,application/octet-stream,application/zip,application/x-zip,application/x-zip-compressed" onchange=account_validateServerRestore()>';
|
x += '<input id=account_dlgFileInput type=file name=datafile style=width:100% accept=".zip,application/octet-stream,application/zip,application/x-zip,application/x-zip-compressed" onchange=account_validateServerRestore()>';
|
||||||
x += '<input id=account_dlgCancelButton type=button value=Cancel style=float:right;width:80px;margin-left:5px onclick=dialogclose(0)>';
|
x += '<input id=account_dlgCancelButton type=button value=Cancel style=float:right;width:80px;margin-left:5px onclick=dialogclose(0)>';
|
||||||
x += '<input id=account_dlgOkButton type=submit value=OK style=float:right;width:80px onclick=dialogclose(1)>';
|
x += '<input id=account_dlgOkButton type=submit value=OK style=float:right;width:80px onclick=dialogclose(1)>';
|
||||||
|
|
|
||||||
38
webserver.js
38
webserver.js
|
|
@ -1974,13 +1974,26 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
|
||||||
function handleUploadMeshCoreFile(req, res) {
|
function handleUploadMeshCoreFile(req, res) {
|
||||||
const domain = checkUserIpAddress(req, res);
|
const domain = checkUserIpAddress(req, res);
|
||||||
if (domain == null) { res.sendStatus(404); return; }
|
if (domain == null) { res.sendStatus(404); return; }
|
||||||
if ((domain.id !== '') || (!req.session) || (req.session == null) || (!req.session.userid)) { res.sendStatus(401); return; }
|
if (domain.id !== '') { res.sendStatus(401); return; }
|
||||||
const user = obj.users[req.session.userid];
|
|
||||||
if (user.siteadmin != 0xFFFFFFFF) { res.sendStatus(401); return; } // Check if we have mesh core upload rights (Full admin only)
|
var authUserid = null;
|
||||||
|
if ((req.session != null) && (typeof req.session.userid == 'string')) { authUserid = req.session.userid; }
|
||||||
|
|
||||||
const multiparty = require('multiparty');
|
const multiparty = require('multiparty');
|
||||||
const form = new multiparty.Form();
|
const form = new multiparty.Form();
|
||||||
form.parse(req, function (err, fields, files) {
|
form.parse(req, function (err, fields, files) {
|
||||||
|
// If an authentication cookie is embedded in the form, use that.
|
||||||
|
if ((fields != null) && (fields.auth != null) && (fields.auth.length == 1) && (typeof fields.auth[0] == 'string')) {
|
||||||
|
var loginCookie = obj.parent.decodeCookie(fields.auth[0], obj.parent.loginCookieEncryptionKey, 60); // 60 minute timeout
|
||||||
|
if ((loginCookie != null) && (loginCookie.ip != null) && (loginCookie.ip != cleanRemoteAddr(req.ip))) { loginCookie = null; } // Check cookie IP binding.
|
||||||
|
if ((loginCookie != null) && (domain.id == loginCookie.domainid)) { authUserid = loginCookie.userid; } // Use cookie authentication
|
||||||
|
}
|
||||||
|
if (authUserid == null) { res.sendStatus(401); return; }
|
||||||
|
|
||||||
|
// Get the user
|
||||||
|
const user = obj.users[authUserid];
|
||||||
|
if (user.siteadmin != 0xFFFFFFFF) { res.sendStatus(401); return; } // Check if we have mesh core upload rights (Full admin only)
|
||||||
|
|
||||||
if ((fields == null) || (fields.attrib == null) || (fields.attrib.length != 1)) { res.sendStatus(404); return; }
|
if ((fields == null) || (fields.attrib == null) || (fields.attrib.length != 1)) { res.sendStatus(404); return; }
|
||||||
for (var i in files.files) {
|
for (var i in files.files) {
|
||||||
var file = files.files[i];
|
var file = files.files[i];
|
||||||
|
|
@ -2785,13 +2798,24 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
|
||||||
function handleRestoreRequest(req, res) {
|
function handleRestoreRequest(req, res) {
|
||||||
const domain = checkUserIpAddress(req, res);
|
const domain = checkUserIpAddress(req, res);
|
||||||
if (domain == null) { res.sendStatus(404); return; }
|
if (domain == null) { res.sendStatus(404); return; }
|
||||||
if ((!req.session) || (req.session == null) || (!req.session.userid) || (obj.parent.args.noserverbackup == 1)) { res.sendStatus(401); return; }
|
if (obj.parent.args.noserverbackup == 1) { res.sendStatus(401); return; }
|
||||||
const user = obj.users[req.session.userid];
|
var authUserid = null;
|
||||||
if ((user == null) || ((user.siteadmin & 4) == 0)) { res.sendStatus(401); return; } // Check if we have server restore rights
|
if ((req.session != null) && (typeof req.session.userid == 'string')) { authUserid = req.session.userid; }
|
||||||
|
|
||||||
const multiparty = require('multiparty');
|
const multiparty = require('multiparty');
|
||||||
const form = new multiparty.Form();
|
const form = new multiparty.Form();
|
||||||
form.parse(req, function (err, fields, files) {
|
form.parse(req, function (err, fields, files) {
|
||||||
|
// If an authentication cookie is embedded in the form, use that.
|
||||||
|
if ((fields != null) && (fields.auth != null) && (fields.auth.length == 1) && (typeof fields.auth[0] == 'string')) {
|
||||||
|
var loginCookie = obj.parent.decodeCookie(fields.auth[0], obj.parent.loginCookieEncryptionKey, 60); // 60 minute timeout
|
||||||
|
if ((loginCookie != null) && (loginCookie.ip != null) && (loginCookie.ip != cleanRemoteAddr(req.ip))) { loginCookie = null; } // Check cookie IP binding.
|
||||||
|
if ((loginCookie != null) && (domain.id == loginCookie.domainid)) { authUserid = loginCookie.userid; } // Use cookie authentication
|
||||||
|
}
|
||||||
|
if (authUserid == null) { res.sendStatus(401); return; }
|
||||||
|
|
||||||
|
// Get the user
|
||||||
|
const user = obj.users[req.session.userid];
|
||||||
|
if ((user == null) || ((user.siteadmin & 4) == 0)) { res.sendStatus(401); return; } // Check if we have server restore rights
|
||||||
|
|
||||||
res.send('Server must be restarted, <a href="' + domain.url + '">click here to login</a>.');
|
res.send('Server must be restarted, <a href="' + domain.url + '">click here to login</a>.');
|
||||||
parent.Stop(files.datafile[0].path);
|
parent.Stop(files.datafile[0].path);
|
||||||
});
|
});
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue