Added server redirection and unlimited invite URL's.

This commit is contained in:
Ylian Saint-Hilaire 2019-06-07 10:20:54 -07:00
parent 4eb2510e2e
commit ec302db994
6 changed files with 23 additions and 5 deletions

View File

@ -1555,7 +1555,7 @@ function CreateMeshCentralServer(config, args) {
if ((o.dtime > (timeout * 60000)) || (o.dtime < -30000)) { obj.debug(1, 'ERR: Bad cookie due to timeout'); return null; } // The cookie is only valid 120 seconds, or 30 seconds back in time (in case other server's clock is not quite right) if ((o.dtime > (timeout * 60000)) || (o.dtime < -30000)) { obj.debug(1, 'ERR: Bad cookie due to timeout'); return null; } // The cookie is only valid 120 seconds, or 30 seconds back in time (in case other server's clock is not quite right)
} else { } else {
// An expire time is included in the cookie (in minutes), use this. // An expire time is included in the cookie (in minutes), use this.
if ((o.dtime > (o.expire * 60000)) || (o.dtime < -30000)) { obj.debug(1, 'ERR: Bad cookie due to timeout'); return null; } // The cookie is only valid 120 seconds, or 30 seconds back in time (in case other server's clock is not quite right) if ((o.expire !== 0) && ((o.dtime > (o.expire * 60000)) || (o.dtime < -30000))) { obj.debug(1, 'ERR: Bad cookie due to timeout'); return null; } // The cookie is only valid 120 seconds, or 30 seconds back in time (in case other server's clock is not quite right)
} }
return o; return o;
} catch (ex) { obj.debug(1, 'ERR: Bad AESGCM cookie due to exception: ' + ex); return null; } } catch (ex) { obj.debug(1, 'ERR: Bad AESGCM cookie due to exception: ' + ex); return null; }
@ -1583,7 +1583,7 @@ function CreateMeshCentralServer(config, args) {
if ((o.dtime > (timeout * 60000)) || (o.dtime < -30000)) { obj.debug(1, 'ERR: Bad cookie due to timeout'); return null; } // The cookie is only valid 120 seconds, or 30 seconds back in time (in case other server's clock is not quite right) if ((o.dtime > (timeout * 60000)) || (o.dtime < -30000)) { obj.debug(1, 'ERR: Bad cookie due to timeout'); return null; } // The cookie is only valid 120 seconds, or 30 seconds back in time (in case other server's clock is not quite right)
} else { } else {
// An expire time is included in the cookie (in minutes), use this. // An expire time is included in the cookie (in minutes), use this.
if ((o.dtime > (o.expire * 60000)) || (o.dtime < -30000)) { obj.debug(1, 'ERR: Bad cookie due to timeout'); return null; } // The cookie is only valid 120 seconds, or 30 seconds back in time (in case other server's clock is not quite right) if ((o.expire !== 0) && ((o.dtime > (o.expire * 60000)) || (o.dtime < -30000))) { obj.debug(1, 'ERR: Bad cookie due to timeout'); return null; } // The cookie is only valid 120 seconds, or 30 seconds back in time (in case other server's clock is not quite right)
} }
return o; return o;
} catch (ex) { obj.debug(1, 'ERR: Bad AESSHA cookie due to exception: ' + ex); return null; } } catch (ex) { obj.debug(1, 'ERR: Bad AESSHA cookie due to exception: ' + ex); return null; }

View File

@ -2501,7 +2501,7 @@ module.exports.CreateMeshUser = function (parent, db, ws, req, args, domain, use
} }
case 'createInviteLink': { case 'createInviteLink': {
if (common.validateString(command.meshid, 8, 128) == false) break; // Check the meshid if (common.validateString(command.meshid, 8, 128) == false) break; // Check the meshid
if (common.validateInt(command.expire, 1, 99999) == false) break; // Check the expire time in hours if (common.validateInt(command.expire, 0, 99999) == false) break; // Check the expire time in hours
if (common.validateInt(command.flags, 0, 256) == false) break; // Check the flags if (common.validateInt(command.flags, 0, 256) == false) break; // Check the flags
var mesh = parent.meshes[command.meshid]; var mesh = parent.meshes[command.meshid];
if (mesh == null) break; if (mesh == null) break;

View File

@ -1,6 +1,6 @@
{ {
"name": "meshcentral", "name": "meshcentral",
"version": "0.3.6-d", "version": "0.3.6-e",
"keywords": [ "keywords": [
"Remote Management", "Remote Management",
"Intel AMT", "Intel AMT",

View File

@ -46,6 +46,9 @@
"keepLastDaysBackup": 10, "keepLastDaysBackup": 10,
"zipPassword": "MyReallySecretPassword3", "zipPassword": "MyReallySecretPassword3",
"_backupPath": "C:\\backups" "_backupPath": "C:\\backups"
},
"_Redirects": {
"meshcommander": "https://www.meshcommander.com/"
} }
}, },
"_domains": { "_domains": {

View File

@ -1998,6 +1998,7 @@
if (message.expire == 24) { t = '1 day'; } if (message.expire == 24) { t = '1 day'; }
if (message.expire == 168) { t = '1 week'; } if (message.expire == 168) { t = '1 week'; }
if (message.expire == 5040) { t = '1 month'; } if (message.expire == 5040) { t = '1 month'; }
if (message.expire == 0) { t = 'Unlimited'; }
QH('agentInvitationLink', 'Invitation Link (' + t + ')'); QH('agentInvitationLink', 'Invitation Link (' + t + ')');
QV('agentInvitationLinkDiv', true); QV('agentInvitationLinkDiv', true);
break; break;
@ -2708,7 +2709,7 @@
x += '</div>'; x += '</div>';
} }
x += '<div id=urlInviteDiv>Invite someone to install the mesh agent by sharing a invitation link. This link points the user to installation instructions for the \"' + EscapeHtml(mesh.name) + '\" device group. The link is public and no account this server is needed.<br /><br />'; x += '<div id=urlInviteDiv>Invite someone to install the mesh agent by sharing a invitation link. This link points the user to installation instructions for the \"' + EscapeHtml(mesh.name) + '\" device group. The link is public and no account this server is needed.<br /><br />';
x += addHtmlValue('Link Expiration', '<select id=d2inviteExpire style=width:236px onchange=d2RequestInvitationLink()><option value=1>1 hour</option><option value=8>8 hours</option><option value=24>1 day</option><option value=168>1 week</option><option value=5040>1 month</option></select>'); x += addHtmlValue('Link Expiration', '<select id=d2inviteExpire style=width:236px onchange=d2RequestInvitationLink()><option value=1>1 hour</option><option value=8>8 hours</option><option value=24>1 day</option><option value=168>1 week</option><option value=5040>1 month</option><option value=0>Unlimited</option></select>');
x += '<div id=agentInvitationLinkDiv style="text-align:center;font-size:large;margin:16px;display:none"><a id=agentInvitationLink target="_blank" href="" style=cursor:pointer></a> <img src=images/link4.png height=10 width=10 title="Copy link to clipboard" style=cursor:pointer onclick=d2CopyInviteToClip()></div></div>'; x += '<div id=agentInvitationLinkDiv style="text-align:center;font-size:large;margin:16px;display:none"><a id=agentInvitationLink target="_blank" href="" style=cursor:pointer></a> <img src=images/link4.png height=10 width=10 title="Copy link to clipboard" style=cursor:pointer onclick=d2CopyInviteToClip()></div></div>';
setDialogMode(2, "Invite", 3, performAgentInvite, x, meshid); setDialogMode(2, "Invite", 3, performAgentInvite, x, meshid);
validateAgentInvite(); validateAgentInvite();

View File

@ -1699,6 +1699,17 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
} }
} }
// Handle domain redirection
function handleDomainRedirect(req, res) {
const domain = checkUserIpAddress(req, res);
if ((domain == null) || (domain.redirects == null)) { res.sendStatus(404); return; }
var urlArgs = '', urlName = null, splitUrl = req.originalUrl.split("?");
if (splitUrl.length > 1) { urlArgs = '?' + splitUrl[1]; }
if ((splitUrl.length > 0) && (splitUrl[0].length > 1)) { urlName = splitUrl[0].substring(1).toLowerCase(); }
if ((urlName == null) || (domain.redirects[urlName] == null)) { res.sendStatus(404); return; }
res.redirect(domain.redirects[urlName] + urlArgs);
}
// Take a "user/domain/userid/path/file" format and return the actual server disk file path if access is allowed // Take a "user/domain/userid/path/file" format and return the actual server disk file path if access is allowed
obj.getServerFilePath = function (user, domain, path) { obj.getServerFilePath = function (user, domain, path) {
var splitpath = path.split('/'), serverpath = obj.path.join(obj.filespath, 'domain'), filename = ''; var splitpath = path.split('/'), serverpath = obj.path.join(obj.filespath, 'domain'), filename = '';
@ -2716,6 +2727,9 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
obj.app.get(url + 'logo.png', handleLogoRequest); obj.app.get(url + 'logo.png', handleLogoRequest);
obj.app.get(url + 'welcome.jpg', handleWelcomeImageRequest); obj.app.get(url + 'welcome.jpg', handleWelcomeImageRequest);
// Server redirects
if (parent.config.domains[i].redirects) { for (var j in parent.config.domains[i].redirects) { obj.app.get(url + j, handleDomainRedirect); } }
// Server picture // Server picture
obj.app.get(url + 'serverpic.ashx', function (req, res) { obj.app.get(url + 'serverpic.ashx', function (req, res) {
// Check if we have "server.jpg" in the data folder, if so, use that. // Check if we have "server.jpg" in the data folder, if so, use that.