1
0
Fork 0
mirror of https://github.com/Ysurac/openmptcprouter-vps-admin.git synced 2025-03-09 15:40:05 +00:00

Add, remove and list users

This commit is contained in:
Ycarus 2019-12-27 21:42:47 +01:00
parent ccb6399d2c
commit 860ac891d4

View file

@ -7,6 +7,7 @@
import json import json
import base64 import base64
import secrets
import uuid import uuid
import configparser import configparser
import subprocess import subprocess
@ -67,11 +68,28 @@ def get_bytes_ss(port):
def add_ss_user(port,key): def add_ss_user(port,key):
ss_socket = socket.socket(socket.AF_INET, socket.SOCK_DGRAM); ss_socket = socket.socket(socket.AF_INET, socket.SOCK_DGRAM);
ss_socket.sendto('add: {"server_port": ' + port + ',"key": "' + key + '"}'.encode(), ("127.0.0.1",8839)); data = 'add: {"server_port": ' + port + ',"key": "' + key + '"}'
ss_socket.sendto(data.encode(), ("127.0.0.1",8839));
with open('/etc/shadowsocks-libev/manager.json') as f:
content = f.read()
content = re.sub(",\s*}","}",content)
data = json.loads(content)
data['port_key'][port] = key
with open('/etc/shadowsocks-libev/manager.json','w') as f:
json.dump(data,f, indent=4)
def remove_ss_user(port,key):
def remove_ss_user(port):
ss_socket = socket.socket(socket.AF_INET, socket.SOCK_DGRAM); ss_socket = socket.socket(socket.AF_INET, socket.SOCK_DGRAM);
ss_socket.sendto('remove: {"server_port": ' + port + '}'.encode(), ("127.0.0.1",8839)); data = 'remove: {"server_port": ' + port + '}'
ss_socket.sendto(data.encode(), ("127.0.0.1",8839));
with open('/etc/shadowsocks-libev/manager.json') as f:
content = f.read()
content = re.sub(",\s*}","}",content)
data = json.loads(content)
del data['port_key'][port]
with open('/etc/shadowsocks-libev/manager.json','w') as f:
json.dump(data,f, indent=4)
def ordered(obj): def ordered(obj):
if isinstance(obj, dict): if isinstance(obj, dict):
@ -253,9 +271,14 @@ def status(current_user: User = Depends(get_current_user)):
vps_kernel = os.popen('uname -r').read().rstrip() vps_kernel = os.popen('uname -r').read().rstrip()
vps_omr_version = os.popen("grep -s 'OpenMPTCProuter VPS' /etc/* | awk '{print $4}'").read().rstrip() vps_omr_version = os.popen("grep -s 'OpenMPTCProuter VPS' /etc/* | awk '{print $4}'").read().rstrip()
mptcp_enabled = os.popen('sysctl -n net.mptcp.mptcp_enabled').read().rstrip() mptcp_enabled = os.popen('sysctl -n net.mptcp.mptcp_enabled').read().rstrip()
shadowsocks_port = current_user.shadowsocks_port
if not shadowsocks_port == None:
ss_traffic = get_bytes_ss(current_user.shadowsocks_port)
else:
ss_traffic = 0
if iface: if iface:
return {'vps': {'time': vps_current_time,'loadavg': vps_loadavg,'uptime': vps_uptime,'mptcp': mptcp_enabled,'hostname': vps_hostname,'kernel': vps_kernel, 'vps_omr_version': vps_omr_version}, 'network': {'tx': get_bytes('tx',iface),'rx': get_bytes('rx',iface)}, 'shadowsocks': {'traffic': get_bytes_ss(current_user.shadowsocks_port)}} return {'vps': {'time': vps_current_time,'loadavg': vps_loadavg,'uptime': vps_uptime,'mptcp': mptcp_enabled,'hostname': vps_hostname,'kernel': vps_kernel, 'vps_omr_version': vps_omr_version}, 'network': {'tx': get_bytes('tx',iface),'rx': get_bytes('rx',iface)}, 'shadowsocks': {'traffic': ss_traffic}}
else: else:
return {'error': 'No iface defined','route': 'status'} return {'error': 'No iface defined','route': 'status'}
@ -276,7 +299,10 @@ def config(current_user: User = Depends(get_current_user)):
data = {'key': '', 'server_port': 65101, 'method': 'chacha20'} data = {'key': '', 'server_port': 65101, 'method': 'chacha20'}
#shadowsocks_port = data["server_port"] #shadowsocks_port = data["server_port"]
shadowsocks_port = current_user.shadowsocks_port shadowsocks_port = current_user.shadowsocks_port
shadowsocks_key = data["port_key"][str(shadowsocks_port)] if not shadowsocks_port == None:
shadowsocks_key = data["port_key"][str(shadowsocks_port)]
else:
shadowsocks_key = ''
shadowsocks_method = data["method"] shadowsocks_method = data["method"]
if 'fast_open' in data: if 'fast_open' in data:
shadowsocks_fast_open = data["fast_open"] shadowsocks_fast_open = data["fast_open"]
@ -375,21 +401,21 @@ def config(current_user: User = Depends(get_current_user)):
#else: #else:
# openvpn_key = '' # openvpn_key = ''
openvpn_key = '' openvpn_key = ''
if os.path.isfile('/etc/openvpn/client/client.key'): if os.path.isfile('/etc/openvpn/ca/pki/private/' + current_user.username + '.key'):
with open('/etc/openvpn/client/client.key',"rb") as ovpnkey_file: with open('/etc/openvpn/ca/pki/private/' + current_user.username + '.key',"rb") as ovpnkey_file:
openvpn_keyb = base64.b64encode(ovpnkey_file.read()) openvpn_keyb = base64.b64encode(ovpnkey_file.read())
openvpn_client_key = openvpn_keyb.decode('utf-8') openvpn_client_key = openvpn_keyb.decode('utf-8')
else: else:
openvpn_client_key = '' openvpn_client_key = ''
if os.path.isfile('/etc/openvpn/client/client.crt'): if os.path.isfile('/etc/openvpn/ca/issued/' + current_user.username + '.crt'):
with open('/etc/openvpn/client/client.crt',"rb") as ovpnkey_file: with open('/etc/openvpn/ca/issued/' + current_user.username + '.crt',"rb") as ovpnkey_file:
openvpn_keyb = base64.b64encode(ovpnkey_file.read()) openvpn_keyb = base64.b64encode(ovpnkey_file.read())
openvpn_client_crt = openvpn_keyb.decode('utf-8') openvpn_client_crt = openvpn_keyb.decode('utf-8')
available_vpn.append("openvpn") available_vpn.append("openvpn")
else: else:
openvpn_client_crt = '' openvpn_client_crt = ''
if os.path.isfile('/etc/openvpn/server/ca.crt'): if os.path.isfile('/etc/openvpn/ca/pki/ca.crt'):
with open('/etc/openvpn/server/ca.crt',"rb") as ovpnkey_file: with open('/etc/openvpn/ca/pki/ca.crt',"rb") as ovpnkey_file:
openvpn_keyb = base64.b64encode(ovpnkey_file.read()) openvpn_keyb = base64.b64encode(ovpnkey_file.read())
openvpn_client_ca = openvpn_keyb.decode('utf-8') openvpn_client_ca = openvpn_keyb.decode('utf-8')
else: else:
@ -875,20 +901,53 @@ def edit_backup(params,current_user: User = Depends(get_current_user)):
class NewUser(BaseModel): class NewUser(BaseModel):
username: str username: str
permission: str permission: str = None
shadowsocks_port: int = None
vpn: str = None
@app.post('/add_user') @app.post('/add_user')
def add_user(*, params: NewUser,current_user: User = Depends(get_current_user)): def add_user(*, params: NewUser,current_user: User = Depends(get_current_user)):
if not current_user.permissions == "admin": if not current_user.permissions == "admin":
return {'result': 'permission','reason': 'Need admin user','route': 'shadowsocks'} return {'result': 'permission','reason': 'Need admin user','route': 'shadowsocks'}
user_json = json.loads('"'+ params.username + '": {"username":"'+ params.username +'","permission":"'+params.permission+'","disabled":"false"}') user_key = secrets.token_hex(32)
user_json = json.loads('{"'+ params.username + '": {"username":"'+ params.username +'","permission":"'+params.permission+'","user_password": "'+user_key.upper()+'","disabled":"false"}}')
if params.shadowsocks_port is not None:
shadowsocks_key = base64.urlsafe_b64encode(secrets.token_hex(16).encode())
add_ss_user(str(params.shadowsocks_port),shadowsocks_key.decode('utf-8'))
user_json[params.username].update({"shadowsocks_port": params.shadowsocks_port})
if params.vpn is not None:
user_json[params.username].update({"vpn": params.vpn})
with open('/etc/openmptcprouter-vps-admin/omr-admin-config.json') as f: with open('/etc/openmptcprouter-vps-admin/omr-admin-config.json') as f:
content = json.load(f) content = json.load(f)
content['users'][0].update(changes) content['users'][0].update(user_json)
with open('/etc/openmptcprouter-vps-admin/omr-admin-config.json','w') as f: with open('/etc/openmptcprouter-vps-admin/omr-admin-config.json','w') as f:
json.dump(content,f) json.dump(content,f,indent=4)
os.popen('EASYRSA_CERT_EXPIRE=3650 /etc/openvpn/ca/easyrsa build-client-full "' + params.username + '" nopass')
class RemoveUser(BaseModel):
username: str
@app.post('/remove_user')
def remove_user(*, params: RemoveUser,current_user: User = Depends(get_current_user)):
if not current_user.permissions == "admin":
return {'result': 'permission','reason': 'Need admin user','route': 'shadowsocks'}
with open('/etc/openmptcprouter-vps-admin/omr-admin-config.json') as f:
content = json.load(f)
shadowsocks_port = content['users'][0][params.username]['shadowsocks_port']
del content['users'][0][params.username]
remove_ss_user(str(shadowsocks_port))
with open('/etc/openmptcprouter-vps-admin/omr-admin-config.json','w') as f:
json.dump(content,f,indent=4)
os.remove('/etc/openvpn/ca/pki/issued/' + params.username + '.crt')
os.remove('/etc/openvpn/ca/pki/private/' + params.username + '.key')
@app.post('/list_users')
def list_users(current_user: User = Depends(get_current_user)):
if not current_user.permissions == "admin":
return {'result': 'permission','reason': 'Need admin user','route': 'shadowsocks'}
with open('/etc/openmptcprouter-vps-admin/omr-admin-config.json') as f:
content = json.load(f)
return json.dumps(content)
if __name__ == '__main__': if __name__ == '__main__':
with open('/etc/openmptcprouter-vps-admin/omr-admin-config.json') as f: with open('/etc/openmptcprouter-vps-admin/omr-admin-config.json') as f:
@ -896,6 +955,9 @@ if __name__ == '__main__':
omrport=65500 omrport=65500
if 'port' in omr_config_data: if 'port' in omr_config_data:
omrport = omr_config_data["port"] omrport = omr_config_data["port"]
omrhost='0.0.0.0'
if 'host' in omr_config_data:
omrhost = omr_config_data["host"]
# uvicorn.run(app,host='0.0.0.0',port=omrport,log_level='debug',ssl_certfile='/etc/openmptcprouter-vps-admin/cert.pem',ssl_keyfile='/etc/openmptcprouter-vps-admin/key.pem') # uvicorn.run(app,host='0.0.0.0',port=omrport,log_level='debug',ssl_certfile='/etc/openmptcprouter-vps-admin/cert.pem',ssl_keyfile='/etc/openmptcprouter-vps-admin/key.pem')
uvicorn.run(app,host='0.0.0.0',port=omrport,log_level='error',ssl_certfile='/etc/openmptcprouter-vps-admin/cert.pem',ssl_keyfile='/etc/openmptcprouter-vps-admin/key.pem') uvicorn.run(app,host=omrhost,port=omrport,log_level='error',ssl_certfile='/etc/openmptcprouter-vps-admin/cert.pem',ssl_keyfile='/etc/openmptcprouter-vps-admin/key.pem')
# uvicorn.run(app,host='0.0.0.0',port=omrport,ssl_context=('/etc/openmptcprouter-vps-admin/cert.pem','/etc/openmptcprouter-vps-admin/key.pem'),threaded=True) # uvicorn.run(app,host='0.0.0.0',port=omrport,ssl_context=('/etc/openmptcprouter-vps-admin/cert.pem','/etc/openmptcprouter-vps-admin/key.pem'),threaded=True)