external/MeshCentral
1
0
Fork 0
mirror of https://github.com/Ylianst/MeshCentral.git synced 2025-03-09 15:40:18 +00:00
Code Issues Releases Wiki Activity

fix meshctrl with key=xxx and loginkey #6328

Browse source 
Signed-off-by: si458 <simonsmith5521@gmail.com>
This commit is contained in:
si458 2024-08-16 16:02:21 +01:00
parent c1e3354c91
commit fa39f8a105
2 changed files with 10 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

7
webserver.js
View file

@ -6573,12 +6573,17 @@ module.exports.CreateWebServer = function (parent, db, args, certificates, doneF
try { ws.close(); } catch (ex) { }
return;
}
if ((domain.loginkey != null) && (domain.loginkey.indexOf(req.query.key) == -1)) { ws.close(); return; } // Check 3FA URL key
if ((domain.loginkey != null) && (domain.loginkey.indexOf(req.query.key) == -1)) { // Check 3FA URL key
try { ws.send(JSON.stringify({ action: 'close', cause: 'noauth', msg: 'nokey' })); } catch (ex) { }
try { ws.close(); } catch (ex) { }
return;
}
PerformWSSessionAuth(ws, req, true, function (ws1, req1, domain, user, cookie, authData) {
if (user == null) { // User is not authenticated, perform inner server authentication
if (req.headers['x-meshauth'] === '*') {
PerformWSSessionInnerAuth(ws, req, domain, function (ws1, req1, domain, user) { obj.meshUserHandler.CreateMeshUser(obj, obj.db, ws1, req1, obj.args, domain, user, authData); }); // User is authenticated
} else {
try { ws.send(JSON.stringify({ action: 'close', cause: 'noauth', msg: 'noauth' })); } catch (ex) { }
try { ws.close(); } catch (ex) { } // user is not authenticated and inner authentication was not requested, disconnect now.
}
} else {