mirror of
https://github.com/Ylianst/MeshCentral.git
synced 2024-12-24 06:05:53 -05:00
Fixed server account and login times.
This commit is contained in:
parent
571adf1ed4
commit
25ccec1d81
1
.gitignore
vendored
1
.gitignore
vendored
@ -8,6 +8,7 @@
|
||||
meshcentral.db
|
||||
meshcentral.db.json
|
||||
mesherrors.txt
|
||||
bob.json
|
||||
|
||||
## Ignore Visual Studio temporary files, build results, and
|
||||
## files generated by popular Visual Studio add-ons.
|
||||
|
@ -94,6 +94,7 @@
|
||||
<Compile Include="agents\modules_meshcore_min\win-message-pump.min.js" />
|
||||
<Compile Include="agents\modules_meshcore_min\win-registry.min.js" />
|
||||
<Compile Include="agents\modules_meshcore_min\win-terminal.min.js" />
|
||||
<Compile Include="agents\recoverycore.js" />
|
||||
<Compile Include="agents\testsuite.js" />
|
||||
<Compile Include="agents\tinycore.js" />
|
||||
<Compile Include="amtevents.js" />
|
||||
|
41
db.js
41
db.js
@ -99,7 +99,7 @@ module.exports.CreateDB = function (parent) {
|
||||
});
|
||||
};
|
||||
|
||||
obj.cleanup = function () {
|
||||
obj.cleanup = function (func) {
|
||||
// TODO: Remove all mesh links to invalid users
|
||||
// TODO: Remove all meshes that dont have any links
|
||||
|
||||
@ -108,14 +108,43 @@ module.exports.CreateDB = function (parent) {
|
||||
var meshlist = [];
|
||||
if (err == null && docs.length > 0) { for (var i in docs) { meshlist.push(docs[i]._id); } }
|
||||
obj.file.remove({ meshid: { $exists: true, $nin: meshlist } }, { multi: true });
|
||||
});
|
||||
|
||||
// Clear up all users
|
||||
/*
|
||||
// Fix all of the creating & login to ticks by seconds, not milliseconds.
|
||||
obj.GetAllType('user', function (err, docs) {
|
||||
for (var i in docs) { if (docs[i].subscriptions != null) { console.log('Clean user: ' + docs[i].name); obj.SetUser(docs[i]); } } // Remove "subscriptions" that should not be there.
|
||||
if (err == null && docs.length > 0) {
|
||||
for (var i in docs) {
|
||||
var fixed = false;
|
||||
|
||||
// Fix account creation
|
||||
if (docs[i].creation) {
|
||||
if (docs[i].creation > 1300000000000) { docs[i].creation = Math.floor(docs[i].creation / 1000); fixed = true; }
|
||||
if ((docs[i].creation % 1) != 0) { docs[i].creation = Math.floor(docs[i].creation); fixed = true; }
|
||||
}
|
||||
|
||||
// Fix last account login
|
||||
if (docs[i].login) {
|
||||
if (docs[i].login > 1300000000000) { docs[i].login = Math.floor(docs[i].login / 1000); fixed = true; }
|
||||
if ((docs[i].login % 1) != 0) { docs[i].login = Math.floor(docs[i].login); fixed = true; }
|
||||
}
|
||||
|
||||
// Fix last password change
|
||||
if (docs[i].passchange) {
|
||||
if (docs[i].passchange > 1300000000000) { docs[i].passchange = Math.floor(docs[i].passchange / 1000); fixed = true; }
|
||||
if ((docs[i].passchange % 1) != 0) { docs[i].passchange = Math.floor(docs[i].passchange); fixed = true; }
|
||||
}
|
||||
|
||||
// Fix subscriptions
|
||||
if (docs[i].subscriptions != null) { delete docs[i].subscriptions; fixed = true; }
|
||||
|
||||
// Save the user if needed
|
||||
if (fixed) { obj.Set(docs[i]); }
|
||||
|
||||
// We are done
|
||||
if (func) { func(); }
|
||||
}
|
||||
}
|
||||
});
|
||||
});
|
||||
*/
|
||||
};
|
||||
|
||||
obj.Set = function (data, func) { obj.file.update({ _id: data._id }, data, { upsert: true }, func); };
|
||||
|
@ -100,7 +100,8 @@ function CreateMeshCentralServer(config, args) {
|
||||
for (i in obj.config.settings) { obj.args[i] = obj.config.settings[i]; } // Place all settings into arguments, arguments have already been placed into settings so arguments take precedence.
|
||||
|
||||
if ((obj.args.help == true) || (obj.args['?'] == true)) {
|
||||
console.log('MeshCentral2 Beta 2, a web-based remote computer management web portal.\r\n');
|
||||
console.log('MeshCentral v' + obj.currentVer + ', a open source remote computer management web portal.');
|
||||
console.log('Details at: https://www.meshcommander.com/meshcentral2\r\n');
|
||||
if (obj.platform == 'win32') {
|
||||
console.log('Run as a Windows Service');
|
||||
console.log(' --install/uninstall Install Meshcentral as a background service.');
|
||||
@ -361,16 +362,16 @@ function CreateMeshCentralServer(config, args) {
|
||||
// Read or setup database configuration values
|
||||
obj.db.Get('dbconfig', function (err, dbconfig) {
|
||||
if (dbconfig.length == 1) { obj.dbconfig = dbconfig[0]; } else { obj.dbconfig = { _id: 'dbconfig', version: 1 }; }
|
||||
if (obj.dbconfig.amtWsEventSecret == null) { require('crypto').randomBytes(32, function (err, buf) { obj.dbconfig.amtWsEventSecret = buf.toString('hex'); obj.db.Set(obj.dbconfig); }); }
|
||||
if (obj.dbconfig.amtWsEventSecret == null) { obj.crypto.randomBytes(32, function (err, buf) { obj.dbconfig.amtWsEventSecret = buf.toString('hex'); obj.db.Set(obj.dbconfig); }); }
|
||||
|
||||
// This is used by the user to create a username/password for a Intel AMT WSMAN event subscription
|
||||
if (obj.args.getwspass) {
|
||||
if (obj.args.getwspass.length == 64) {
|
||||
require('crypto').randomBytes(6, function (err, buf) {
|
||||
obj.crypto.randomBytes(6, function (err, buf) {
|
||||
while (obj.dbconfig.amtWsEventSecret == null) { process.nextTick(); }
|
||||
var username = buf.toString('hex');
|
||||
var nodeid = obj.args.getwspass;
|
||||
var pass = require('crypto').createHash('sha384').update(username.toLowerCase() + ":" + nodeid + ":" + obj.dbconfig.amtWsEventSecret).digest("base64").substring(0, 12).split("/").join("x").split("\\").join("x");
|
||||
var pass = obj.crypto.createHash('sha384').update(username.toLowerCase() + ":" + nodeid + ":" + obj.dbconfig.amtWsEventSecret).digest("base64").substring(0, 12).split("/").join("x").split("\\").join("x");
|
||||
console.log('--- Intel(r) AMT WSMAN eventing credentials ---');
|
||||
console.log('Username: ' + username);
|
||||
console.log('Password: ' + pass);
|
||||
@ -489,7 +490,7 @@ function CreateMeshCentralServer(config, args) {
|
||||
obj.updateMeshAgentInstallScripts();
|
||||
|
||||
// Setup and start the web server
|
||||
require('crypto').randomBytes(48, function (err, buf) {
|
||||
obj.crypto.randomBytes(48, function (err, buf) {
|
||||
// Setup Mesh Multi-Server if needed
|
||||
obj.multiServer = require('./multiserver.js').CreateMultiServer(obj, obj.args);
|
||||
if (obj.multiServer != null) {
|
||||
|
@ -587,7 +587,7 @@ module.exports.CreateMeshUser = function (parent, db, ws, req, args, domain, use
|
||||
var newusername = command.username, newuserid = 'user/' + domain.id + '/' + command.username.toLowerCase();
|
||||
if (newusername == '~') break; // This is a reserved user name
|
||||
if (!obj.parent.users[newuserid]) {
|
||||
var newuser = { type: 'user', _id: newuserid, name: newusername, creation: Date.now(), domain: domain.id };
|
||||
var newuser = { type: 'user', _id: newuserid, name: newusername, creation: Math.floor(Date.now() / 1000), domain: domain.id };
|
||||
if (command.email != null) { newuser.email = command.email; } // Email
|
||||
obj.parent.users[newuserid] = newuser;
|
||||
// Create a user, generate a salt and hash the password
|
||||
|
@ -1,6 +1,6 @@
|
||||
{
|
||||
"name": "meshcentral",
|
||||
"version": "0.2.6-w",
|
||||
"version": "0.2.6-x",
|
||||
"keywords": [
|
||||
"Remote Management",
|
||||
"Intel AMT",
|
||||
|
@ -1568,7 +1568,7 @@
|
||||
}
|
||||
case 'login': {
|
||||
// Update the last login time
|
||||
if (users != null && users['user/' + domain + '/' + message.event.username.toLowerCase()]) { users['user/' + domain + '/' + message.event.username.toLowerCase()].login = message.event.time; }
|
||||
if (users != null && users['user/' + domain + '/' + message.event.username.toLowerCase()]) { users['user/' + domain + '/' + message.event.username.toLowerCase()].login = Math.floor(message.event.time / 1000); }
|
||||
break;
|
||||
}
|
||||
case 'scanamtdevice': {
|
||||
@ -5247,7 +5247,8 @@
|
||||
count++;
|
||||
|
||||
// Mesh rights
|
||||
var meshrights = meshes[i].links['user/' + domain + '/' + userinfo.name.toLowerCase()].rights;
|
||||
var meshrights = 0;
|
||||
if (meshes[i].links['user/' + domain + '/' + userinfo.name.toLowerCase()]) { meshrights = meshes[i].links['user/' + domain + '/' + userinfo.name.toLowerCase()].rights; }
|
||||
var rights = 'Partial Rights';
|
||||
if (meshrights == 0xFFFFFFFF) rights = 'Full Administrator'; else if (meshrights == 0) rights = 'No Rights';
|
||||
|
||||
@ -5882,7 +5883,7 @@
|
||||
}
|
||||
if (sessions == 1) { msg += '1 active session'; } else { msg += sessions + ' active sessions'; }
|
||||
} else {
|
||||
if (user.login) { msg += '<span title="Last login: ' + new Date(user.login).toLocaleString() + '">' + new Date(user.login).toLocaleDateString() + '</span>'; }
|
||||
if (user.login) { msg += '<span title="Last login: ' + new Date(user.login * 1000).toLocaleString() + '">' + new Date(user.login * 1000).toLocaleDateString() + '</span>'; }
|
||||
}
|
||||
if (msg != '') msg += ', ';
|
||||
if (self) { msg += "<a onclick=showUserAdminDialog(event,\"" + encodeURIComponent(user._id) + "\")>"; }
|
||||
@ -6058,8 +6059,8 @@
|
||||
x += addDeviceAttribute('Email', everify + "<a style=cursor:pointer onclick=p30showUserEmailChangeDialog(event,\"" + userid + "\")>" + email + '</a> <a style=cursor:pointer onclick=doemail(event,\"' + user.email + '\")><img src="images/link1.png" /></a>');
|
||||
x += addDeviceAttribute('Server Rights', "<a style=cursor:pointer onclick=showUserAdminDialog(event,\"" + userid + "\")>" + msg + "</a>");
|
||||
if (user.quota) x += addDeviceAttribute('Server Quota', EscapeHtml(parseInt(user.quota) / 1024) + ' k');
|
||||
x += addDeviceAttribute('Creation', new Date(user.creation).toLocaleString());
|
||||
if (user.login) x += addDeviceAttribute('Last Login', new Date(user.login).toLocaleString());
|
||||
x += addDeviceAttribute('Creation', new Date(user.creation * 1000).toLocaleString());
|
||||
if (user.login) x += addDeviceAttribute('Last Login', new Date(user.login * 1000).toLocaleString());
|
||||
|
||||
x += '</table></div><br />';
|
||||
|
||||
|
10
webserver.js
10
webserver.js
@ -353,7 +353,7 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
|
||||
}
|
||||
|
||||
// Save login time
|
||||
user.login = Date.now();
|
||||
user.login = Math.floor(Date.now() / 1000);
|
||||
obj.db.SetUser(user);
|
||||
|
||||
// Regenerate session when signing in to prevent fixation
|
||||
@ -434,7 +434,7 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
|
||||
} else {
|
||||
var hint = req.body.apasswordhint;
|
||||
if (hint.length > 250) hint = hint.substring(0, 250);
|
||||
var user = { type: 'user', _id: 'user/' + domain.id + '/' + req.body.username.toLowerCase(), name: req.body.username, email: req.body.email, creation: Date.now(), login: Date.now(), domain: domain.id, passhint: hint };
|
||||
var user = { type: 'user', _id: 'user/' + domain.id + '/' + req.body.username.toLowerCase(), name: req.body.username, email: req.body.email, creation: Math.floor(Date.now() / 1000), login: Math.floor(Date.now() / 1000), domain: domain.id, passhint: hint };
|
||||
var usercount = 0;
|
||||
for (var i in obj.users) { if (obj.users[i].domain == domain.id) { usercount++; } }
|
||||
if (usercount == 0) { user.siteadmin = 0xFFFFFFFF; if (domain.newaccounts === 2) { domain.newaccounts = 0; } } // If this is the first user, give the account site admin.
|
||||
@ -563,7 +563,7 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
|
||||
userinfo = obj.users[user._id];
|
||||
userinfo.salt = salt;
|
||||
userinfo.hash = hash;
|
||||
userinfo.passchange = Date.now();
|
||||
userinfo.passchange = Math.floor(Date.now() / 1000);
|
||||
userinfo.passhint = null;
|
||||
delete userinfo.otpsecret; // Currently a email password reset will turn off 2-step login.
|
||||
obj.db.SetUser(userinfo);
|
||||
@ -658,7 +658,7 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
|
||||
var user = obj.users[req.session.userid];
|
||||
user.salt = salt;
|
||||
user.hash = hash;
|
||||
user.passchange = Date.now();
|
||||
user.passchange = Math.floor(Date.now() / 1000);
|
||||
user.passhint = req.body.apasswordhint;
|
||||
obj.db.SetUser(user);
|
||||
req.session.viewmode = 2;
|
||||
@ -743,7 +743,7 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
|
||||
user = obj.users[req.session.userid];
|
||||
if ((user == null) || (user.sid != req.session.usersid)) {
|
||||
// Create the domain user
|
||||
var usercount = 0, user2 = { type: 'user', _id: req.session.userid, name: req.connection.user, domain: domain.id, sid: req.session.usersid, creation: Date.now() };
|
||||
var usercount = 0, user2 = { type: 'user', _id: req.session.userid, name: req.connection.user, domain: domain.id, sid: req.session.usersid, creation: Math.floor(Date.now() / 1000), login: Math.floor(Date.now() / 1000) };
|
||||
for (var i in obj.users) { if (obj.users[i].domain == domain.id) { usercount++; } }
|
||||
if (usercount == 0) { user2.siteadmin = 0xFFFFFFFF; } // If this is the first user, give the account site admin.
|
||||
obj.users[req.session.userid] = user2;
|
||||
|
Loading…
Reference in New Issue
Block a user