Add metadata to the relay connection for user -> device tracking

Update server console command 'relays' to display friendly information
This commit is contained in:
Ryan Blenis 2020-04-13 19:44:12 -04:00
parent ffd7909f09
commit b1fc15aa27
2 changed files with 11 additions and 7 deletions

View File

@ -20,6 +20,7 @@ module.exports.CreateMeshRelay = function (parent, ws, req, domain, user, cookie
obj.user = user;
obj.ruserid = null;
obj.req = req; // Used in multi-server.js
obj.metadata = {};
// Check relay authentication
if ((user == null) && (obj.req.query != null) && (obj.req.query.rauth != null)) {
@ -191,7 +192,7 @@ module.exports.CreateMeshRelay = function (parent, ws, req, domain, user, cookie
relayinfo.peer1.ws.peer = relayinfo.peer2.ws;
relayinfo.peer2.ws.peer = relayinfo.peer1.ws;
// Remove the timeout
if (relayinfo.timeout) { clearTimeout(relayinfo.timeout); delete relayinfo.timeout; }
@ -203,7 +204,7 @@ module.exports.CreateMeshRelay = function (parent, ws, req, domain, user, cookie
parent.db.Get(obj.req.query.nodeid, function (err, nodes) {
var xusername = '', xdevicename = '', xdevicename2 = null;
if ((nodes != null) && (nodes.length == 1)) { xdevicename2 = nodes[0].name; xdevicename = '-' + parent.common.makeFilename(nodes[0].name); }
// Get the username and make it acceptable as a filename
if (sessionUser._id) { xusername = '-' + parent.common.makeFilename(sessionUser._id.split('/')[2]); }
@ -268,7 +269,7 @@ module.exports.CreateMeshRelay = function (parent, ws, req, domain, user, cookie
} else {
// Wait for other relay connection
ws._socket.pause(); // Hold traffic until the other connection
parent.wsrelays[obj.id] = { peer1: obj, state: 1, timeout: setTimeout(function () { closeBothSides(); }, 30000) };
parent.wsrelays[obj.id] = { peer1: obj, state: 1, metadata: obj.metadata, timeout: setTimeout(function () { closeBothSides(); }, 30000) };
parent.parent.debug('relay', 'Relay holding: ' + obj.id + ' (' + cleanRemoteAddr(obj.req.ip) + ') ' + (obj.authenticated ? 'Authenticated' : ''));
// Check if a peer server has this connection
@ -417,10 +418,11 @@ module.exports.CreateMeshRelay = function (parent, ws, req, domain, user, cookie
parent.db.Get(cookie.nodeid, function (err, docs) {
if (docs.length == 0) { console.log('ERR: Node not found'); try { obj.close(); } catch (e) { } return; } // Disconnect websocket
const node = docs[0];
// Check if this user has permission to manage this computer
if ((parent.GetNodeRights(user, node.meshid, node._id) & MESHRIGHT_REMOTECONTROL) == 0) { console.log('ERR: Access denied (1)'); try { obj.close(); } catch (e) { } return; }
obj.metadata.peer2 = { name: node.name };
obj.metadata.authUser = user;
// Send connection request to agent
const rcookie = parent.parent.encodeCookie({ ruserid: user._id }, parent.parent.loginCookieEncryptionKey);
if (obj.id == undefined) { obj.id = ('' + Math.random()).substring(2); } // If there is no connection id, generate one.
@ -435,10 +437,11 @@ module.exports.CreateMeshRelay = function (parent, ws, req, domain, user, cookie
parent.db.Get(obj.req.query.nodeid, function (err, docs) {
if (docs.length == 0) { console.log('ERR: Node not found'); try { obj.close(); } catch (e) { } return; } // Disconnect websocket
const node = docs[0];
// Check if this user has permission to manage this computer
if ((parent.GetNodeRights(user, node.meshid, node._id) & MESHRIGHT_REMOTECONTROL) == 0) { console.log('ERR: Access denied (2)'); try { obj.close(); } catch (e) { } return; }
obj.metadata.peer2 = { name: node.name };
obj.metadata.authUser = user;
// Send connection request to agent
if (obj.id == null) { obj.id = ('' + Math.random()).substring(2); } // If there is no connection id, generate one.
const rcookie = parent.parent.encodeCookie({ ruserid: user._id }, parent.parent.loginCookieEncryptionKey);

View File

@ -1034,6 +1034,7 @@ module.exports.CreateMeshUser = function (parent, db, ws, req, args, domain, use
r += 'id: ' + i + ', state: ' + parent.wsrelays[i].state;
if (parent.wsrelays[i].peer1 != null) { r += ', peer1: ' + cleanRemoteAddr(parent.wsrelays[i].peer1.req.ip); }
if (parent.wsrelays[i].peer2 != null) { r += ', peer2: ' + cleanRemoteAddr(parent.wsrelays[i].peer2.req.ip); }
if (parent.wsrelays[i].metadata != null) { r += ', ' + parent.wsrelays[i].metadata.authUser._id + ' connected to ' + parent.wsrelays[i].metadata.peer2.name; }
r += '\r\n';
}
if (r == '') { r = 'No relays.'; }