mirror of
https://github.com/Ylianst/MeshCentral.git
synced 2024-12-25 06:35:54 -05:00
Added authCookie to all multiparty forms
This commit is contained in:
parent
1270c3fbd5
commit
947f6327fc
@ -1,6 +1,6 @@
|
||||
{
|
||||
"name": "meshcentral",
|
||||
"version": "0.4.1-m",
|
||||
"version": "0.4.1-n",
|
||||
"keywords": [
|
||||
"Remote Management",
|
||||
"Intel AMT",
|
||||
|
File diff suppressed because one or more lines are too long
@ -873,6 +873,7 @@
|
||||
<div id=d3localmode style="display:none">
|
||||
<div>Upload File</div>
|
||||
<form id=d3localmodeform method=post enctype=multipart/form-data action=uploadfile.ashx target=fileUploadFrame>
|
||||
<input type=text id=d3auth name=auth style="display:none" />
|
||||
<input type=text id=d3attrib name=attrib style="display:none" />
|
||||
<input type=file id=d3localFile name=files onchange=d3setActions() />
|
||||
<input type=submit id=d3submit style="display:none" />
|
||||
@ -6491,6 +6492,7 @@
|
||||
function p15uploadCore2() {
|
||||
if (xxdialogMode) return;
|
||||
Q('d3localmodeform').action = 'uploadmeshcorefile.ashx';
|
||||
Q('d3auth').value = authCookie;
|
||||
Q('d3attrib').value = currentNode._id;
|
||||
setDialogMode(3, "Upload Mesh Agent Core", 3, p15uploadCoreEx2);
|
||||
d3init();
|
||||
@ -6836,6 +6838,7 @@
|
||||
if (xxdialogMode) return false;
|
||||
var x = 'Restore the server using a backup, <span style=color:red>this will delete the existing server data</span>. Only do this if you know what you are doing.<br /><br />';
|
||||
x += '<form action="/restoreserver.ashx" enctype="multipart/form-data" method="post"><div>';
|
||||
x += '<input type=hidden name=auth value=' + authCookie + '>';
|
||||
x += '<input id=account_dlgFileInput type=file name=datafile style=width:100% accept=".zip,application/octet-stream,application/zip,application/x-zip,application/x-zip-compressed" onchange=account_validateServerRestore()>';
|
||||
x += '<input id=account_dlgCancelButton type=button value=Cancel style=float:right;width:80px;margin-left:5px onclick=dialogclose(0)>';
|
||||
x += '<input id=account_dlgOkButton type=submit value=OK style=float:right;width:80px onclick=dialogclose(1)>';
|
||||
|
38
webserver.js
38
webserver.js
@ -1974,13 +1974,26 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
|
||||
function handleUploadMeshCoreFile(req, res) {
|
||||
const domain = checkUserIpAddress(req, res);
|
||||
if (domain == null) { res.sendStatus(404); return; }
|
||||
if ((domain.id !== '') || (!req.session) || (req.session == null) || (!req.session.userid)) { res.sendStatus(401); return; }
|
||||
const user = obj.users[req.session.userid];
|
||||
if (user.siteadmin != 0xFFFFFFFF) { res.sendStatus(401); return; } // Check if we have mesh core upload rights (Full admin only)
|
||||
if (domain.id !== '') { res.sendStatus(401); return; }
|
||||
|
||||
var authUserid = null;
|
||||
if ((req.session != null) && (typeof req.session.userid == 'string')) { authUserid = req.session.userid; }
|
||||
|
||||
const multiparty = require('multiparty');
|
||||
const form = new multiparty.Form();
|
||||
form.parse(req, function (err, fields, files) {
|
||||
// If an authentication cookie is embedded in the form, use that.
|
||||
if ((fields != null) && (fields.auth != null) && (fields.auth.length == 1) && (typeof fields.auth[0] == 'string')) {
|
||||
var loginCookie = obj.parent.decodeCookie(fields.auth[0], obj.parent.loginCookieEncryptionKey, 60); // 60 minute timeout
|
||||
if ((loginCookie != null) && (loginCookie.ip != null) && (loginCookie.ip != cleanRemoteAddr(req.ip))) { loginCookie = null; } // Check cookie IP binding.
|
||||
if ((loginCookie != null) && (domain.id == loginCookie.domainid)) { authUserid = loginCookie.userid; } // Use cookie authentication
|
||||
}
|
||||
if (authUserid == null) { res.sendStatus(401); return; }
|
||||
|
||||
// Get the user
|
||||
const user = obj.users[authUserid];
|
||||
if (user.siteadmin != 0xFFFFFFFF) { res.sendStatus(401); return; } // Check if we have mesh core upload rights (Full admin only)
|
||||
|
||||
if ((fields == null) || (fields.attrib == null) || (fields.attrib.length != 1)) { res.sendStatus(404); return; }
|
||||
for (var i in files.files) {
|
||||
var file = files.files[i];
|
||||
@ -2785,13 +2798,24 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
|
||||
function handleRestoreRequest(req, res) {
|
||||
const domain = checkUserIpAddress(req, res);
|
||||
if (domain == null) { res.sendStatus(404); return; }
|
||||
if ((!req.session) || (req.session == null) || (!req.session.userid) || (obj.parent.args.noserverbackup == 1)) { res.sendStatus(401); return; }
|
||||
const user = obj.users[req.session.userid];
|
||||
if ((user == null) || ((user.siteadmin & 4) == 0)) { res.sendStatus(401); return; } // Check if we have server restore rights
|
||||
|
||||
if (obj.parent.args.noserverbackup == 1) { res.sendStatus(401); return; }
|
||||
var authUserid = null;
|
||||
if ((req.session != null) && (typeof req.session.userid == 'string')) { authUserid = req.session.userid; }
|
||||
const multiparty = require('multiparty');
|
||||
const form = new multiparty.Form();
|
||||
form.parse(req, function (err, fields, files) {
|
||||
// If an authentication cookie is embedded in the form, use that.
|
||||
if ((fields != null) && (fields.auth != null) && (fields.auth.length == 1) && (typeof fields.auth[0] == 'string')) {
|
||||
var loginCookie = obj.parent.decodeCookie(fields.auth[0], obj.parent.loginCookieEncryptionKey, 60); // 60 minute timeout
|
||||
if ((loginCookie != null) && (loginCookie.ip != null) && (loginCookie.ip != cleanRemoteAddr(req.ip))) { loginCookie = null; } // Check cookie IP binding.
|
||||
if ((loginCookie != null) && (domain.id == loginCookie.domainid)) { authUserid = loginCookie.userid; } // Use cookie authentication
|
||||
}
|
||||
if (authUserid == null) { res.sendStatus(401); return; }
|
||||
|
||||
// Get the user
|
||||
const user = obj.users[req.session.userid];
|
||||
if ((user == null) || ((user.siteadmin & 4) == 0)) { res.sendStatus(401); return; } // Check if we have server restore rights
|
||||
|
||||
res.send('Server must be restarted, <a href="' + domain.url + '">click here to login</a>.');
|
||||
parent.Stop(files.datafile[0].path);
|
||||
});
|
||||
|
Loading…
Reference in New Issue
Block a user