Added server redirection and unlimited invite URL's.

2019-06-07 10:20:54 -07:00 · 2019-06-07 10:20:54 -07:00 · ec302db994
parent 4eb2510e2e
commit ec302db994
6 changed files with 23 additions and 5 deletions
--- a/meshcentral.js
+++ b/meshcentral.js
@ -1555,7 +1555,7 @@ function CreateMeshCentralServer(config, args) {
                if ((o.dtime > (timeout * 60000)) || (o.dtime < -30000)) { obj.debug(1, 'ERR: Bad cookie due to timeout'); return null; } // The cookie is only valid 120 seconds, or 30 seconds back in time (in case other server's clock is not quite right)
            } else {
                // An expire time is included in the cookie (in minutes), use this.
-                if ((o.dtime > (o.expire * 60000)) || (o.dtime < -30000)) { obj.debug(1, 'ERR: Bad cookie due to timeout'); return null; } // The cookie is only valid 120 seconds, or 30 seconds back in time (in case other server's clock is not quite right)
+                if ((o.expire !== 0) && ((o.dtime > (o.expire * 60000)) || (o.dtime < -30000))) { obj.debug(1, 'ERR: Bad cookie due to timeout'); return null; } // The cookie is only valid 120 seconds, or 30 seconds back in time (in case other server's clock is not quite right)
            }
            return o;
        } catch (ex) { obj.debug(1, 'ERR: Bad AESGCM cookie due to exception: ' + ex); return null; }
@ -1583,7 +1583,7 @@ function CreateMeshCentralServer(config, args) {
                if ((o.dtime > (timeout * 60000)) || (o.dtime < -30000)) { obj.debug(1, 'ERR: Bad cookie due to timeout'); return null; } // The cookie is only valid 120 seconds, or 30 seconds back in time (in case other server's clock is not quite right)
            } else {
                // An expire time is included in the cookie (in minutes), use this.
-                if ((o.dtime > (o.expire * 60000)) || (o.dtime < -30000)) { obj.debug(1, 'ERR: Bad cookie due to timeout'); return null; } // The cookie is only valid 120 seconds, or 30 seconds back in time (in case other server's clock is not quite right)
+                if ((o.expire !== 0) && ((o.dtime > (o.expire * 60000)) || (o.dtime < -30000))) { obj.debug(1, 'ERR: Bad cookie due to timeout'); return null; } // The cookie is only valid 120 seconds, or 30 seconds back in time (in case other server's clock is not quite right)
            }
            return o;
        } catch (ex) { obj.debug(1, 'ERR: Bad AESSHA cookie due to exception: ' + ex); return null; }
--- a/meshuser.js
+++ b/meshuser.js
@ -2501,7 +2501,7 @@ module.exports.CreateMeshUser = function (parent, db, ws, req, args, domain, use
                }
            case 'createInviteLink': {
                if (common.validateString(command.meshid, 8, 128) == false) break; // Check the meshid
-                if (common.validateInt(command.expire, 1, 99999) == false) break; // Check the expire time in hours
+                if (common.validateInt(command.expire, 0, 99999) == false) break; // Check the expire time in hours
                if (common.validateInt(command.flags, 0, 256) == false) break; // Check the flags
                var mesh = parent.meshes[command.meshid];
                if (mesh == null) break;
--- a/package.json
+++ b/package.json
@ -1,6 +1,6 @@
 {
  "name": "meshcentral",
-  "version": "0.3.6-d",
+  "version": "0.3.6-e",
  "keywords": [
    "Remote Management",
    "Intel AMT",
--- a/sample-config.json
+++ b/sample-config.json
@ -46,6 +46,9 @@
      "keepLastDaysBackup": 10,
      "zipPassword": "MyReallySecretPassword3",
      "_backupPath": "C:\\backups"
+    },
+    "_Redirects": {
+      "meshcommander": "https://www.meshcommander.com/"
    }
  },
  "_domains": {
--- a/views/default.handlebars
+++ b/views/default.handlebars
@ -1998,6 +1998,7 @@
                    if (message.expire == 24) { t = '1 day'; }
                    if (message.expire == 168) { t = '1 week'; }
                    if (message.expire == 5040) { t = '1 month'; }
+                    if (message.expire == 0) { t = 'Unlimited'; }
                    QH('agentInvitationLink', 'Invitation Link (' + t + ')');
                    QV('agentInvitationLinkDiv', true);
                    break;
@ -2708,7 +2709,7 @@
                x += '</div>';
            }
            x += '<div id=urlInviteDiv>Invite someone to install the mesh agent by sharing a invitation link. This link points the user to installation instructions for the \"' + EscapeHtml(mesh.name) + '\" device group. The link is public and no account this server is needed.<br /><br />';
-            x += addHtmlValue('Link Expiration', '<select id=d2inviteExpire style=width:236px onchange=d2RequestInvitationLink()><option value=1>1 hour</option><option value=8>8 hours</option><option value=24>1 day</option><option value=168>1 week</option><option value=5040>1 month</option></select>');
+            x += addHtmlValue('Link Expiration', '<select id=d2inviteExpire style=width:236px onchange=d2RequestInvitationLink()><option value=1>1 hour</option><option value=8>8 hours</option><option value=24>1 day</option><option value=168>1 week</option><option value=5040>1 month</option><option value=0>Unlimited</option></select>');
            x += '<div id=agentInvitationLinkDiv style="text-align:center;font-size:large;margin:16px;display:none"><a id=agentInvitationLink target="_blank" href="" style=cursor:pointer></a> <img src=images/link4.png height=10 width=10 title="Copy link to clipboard" style=cursor:pointer onclick=d2CopyInviteToClip()></div></div>';
            setDialogMode(2, "Invite", 3, performAgentInvite, x, meshid);
            validateAgentInvite();
--- a/webserver.js
+++ b/webserver.js
@ -1699,6 +1699,17 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
        }
    }

+    // Handle domain redirection
+    function handleDomainRedirect(req, res) {
+        const domain = checkUserIpAddress(req, res);
+        if ((domain == null) || (domain.redirects == null)) { res.sendStatus(404); return; }
+        var urlArgs = '', urlName = null, splitUrl = req.originalUrl.split("?");
+        if (splitUrl.length > 1) { urlArgs = '?' + splitUrl[1]; }
+        if ((splitUrl.length > 0) && (splitUrl[0].length > 1)) { urlName = splitUrl[0].substring(1).toLowerCase(); }
+        if ((urlName == null) || (domain.redirects[urlName] == null)) { res.sendStatus(404); return; }
+        res.redirect(domain.redirects[urlName] + urlArgs);
+    }
+
    // Take a "user/domain/userid/path/file" format and return the actual server disk file path if access is allowed
    obj.getServerFilePath = function (user, domain, path) {
        var splitpath = path.split('/'), serverpath = obj.path.join(obj.filespath, 'domain'), filename = '';
@ -2716,6 +2727,9 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
            obj.app.get(url + 'logo.png', handleLogoRequest);
            obj.app.get(url + 'welcome.jpg', handleWelcomeImageRequest);

+            // Server redirects
+            if (parent.config.domains[i].redirects) { for (var j in parent.config.domains[i].redirects) { obj.app.get(url + j, handleDomainRedirect); } }
+
            // Server picture
            obj.app.get(url + 'serverpic.ashx', function (req, res) {
                // Check if we have "server.jpg" in the data folder, if so, use that.