mirror of
https://github.com/Ylianst/MeshCentral.git
synced 2024-12-23 21:55:52 -05:00
Added invitation link email, server fixes and improvements.
This commit is contained in:
parent
82fefc3f94
commit
f98d937923
@ -234,6 +234,9 @@ function CreateMeshCentralServer(config, args) {
|
||||
//var wincmd = require('node-windows');
|
||||
//wincmd.list(function (svc) { console.log(svc); }, true);
|
||||
|
||||
// Check top level configuration for any unreconized values
|
||||
if (config) { for (var i in config) { if ((typeof i == 'string') && (i.length > 0) && (i[0] != '_') && (['settings', 'domains', 'configfiles', 'smtp', 'letsencrypt', 'peers'].indexOf(i) == -1)) { console.log('WARNING: unrecognized configuration option \"' + i + '\".'); } } }
|
||||
|
||||
if (typeof obj.args.userallowedip == 'string') { if (obj.args.userallowedip == '') { obj.args.userallowedip = null; } else { obj.args.userallowedip = obj.args.userallowedip.split(','); } }
|
||||
if (typeof obj.args.userblockedip == 'string') { if (obj.args.userblockedip == '') { obj.args.userblockedip = null; } else { obj.args.userblockedip = obj.args.userblockedip.split(','); } }
|
||||
if (typeof obj.args.agentallowedip == 'string') { if (obj.args.agentallowedip == '') { obj.args.agentallowedip = null; } else { obj.args.agentallowedip = obj.args.agentallowedip.split(','); } }
|
||||
|
15
meshmail.js
15
meshmail.js
@ -39,10 +39,10 @@ module.exports.CreateMeshMail = function (parent) {
|
||||
// If the server hash many domains, just add the domainid to the file like this: 'account-check-customer1.html', 'mesh-invite-customer1.txt'.
|
||||
obj.mailTemplates['account-check.html'] = '<title>[[[SERVERNAME]]] - Email Verification</title>\r\n<div style="font-family:Arial,Helvetica,sans-serif"><table style="background-color:#003366;color:lightgray;width:100%" cellpadding=8><tr><td><b style="font-size:20px;font-family:Arial,Helvetica,sans-serif">[[[SERVERNAME]]] - Verification</b></td></tr></table><p>Hi [[[USERNAME]]], <a href="[[[SERVERURL]]]">[[[SERVERNAME]]]</a> is requesting email verification, click on the following link to complete the process.</p><p style="margin-left:30px"><a href="[[[SERVERURL]]]/checkmail?c=[[[COOKIE]]]">Click here to verify your e-mail address.</a></p>If you did not initiate this request, please ignore this mail.</div>';
|
||||
obj.mailTemplates['account-reset.html'] = '<title>[[[SERVERNAME]]] - Account Reset</title>\r\n<div style="font-family:Arial,Helvetica,sans-serif"><table style="background-color:#003366;color:lightgray;width:100%" cellpadding=8><tr><td><b style="font-size:20px;font-family:Arial,Helvetica,sans-serif">[[[SERVERNAME]]] - Verification</b></td></tr></table><p>Hi [[[USERNAME]]], <a href="[[[SERVERURL]]]">[[[SERVERNAME]]]</a> is requesting an account password reset, click on the following link to complete the process.</p><p style="margin-left:30px"><a href="[[[SERVERURL]]]/checkmail?c=[[[COOKIE]]]">Click here to reset your account password.</a></p>If you did not initiate this request, please ignore this mail.</div>';
|
||||
obj.mailTemplates['mesh-invite.html'] = '<title>[[[SERVERNAME]]] - Invitation</title>\r\n<div style="font-family:Arial,Helvetica,sans-serif"><table style="background-color:#003366;color:lightgray;width:100%" cellpadding=8><tr><td><b style="font-size:20px;font-family:Arial,Helvetica,sans-serif">[[[SERVERNAME]]] - Agent Installation</b></td></tr></table>[[[AREA-NAME]]]<p>Hello [[[NAME]]],</p>[[[/AREA-NAME]]]<p>User [[[USERNAME]]] on server <a href="[[[SERVERURL]]]">[[[SERVERNAME]]]</a> is requesting you to download the following software to start the remote control session.</p>[[[AREA-MSG]]]<p>Message: <b>[[[MSG]]]</b></p>[[[/AREA-MSG]]][[[AREA-WINDOWS]]]<p style="margin-left:30px"><a href="[[[SERVERURL]]]/meshagents?id=3&meshid=[[[MESHIDHEX]]]&tag=mailto:[[[EMAIL]]]&installflags=[[[INSTALLFLAGS]]]">Click here to download the MeshAgent for Windows.</a></p>[[[/AREA-WINDOWS]]][[[AREA-OSX]]]<p style="margin-left:30px"><a href="[[[SERVERURL]]]/meshagents?id=16&meshid=[[[MESHIDHEX]]]&tag=mailto:[[[EMAIL]]]&installflags=[[[INSTALLFLAGS]]]">Click here to download the MeshAgent for Apple OSX.</a></p>[[[/AREA-OSX]]][[[AREA-LINUX]]]<p>For Linux, cut & paste the following in a terminal to install the agent:<br /><pre style="margin-left:30px">wget -q [[[SERVERURL]]]/meshagents?script=1 --no-check-certificate -O ./meshinstall.sh && chmod 755 ./meshinstall.sh && sudo ./meshinstall.sh [[[SERVERURL]]] [[[MESHIDHEX]]]</pre></p>[[[/AREA-LINUX]]]<p>If you did not initiate this request, please ignore this mail.</p>Best regards,<br>[[[USERNAME]]]<br></div>';
|
||||
obj.mailTemplates['mesh-invite.html'] = '<title>[[[SERVERNAME]]] - Invitation</title>\r\n<div style="font-family:Arial,Helvetica,sans-serif"><table style="background-color:#003366;color:lightgray;width:100%" cellpadding=8><tr><td><b style="font-size:20px;font-family:Arial,Helvetica,sans-serif">[[[SERVERNAME]]] - Agent Installation</b></td></tr></table>[[[AREA-NAME]]]<p>Hello [[[NAME]]],</p>[[[/AREA-NAME]]]<p>User [[[USERNAME]]] on server <a href="[[[SERVERURL]]]">[[[SERVERNAME]]]</a> is requesting you to install software to start a remote control session.</p>[[[AREA-MSG]]]<p>Message: <b>[[[MSG]]]</b></p>[[[/AREA-MSG]]][[[AREA-WINDOWS]]]<p style="margin-left:30px"><a href="[[[SERVERURL]]]/meshagents?id=3&meshid=[[[MESHIDHEX]]]&tag=mailto:[[[EMAIL]]]&installflags=[[[INSTALLFLAGS]]]">Click here to download the MeshAgent for Windows.</a></p>[[[/AREA-WINDOWS]]][[[AREA-OSX]]]<p style="margin-left:30px"><a href="[[[SERVERURL]]]/meshagents?id=16&meshid=[[[MESHIDHEX]]]&tag=mailto:[[[EMAIL]]]&installflags=[[[INSTALLFLAGS]]]">Click here to download the MeshAgent for Apple OSX.</a></p>[[[/AREA-OSX]]][[[AREA-LINUX]]]<p>For Linux, cut & paste the following in a terminal to install the agent:<br /><pre style="margin-left:30px">wget -q [[[SERVERURL]]]/meshagents?script=1 --no-check-certificate -O ./meshinstall.sh && chmod 755 ./meshinstall.sh && sudo ./meshinstall.sh [[[SERVERURL]]] [[[MESHIDHEX]]]</pre></p>[[[/AREA-LINUX]]][[[AREA-LINK]]]<p>To install the software, <a href="[[[SERVERURL]]][[[LINKURL]]]">click here</a> and follow the instructions.</p>[[[/AREA-LINK]]]<p>If you did not initiate this request, please ignore this mail.</p>Best regards,<br>[[[USERNAME]]]<br></div>';
|
||||
obj.mailTemplates['account-check.txt'] = '[[[SERVERNAME]]] - Email Verification\r\nHi [[[USERNAME]]], [[[SERVERNAME]]] ([[[SERVERURL]]]) is performing an e-mail verification. Nagivate to the following link to complete the process:\r\n\r\n[[[SERVERURL]]]/checkmail?c=[[[COOKIE]]]\r\n\r\nIf you did not initiate this request, please ignore this mail.\r\n';
|
||||
obj.mailTemplates['account-reset.txt'] = '[[[SERVERNAME]]] - Account Reset\r\nHi [[[USERNAME]]], [[[SERVERNAME]]] ([[[SERVERURL]]]) is requesting an account password reset. Nagivate to the following link to complete the process:\r\n\r\n[[[SERVERURL]]]/checkmail?c=[[[COOKIE]]]\r\n\r\nIf you did not initiate this request, please ignore this mail.';
|
||||
obj.mailTemplates['mesh-invite.txt'] = '[[[SERVERNAME]]] - Invitation\r\n[[[AREA-NAME]]]Hello [[[NAME]]],\r\n\r\n[[[/AREA-NAME]]]User [[[USERNAME]]] on server [[[SERVERNAME]]] ([[[SERVERURL]]]/) is requesting you to download the following software to start the remote control session.[[[AREA-MSG]]]\r\n\r\nMessage: [[[MSG]]]\r\n\r\n[[[/AREA-MSG]]][[[AREA-WINDOWS]]]For Windows, nagivate to the following link to complete the process:\r\n\r\n[[[SERVERURL]]]/meshagents?id=3&meshid=[[[MESHIDHEX]]]&tag=mailto:[[[EMAIL]]]&installflags=[[[INSTALLFLAGS]]]\r\n\r\n[[[/AREA-WINDOWS]]][[[AREA-OSX]]]For Apple OSX, nagivate to the following link to complete the process:\r\n\r\n[[[SERVERURL]]]/meshagents?id=16&meshid=[[[MESHIDHEX]]]&tag=mailto:[[[EMAIL]]]&installflags=[[[INSTALLFLAGS]]]\r\n\r\n[[[/AREA-OSX]]][[[AREA-LINUX]]]For Linux, cut & paste the following in a terminal to install the agent:\r\n\r\nwget -q [[[SERVERURL]]]/meshagents?script=1 --no-check-certificate -O ./meshinstall.sh && chmod 755 ./meshinstall.sh && sudo ./meshinstall.sh [[[SERVERURL]]] [[[MESHIDHEX]]]\r\n\r\n[[[/AREA-LINUX]]]If you did not initiate this request, please ignore this mail.\r\n\r\nBest regards,\r\n[[[USERNAME]]]';
|
||||
obj.mailTemplates['mesh-invite.txt'] = '[[[SERVERNAME]]] - Invitation\r\n[[[AREA-NAME]]]Hello [[[NAME]]],\r\n\r\n[[[/AREA-NAME]]]User [[[USERNAME]]] on server [[[SERVERNAME]]] ([[[SERVERURL]]]/) is requesting you install software to start the remote control session.[[[AREA-MSG]]]\r\n\r\nMessage: [[[MSG]]]\r\n\r\n[[[/AREA-MSG]]][[[AREA-WINDOWS]]]For Windows, nagivate to the following link to complete the process:\r\n\r\n[[[SERVERURL]]]/meshagents?id=3&meshid=[[[MESHIDHEX]]]&tag=mailto:[[[EMAIL]]]&installflags=[[[INSTALLFLAGS]]]\r\n\r\n[[[/AREA-WINDOWS]]][[[AREA-OSX]]]For Apple OSX, nagivate to the following link to complete the process:\r\n\r\n[[[SERVERURL]]]/meshagents?id=16&meshid=[[[MESHIDHEX]]]&tag=mailto:[[[EMAIL]]]&installflags=[[[INSTALLFLAGS]]]\r\n\r\n[[[/AREA-OSX]]][[[AREA-LINUX]]]For Linux, cut & paste the following in a terminal to install the agent:\r\n\r\nwget -q [[[SERVERURL]]]/meshagents?script=1 --no-check-certificate -O ./meshinstall.sh && chmod 755 ./meshinstall.sh && sudo ./meshinstall.sh [[[SERVERURL]]] [[[MESHIDHEX]]]\r\n\r\n[[[/AREA-LINUX]]][[[AREA-LINK]]]To install the software, navigate to [[[SERVERURL]]][[[LINKURL]]] and follow the instructions.\r\n\r\n[[[/AREA-LINK]]]If you did not initiate this request, please ignore this mail.\r\n\r\nBest regards,\r\n[[[USERNAME]]]';
|
||||
|
||||
// Load all of the mail templates if present
|
||||
if (obj.parent.fs.existsSync(obj.parent.path.join(obj.parent.datapath, 'mail-templates'))) {
|
||||
@ -93,7 +93,7 @@ module.exports.CreateMeshMail = function (parent) {
|
||||
return str.substring(0, si) + str.substring(ei + end.length);
|
||||
}
|
||||
|
||||
// Remove the string between two markers
|
||||
// Keep or remove the string between two markers
|
||||
function strZone(str, marker, keep) {
|
||||
marker = marker.toUpperCase();
|
||||
if (keep) { return str.split('[[[AREA-' + marker + ']]]').join('').split('[[[/AREA-' + marker + ']]]').join(''); }
|
||||
@ -153,7 +153,7 @@ module.exports.CreateMeshMail = function (parent) {
|
||||
};
|
||||
|
||||
// Send agent invite mail
|
||||
obj.sendAgentInviteMail = function (domain, username, email, meshid, name, os, msg, flags) {
|
||||
obj.sendAgentInviteMail = function (domain, username, email, meshid, name, os, msg, flags, expirehours) {
|
||||
var template = getTemplateEx('mesh-invite', domain);
|
||||
if ((template == null) || (template.htmlSubject == null) || (template.txtSubject == null) || (parent.certificates == null) || (parent.certificates.CommonName == null) || (parent.certificates.CommonName.indexOf('.') == -1)) return; // If the server name is not set, don't validate the email address.
|
||||
|
||||
@ -162,6 +162,8 @@ module.exports.CreateMeshMail = function (parent) {
|
||||
options.windows = ((os == 0) || (os == 1)) ? 1 : 0;
|
||||
options.linux = ((os == 0) || (os == 2)) ? 1 : 0;
|
||||
options.osx = ((os == 0) || (os == 3)) ? 1 : 0;
|
||||
options.link = (os == 4) ? 1 : 0;
|
||||
options.linkurl = createInviteLink(domain, meshid, flags, expirehours);
|
||||
|
||||
// Send the email
|
||||
obj.pendingMails.push({ to: email, from: parent.config.smtp.from, subject: mailReplacements(template.htmlSubject, domain, options), text: mailReplacements(template.txt, domain, options), html: mailReplacements(template.html, domain, options) });
|
||||
@ -213,5 +215,10 @@ module.exports.CreateMeshMail = function (parent) {
|
||||
}
|
||||
});
|
||||
|
||||
// Create a agent invitation link
|
||||
function createInviteLink(domain, meshid, flags, expirehours) {
|
||||
return '/agentinvite?c=' + parent.encodeCookie({ a: 4, mid: meshid, f: flags, expire: expirehours * 60 }, parent.invitationLinkEncryptionKey);
|
||||
}
|
||||
|
||||
return obj;
|
||||
};
|
@ -2103,7 +2103,7 @@ module.exports.CreateMeshUser = function (parent, db, ws, req, args, domain, use
|
||||
//if (mesh.links[user._id] == null || ((mesh.links[user._id].rights & 4) == 0)) return;
|
||||
|
||||
// Perform email invitation
|
||||
parent.parent.mailserver.sendAgentInviteMail(domain, user.name, command.email, command.meshid, command.name, command.os, command.msg, command.flags);
|
||||
parent.parent.mailserver.sendAgentInviteMail(domain, user.name, command.email, command.meshid, command.name, command.os, command.msg, command.flags, command.expire);
|
||||
}
|
||||
break;
|
||||
}
|
||||
|
@ -2710,7 +2710,10 @@
|
||||
x += "<div id=emailInviteDiv style=display:none>Invite someone to install the mesh agent. An email with be sent with the link to the mesh agent installation for the \"" + EscapeHtml(mesh.name) + "\" device group.<br /><br />";
|
||||
x += addHtmlValue('Name (optional)', '<input id=agentInviteName value="" style=width:230px maxlength=64 />');
|
||||
x += addHtmlValue('Email', '<input id=agentInviteEmail style=width:230px placeholder="example@email.com" onkeyup=validateAgentInvite()></input>');
|
||||
x += addHtmlValue('Operating System', '<select id=agentInviteNameOs style=width:236px><option value=0>Any supported</option><option value=1>Windows only</option><option value=3>Apple MacOS only</option><option value=2>Linux only</option></select>');
|
||||
x += addHtmlValue('Operating System', '<select id=agentInviteNameOs onchange=d2ChangedInviteType() style=width:236px><option value=4>Send installation link</option><option value=0 selected>Any supported</option><option value=1>Windows only</option><option value=3>Apple MacOS only</option><option value=2>Linux only</option></select>');
|
||||
x += '<div id=d2agentexpirediv>';
|
||||
x += addHtmlValue('Link Expiration', '<select id=agentInviteExpire style=width:236px><option value=1>1 hour</option><option value=8>8 hours</option><option value=24>1 day</option><option value=168>1 week</option><option value=5040>1 month</option><option value=0>Unlimited</option></select>');
|
||||
x += '</div>';
|
||||
x += addHtmlValue('Installation Type', '<select id=agentInviteType style=width:236px><option value=0>Background and interactive</option><option value=2>Background only</option><option value=1>Interactive only</option></select>');
|
||||
x += addHtmlValue('Message<br />(optional)', '<textarea id=agentInviteMessage value="" style=width:230px;height:100px;resize:none maxlength=1024 /></textarea>');
|
||||
x += '</div>';
|
||||
@ -2719,6 +2722,7 @@
|
||||
x += addHtmlValue('Link Expiration', '<select id=d2inviteExpire style=width:236px onchange=d2RequestInvitationLink()><option value=1>1 hour</option><option value=8>8 hours</option><option value=24>1 day</option><option value=168>1 week</option><option value=5040>1 month</option><option value=0>Unlimited</option></select>');
|
||||
x += '<div id=agentInvitationLinkDiv style="text-align:center;font-size:large;margin:16px;display:none"><a id=agentInvitationLink target="_blank" href="" style=cursor:pointer></a> <img src=images/link4.png height=10 width=10 title="Copy link to clipboard" style=cursor:pointer onclick=d2CopyInviteToClip()></div></div>';
|
||||
setDialogMode(2, "Invite", 3, performAgentInvite, x, meshid);
|
||||
d2ChangedInviteType();
|
||||
validateAgentInvite();
|
||||
d2RequestInvitationLink();
|
||||
}
|
||||
@ -2729,6 +2733,7 @@
|
||||
|
||||
function d2ChangedInviteType() {
|
||||
QV('urlInviteDiv', Q('d2InviteType').value == 0);
|
||||
QV('d2agentexpirediv', Q('agentInviteNameOs').value == 4);
|
||||
if (features & 64) { QV('emailInviteDiv', Q('d2InviteType').value == 1); }
|
||||
validateAgentInvite();
|
||||
}
|
||||
@ -2747,7 +2752,7 @@
|
||||
|
||||
function performAgentInvite(button, meshid) {
|
||||
if ((features & 64) && (Q('d2InviteType').value == 1)) {
|
||||
meshserver.send({ action: 'inviteAgent', meshid: meshid, email: Q('agentInviteEmail').value, name: Q('agentInviteName').value, os: Q('agentInviteNameOs').value, flags: Q('agentInviteType').value, msg: Q('agentInviteMessage').value });
|
||||
meshserver.send({ action: 'inviteAgent', meshid: meshid, email: Q('agentInviteEmail').value, name: Q('agentInviteName').value, os: Q('agentInviteNameOs').value, flags: Q('agentInviteType').value, msg: Q('agentInviteMessage').value, expire: parseInt(Q('agentInviteExpire').value) });
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -72,6 +72,7 @@
|
||||
<div id="newAccountDiv" style="display:none;padding:2px">
|
||||
Don't have an account? <a onclick=xgo(2) style=cursor:pointer>Create one</a>.
|
||||
</div>
|
||||
<input id=loginformargs name="urlargs" type="hidden" value="" />
|
||||
</form>
|
||||
</div>
|
||||
<div id=createpanel style="display:none">
|
||||
@ -117,6 +118,7 @@
|
||||
</tr>
|
||||
</table>
|
||||
<hr /><a onclick=xgo(1) style=cursor:pointer>Back to login</a>
|
||||
<input id=createformargs name="urlargs" type="hidden" value="" />
|
||||
</form>
|
||||
</div>
|
||||
</div>
|
||||
@ -141,6 +143,7 @@
|
||||
</tr>
|
||||
</table>
|
||||
<hr /><a onclick=xgo(1) style=cursor:pointer>Back to login</a>
|
||||
<input id=resetformargs name="urlargs" type="hidden" value="" />
|
||||
</form>
|
||||
</div>
|
||||
<div id=tokenpanel style="background-color:#979797;border-radius:16px;width:260px;padding:16px;text-align:center;display:none;clear:both">
|
||||
@ -163,6 +166,7 @@
|
||||
</tr>
|
||||
</table>
|
||||
<hr /><a onclick=xgo(1) style=cursor:pointer>Back to login</a>
|
||||
<input id=tokenformargs name="urlargs" type="hidden" value="" />
|
||||
</form>
|
||||
</div>
|
||||
|
||||
@ -186,6 +190,7 @@
|
||||
</tr>
|
||||
</table>
|
||||
<hr /><a onclick=xgo(1) style=cursor:pointer>Back to login</a>
|
||||
<input id=resettokenformargs name="urlargs" type="hidden" value="" />
|
||||
</form>
|
||||
</div>
|
||||
|
||||
@ -216,6 +221,7 @@
|
||||
</tr>
|
||||
</table>
|
||||
<hr /><a onclick=xgo(1) style=cursor:pointer>Back to login</a>
|
||||
<input id=resetpasswordformargs name="urlargs" type="hidden" value="" />
|
||||
</form>
|
||||
</div>
|
||||
|
||||
@ -264,6 +270,17 @@
|
||||
var hardwareKeyChallenge = decodeURIComponent('{{{hkey}}}');
|
||||
var currentpanel = 0;
|
||||
|
||||
// If URL arguments are provided, add them to form posts
|
||||
if (window.location.href.indexOf('?') > 0) {
|
||||
var urlargs = window.location.href.substring(window.location.href.indexOf('?'));
|
||||
Q('loginformargs').value = urlargs;
|
||||
Q('createformargs').value = urlargs;
|
||||
Q('resetformargs').value = urlargs;
|
||||
Q('tokenformargs').value = urlargs;
|
||||
Q('resettokenformargs').value = urlargs;
|
||||
Q('resetpasswordformargs').value = urlargs;
|
||||
}
|
||||
|
||||
function startup() {
|
||||
if ((features & 32) == 0) {
|
||||
// Guard against other site's top frames (web bugs).
|
||||
|
@ -69,6 +69,7 @@
|
||||
<div id="newAccountDiv" style="display:none;padding:2px">
|
||||
Don't have an account? <a onclick=xgo(2) style=cursor:pointer>Create one</a>.
|
||||
</div>
|
||||
<input id=loginformargs name="urlargs" type="hidden" value="" />
|
||||
</form>
|
||||
</div>
|
||||
<div id=createpanel style="display:none;position:relative">
|
||||
@ -113,6 +114,7 @@
|
||||
</tr>
|
||||
</table>
|
||||
<hr /><a onclick=xgo(1) style=cursor:pointer>Back to login</a>
|
||||
<input id=createformargs name="urlargs" type="hidden" value="" />
|
||||
</form>
|
||||
</div>
|
||||
<div id=resetpanel style="display:none">
|
||||
@ -136,6 +138,7 @@
|
||||
</tr>
|
||||
</table>
|
||||
<hr /><a onclick=xgo(1) style=cursor:pointer>Back to login</a>
|
||||
<input id=resetformargs name="urlargs" type="hidden" value="" />
|
||||
</form>
|
||||
</div>
|
||||
<div id=tokenpanel style="display:none">
|
||||
@ -158,6 +161,7 @@
|
||||
</tr>
|
||||
</table>
|
||||
<hr /><a onclick=xgo(1) style=cursor:pointer>Back to login</a>
|
||||
<input id=tokenformargs name="urlargs" type="hidden" value="" />
|
||||
</form>
|
||||
</div>
|
||||
<div id=resettokenpanel style="display:none">
|
||||
@ -180,6 +184,7 @@
|
||||
</tr>
|
||||
</table>
|
||||
<hr /><a onclick=xgo(1) style=cursor:pointer>Back to login</a>
|
||||
<input id=resettokenformargs name="urlargs" type="hidden" value="" />
|
||||
</form>
|
||||
</div>
|
||||
<div id=resetpasswordpanel style="display:none;position:relative">
|
||||
@ -209,6 +214,7 @@
|
||||
</tr>
|
||||
</table>
|
||||
<hr /><a onclick=xgo(1) style=cursor:pointer>Back to login</a>
|
||||
<input id=resetpasswordformargs name="urlargs" type="hidden" value="" />
|
||||
</form>
|
||||
</div>
|
||||
</td>
|
||||
@ -260,6 +266,17 @@
|
||||
var webPageFullScreen = true;
|
||||
var nightMode = (getstore('_nightMode', '0') == '1');
|
||||
|
||||
// If URL arguments are provided, add them to form posts
|
||||
if (window.location.href.indexOf('?') > 0) {
|
||||
var urlargs = window.location.href.substring(window.location.href.indexOf('?'));
|
||||
Q('loginformargs').value = urlargs;
|
||||
Q('createformargs').value = urlargs;
|
||||
Q('resetformargs').value = urlargs;
|
||||
Q('tokenformargs').value = urlargs;
|
||||
Q('resettokenformargs').value = urlargs;
|
||||
Q('resetpasswordformargs').value = urlargs;
|
||||
}
|
||||
|
||||
//var webPageFullScreen = getstore('webPageFullScreen', true);
|
||||
//if (webPageFullScreen == 'false') { webPageFullScreen = false; }
|
||||
//if (webPageFullScreen == 'true') { webPageFullScreen = true; }
|
||||
|
81
webserver.js
81
webserver.js
@ -647,7 +647,7 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
|
||||
req.session.loginmode = '4';
|
||||
req.session.tokenusername = xusername;
|
||||
req.session.tokenpassword = xpassword;
|
||||
res.redirect(domain.url);
|
||||
res.redirect(domain.url + getQueryPortion(req));
|
||||
}, randomWaitTime);
|
||||
} else {
|
||||
// Login succesful
|
||||
@ -672,7 +672,7 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
|
||||
} else {
|
||||
delete req.session.passhint;
|
||||
}
|
||||
res.redirect(domain.url);
|
||||
res.redirect(domain.url + getQueryPortion(req));
|
||||
}, 2000 + (obj.crypto.randomBytes(2).readUInt16BE(0) % 4095)); // Wait for 2 to ~6 seconds.
|
||||
}
|
||||
});
|
||||
@ -686,7 +686,7 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
|
||||
req.session.error = '<b style=color:#8C001A>Password change requested.</b>';
|
||||
req.session.resettokenusername = xusername;
|
||||
req.session.resettokenpassword = xpassword;
|
||||
res.redirect(domain.url);
|
||||
res.redirect(domain.url + getQueryPortion(req));
|
||||
return;
|
||||
}
|
||||
|
||||
@ -726,12 +726,12 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
|
||||
}
|
||||
console.log("CurrentNode: " + req.session.currentNode);
|
||||
// This redirect happens after finding node is completed
|
||||
res.redirect(domain.url);
|
||||
res.redirect(domain.url + getQueryPortion(req));
|
||||
});
|
||||
*/
|
||||
res.redirect(domain.url); // Temporary
|
||||
res.redirect(domain.url + getQueryPortion(req)); // Temporary
|
||||
} else {
|
||||
res.redirect(domain.url);
|
||||
res.redirect(domain.url + getQueryPortion(req));
|
||||
}
|
||||
//});
|
||||
}
|
||||
@ -755,7 +755,7 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
|
||||
if (i == -1) {
|
||||
req.session.loginmode = '2';
|
||||
req.session.error = '<b style=color:#8C001A>Unable to create account.</b>';
|
||||
res.redirect(domain.url);
|
||||
res.redirect(domain.url + getQueryPortion(req));
|
||||
return;
|
||||
}
|
||||
var emailok = false, emaildomain = req.body.email.substring(i + 1).toLowerCase();
|
||||
@ -763,7 +763,7 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
|
||||
if (emailok == false) {
|
||||
req.session.loginmode = '2';
|
||||
req.session.error = '<b style=color:#8C001A>Unable to create account.</b>';
|
||||
res.redirect(domain.url);
|
||||
res.redirect(domain.url + getQueryPortion(req));
|
||||
return;
|
||||
}
|
||||
}
|
||||
@ -774,25 +774,25 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
|
||||
req.session.loginmode = '2';
|
||||
req.session.error = '<b style=color:#8C001A>Account limit reached.</b>';
|
||||
console.log('max', req.session);
|
||||
res.redirect(domain.url);
|
||||
res.redirect(domain.url + getQueryPortion(req));
|
||||
} else {
|
||||
if (!obj.common.validateUsername(req.body.username, 1, 64) || !obj.common.validateEmail(req.body.email, 1, 256) || !obj.common.validateString(req.body.password1, 1, 256) || !obj.common.validateString(req.body.password2, 1, 256) || (req.body.password1 != req.body.password2) || req.body.username == '~' || !obj.common.checkPasswordRequirements(req.body.password1, domain.passwordrequirements)) {
|
||||
req.session.loginmode = '2';
|
||||
req.session.error = '<b style=color:#8C001A>Unable to create account.</b>';
|
||||
res.redirect(domain.url);
|
||||
res.redirect(domain.url + getQueryPortion(req));
|
||||
} else {
|
||||
// Check if this email was already verified
|
||||
obj.db.GetUserWithVerifiedEmail(domain.id, req.body.email, function (err, docs) {
|
||||
if (docs.length > 0) {
|
||||
req.session.loginmode = '2';
|
||||
req.session.error = '<b style=color:#8C001A>Existing account with this email address.</b>';
|
||||
res.redirect(domain.url);
|
||||
res.redirect(domain.url + getQueryPortion(req));
|
||||
} else {
|
||||
// Check if there is domain.newAccountToken, check if supplied token is valid
|
||||
if ((domain.newaccountspass != null) && (domain.newaccountspass != '') && (req.body.anewaccountpass != domain.newaccountspass)) {
|
||||
req.session.loginmode = '2';
|
||||
req.session.error = '<b style=color:#8C001A>Invalid account creation token.</b>';
|
||||
res.redirect(domain.url);
|
||||
res.redirect(domain.url + getQueryPortion(req));
|
||||
return;
|
||||
}
|
||||
// Check if user exists
|
||||
@ -822,7 +822,7 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
|
||||
if (obj.db.changeStream) { event.noact = 1; } // If DB change stream is active, don't use this event to create the user. Another event will come.
|
||||
obj.parent.DispatchEvent(['*', 'server-users'], obj, event);
|
||||
}
|
||||
res.redirect(domain.url);
|
||||
res.redirect(domain.url + getQueryPortion(req));
|
||||
}
|
||||
});
|
||||
}
|
||||
@ -845,7 +845,7 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
|
||||
delete req.session.success;
|
||||
delete req.session.error;
|
||||
delete req.session.passhint;
|
||||
res.redirect(domain.url);
|
||||
res.redirect(domain.url + getQueryPortion(req));
|
||||
return;
|
||||
}
|
||||
|
||||
@ -859,7 +859,7 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
|
||||
if (!obj.common.checkPasswordRequirements(req.body.rpassword1, domain.passwordrequirements)) {
|
||||
req.session.loginmode = '6';
|
||||
req.session.error = '<b style=color:#8C001A>Password rejected, use a different one.</b>';
|
||||
res.redirect(domain.url);
|
||||
res.redirect(domain.url + getQueryPortion(req));
|
||||
return;
|
||||
}
|
||||
|
||||
@ -869,7 +869,7 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
|
||||
// This is the same password, request a password change again
|
||||
req.session.loginmode = '6';
|
||||
req.session.error = '<b style=color:#8C001A>Password rejected, use a different one.</b>';
|
||||
res.redirect(domain.url);
|
||||
res.redirect(domain.url + getQueryPortion(req));
|
||||
} else {
|
||||
// Update the password, use a different salt.
|
||||
require('./pass').hash(req.body.rpassword1, function (err, salt, hash, tag) {
|
||||
@ -902,7 +902,7 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
|
||||
delete req.session.success;
|
||||
delete req.session.error;
|
||||
delete req.session.passhint;
|
||||
res.redirect(domain.url);
|
||||
res.redirect(domain.url + getQueryPortion(req));
|
||||
return;
|
||||
}
|
||||
});
|
||||
@ -921,13 +921,13 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
|
||||
if (!email || checkEmail(email) == false) {
|
||||
req.session.loginmode = '3';
|
||||
req.session.error = '<b style=color:#8C001A>Invalid email.</b>';
|
||||
res.redirect(domain.url);
|
||||
res.redirect(domain.url + getQueryPortion(req));
|
||||
} else {
|
||||
obj.db.GetUserWithVerifiedEmail(domain.id, email, function (err, docs) {
|
||||
if ((err != null) || (docs.length == 0)) {
|
||||
req.session.loginmode = '3';
|
||||
req.session.error = '<b style=color:#8C001A>Account not found.</b>';
|
||||
res.redirect(domain.url);
|
||||
res.redirect(domain.url + getQueryPortion(req));
|
||||
} else {
|
||||
// If many accounts have the same validated e-mail, we are going to use the first one for display, but sent a reset email for all accounts.
|
||||
var responseSent = false;
|
||||
@ -942,7 +942,7 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
|
||||
if ((req.body.token != null) || (req.body.hwtoken != null)) { req.session.error = '<b style=color:#8C001A>Invalid token, try again.</b>'; }
|
||||
req.session.loginmode = '5';
|
||||
req.session.tokenemail = email;
|
||||
res.redirect(domain.url);
|
||||
res.redirect(domain.url + getQueryPortion(req));
|
||||
}
|
||||
} else {
|
||||
// Send email to perform recovery.
|
||||
@ -952,13 +952,13 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
|
||||
if (i == 0) {
|
||||
req.session.loginmode = '1';
|
||||
req.session.error = '<b style=color:darkgreen>Hold on, reset mail sent.</b>';
|
||||
res.redirect(domain.url);
|
||||
res.redirect(domain.url + getQueryPortion(req));
|
||||
}
|
||||
} else {
|
||||
if (i == 0) {
|
||||
req.session.loginmode = '3';
|
||||
req.session.error = '<b style=color:#8C001A>Unable to sent email.</b>';
|
||||
res.redirect(domain.url);
|
||||
res.redirect(domain.url + getQueryPortion(req));
|
||||
}
|
||||
}
|
||||
}
|
||||
@ -970,13 +970,13 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
|
||||
if (i == 0) {
|
||||
req.session.loginmode = '1';
|
||||
req.session.error = '<b style=color:darkgreen>Hold on, reset mail sent.</b>';
|
||||
res.redirect(domain.url);
|
||||
res.redirect(domain.url + getQueryPortion(req));
|
||||
}
|
||||
} else {
|
||||
if (i == 0) {
|
||||
req.session.loginmode = '3';
|
||||
req.session.error = '<b style=color:#8C001A>Unable to sent email.</b>';
|
||||
res.redirect(domain.url);
|
||||
res.redirect(domain.url + getQueryPortion(req));
|
||||
}
|
||||
}
|
||||
}
|
||||
@ -1107,7 +1107,7 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
|
||||
if ((domain == null) || (domain.auth == 'sspi') || (domain.auth == 'ldap')) { res.sendStatus(404); return; }
|
||||
|
||||
// Check if the user is logged and we have all required parameters
|
||||
if (!req.session || !req.session.userid || !req.body.apassword1 || (req.body.apassword1 != req.body.apassword2) || (req.session.domainid != domain.id)) { res.redirect(domain.url); return; }
|
||||
if (!req.session || !req.session.userid || !req.body.apassword1 || (req.body.apassword1 != req.body.apassword2) || (req.session.domainid != domain.id)) { res.redirect(domain.url + getQueryPortion(req)); return; }
|
||||
var user = obj.users[req.session.userid];
|
||||
if (!user) return;
|
||||
|
||||
@ -1138,10 +1138,10 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
|
||||
obj.db.Remove(user._id);
|
||||
delete obj.users[user._id];
|
||||
req.session = null;
|
||||
res.redirect(domain.url);
|
||||
res.redirect(domain.url + getQueryPortion(req));
|
||||
obj.parent.DispatchEvent(['*', 'server-users'], obj, { etype: 'user', username: user.name, action: 'accountremove', msg: 'Account removed', domain: domain.id });
|
||||
} else {
|
||||
res.redirect(domain.url);
|
||||
res.redirect(domain.url + getQueryPortion(req));
|
||||
}
|
||||
});
|
||||
}
|
||||
@ -1178,11 +1178,11 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
|
||||
if ((domain == null) || (domain.auth == 'sspi') || (domain.auth == 'ldap')) { res.sendStatus(404); return; }
|
||||
|
||||
// Check if the user is logged and we have all required parameters
|
||||
if (!req.session || !req.session.userid || !req.body.apassword0 || !req.body.apassword1 || (req.body.apassword1 != req.body.apassword2) || (req.session.domainid != domain.id)) { res.redirect(domain.url); return; }
|
||||
if (!req.session || !req.session.userid || !req.body.apassword0 || !req.body.apassword1 || (req.body.apassword1 != req.body.apassword2) || (req.session.domainid != domain.id)) { res.redirect(domain.url + getQueryPortion(req)); return; }
|
||||
|
||||
// Get the current user
|
||||
var user = obj.users[req.session.userid];
|
||||
if (!user) { res.redirect(domain.url); return; }
|
||||
if (!user) { res.redirect(domain.url + getQueryPortion(req)); return; }
|
||||
|
||||
// Check old password
|
||||
obj.checkUserPassword(domain, user, req.body.apassword0, function (result) {
|
||||
@ -1197,7 +1197,7 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
|
||||
delete user.passtype;
|
||||
obj.db.SetUser(user);
|
||||
req.session.viewmode = 2;
|
||||
res.redirect(domain.url);
|
||||
res.redirect(domain.url + getQueryPortion(req));
|
||||
obj.parent.DispatchEvent(['*', 'server-users'], obj, { etype: 'user', username: user.name, action: 'passchange', msg: 'Account password changed: ' + user.name, domain: domain.id });
|
||||
}, 0);
|
||||
}
|
||||
@ -1232,7 +1232,7 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
|
||||
res.set({ 'Cache-Control': 'no-cache, no-store, must-revalidate', 'Pragma': 'no-cache', 'Expires': '0' });
|
||||
|
||||
// Check if we have an incomplete domain name in the path
|
||||
if ((domain.id != '') && (domain.dns == null) && (req.url.split('/').length == 2)) { res.redirect(domain.url); return; }
|
||||
if ((domain.id != '') && (domain.dns == null) && (req.url.split('/').length == 2)) { res.redirect(domain.url + getQueryPortion(req)); return; }
|
||||
|
||||
if (obj.args.nousers == true) {
|
||||
// If in single user mode, setup things here.
|
||||
@ -1300,7 +1300,7 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
|
||||
// If a user exists and is logged in, serve the default app, otherwise server the login app.
|
||||
if (req.session && req.session.userid && obj.users[req.session.userid]) {
|
||||
var user = obj.users[req.session.userid];
|
||||
if (req.session.domainid != domain.id) { req.session = null; res.redirect(domain.url); return; } // Check is the session is for the correct domain
|
||||
if (req.session.domainid != domain.id) { req.session = null; res.redirect(domain.url + getQueryPortion(req)); return; } // Check is the session is for the correct domain
|
||||
|
||||
// Check if this is a locked account
|
||||
if ((user.siteadmin != null) && ((user.siteadmin & 32) != 0) && (user.siteadmin != 0xFFFFFFFF)) {
|
||||
@ -1310,7 +1310,7 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
|
||||
delete req.session.currentNode;
|
||||
delete req.session.passhint;
|
||||
req.session.error = '<b style=color:#8C001A>Account locked.</b>';
|
||||
res.redirect(domain.url);
|
||||
res.redirect(domain.url + getQueryPortion(req));
|
||||
return;
|
||||
}
|
||||
|
||||
@ -1393,14 +1393,14 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
|
||||
obj.db.GetUserWithVerifiedEmail(domain.id, req.session.tokenemail, function (err, docs) {
|
||||
if ((err != null) || (docs.length == 0)) {
|
||||
req.session = null;
|
||||
res.redirect(domain.url);
|
||||
res.redirect(domain.url + getQueryPortion(req));
|
||||
} else {
|
||||
var user = obj.users[docs[0]._id];
|
||||
if (user != null) {
|
||||
getHardwareKeyChallenge(req, domain, user, function (hwchallenge) { handleRootRequestLogin(req, res, domain, hwchallenge, passRequirements); });
|
||||
} else {
|
||||
req.session = null;
|
||||
res.redirect(domain.url);
|
||||
res.redirect(domain.url + getQueryPortion(req));
|
||||
}
|
||||
}
|
||||
});
|
||||
@ -1486,7 +1486,7 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
|
||||
// Send the terms from the database
|
||||
res.set({ 'Cache-Control': 'no-cache, no-store, must-revalidate', 'Pragma': 'no-cache', 'Expires': '0' });
|
||||
if (req.session && req.session.userid) {
|
||||
if (req.session.domainid != domain.id) { req.session = null; res.redirect(domain.url); return; } // Check is the session is for the correct domain
|
||||
if (req.session.domainid != domain.id) { req.session = null; res.redirect(domain.url + getQueryPortion(req)); return; } // Check is the session is for the correct domain
|
||||
var user = obj.users[req.session.userid];
|
||||
var logoutcontrol = 'Welcome ' + user.name + '.';
|
||||
if ((domain.ldap == null) && (domain.sspi == null) && (obj.args.user == null) && (obj.args.nousers != true)) { logoutcontrol += ' <a href=' + domain.url + 'logout?' + Math.random() + ' style=color:white>Logout</a>'; } // If a default user is in use or no user mode, don't display the logout button
|
||||
@ -1504,7 +1504,7 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
|
||||
// Send the terms from terms.txt
|
||||
res.set({ 'Cache-Control': 'no-cache, no-store, must-revalidate', 'Pragma': 'no-cache', 'Expires': '0' });
|
||||
if (req.session && req.session.userid) {
|
||||
if (req.session.domainid != domain.id) { req.session = null; res.redirect(domain.url); return; } // Check is the session is for the correct domain
|
||||
if (req.session.domainid != domain.id) { req.session = null; res.redirect(domain.url + getQueryPortion(req)); return; } // Check is the session is for the correct domain
|
||||
var user = obj.users[req.session.userid];
|
||||
var logoutcontrol = 'Welcome ' + user.name + '.';
|
||||
if ((domain.ldap == null) && (domain.sspi == null) && (obj.args.user == null) && (obj.args.nousers != true)) { logoutcontrol += ' <a href=' + domain.url + 'logout?' + Math.random() + ' style=color:white>Logout</a>'; } // If a default user is in use or no user mode, don't display the logout button
|
||||
@ -1517,7 +1517,7 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
|
||||
// Send the default terms
|
||||
res.set({ 'Cache-Control': 'no-cache, no-store, must-revalidate', 'Pragma': 'no-cache', 'Expires': '0' });
|
||||
if (req.session && req.session.userid) {
|
||||
if (req.session.domainid != domain.id) { req.session = null; res.redirect(domain.url); return; } // Check is the session is for the correct domain
|
||||
if (req.session.domainid != domain.id) { req.session = null; res.redirect(domain.url + getQueryPortion(req)); return; } // Check is the session is for the correct domain
|
||||
var user = obj.users[req.session.userid];
|
||||
var logoutcontrol = 'Welcome ' + user.name + '.';
|
||||
if ((domain.ldap == null) && (domain.sspi == null) && (obj.args.user == null) && (obj.args.nousers != true)) { logoutcontrol += ' <a href=' + domain.url + 'logout?' + Math.random() + ' style=color:white>Logout</a>'; } // If a default user is in use or no user mode, don't display the logout button
|
||||
@ -1721,7 +1721,7 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
|
||||
if (splitUrl.length > 1) { urlArgs = '?' + splitUrl[1]; }
|
||||
if ((splitUrl.length > 0) && (splitUrl[0].length > 1)) { urlName = splitUrl[0].substring(1).toLowerCase(); }
|
||||
if ((urlName == null) || (domain.redirects[urlName] == null)) { res.sendStatus(404); return; }
|
||||
res.redirect(domain.redirects[urlName] + urlArgs);
|
||||
res.redirect(domain.redirects[urlName] + urlArgs + getQueryPortion(req));
|
||||
}
|
||||
|
||||
// Take a "user/domain/userid/path/file" format and return the actual server disk file path if access is allowed
|
||||
@ -3150,5 +3150,8 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
|
||||
return (req.headers['user-agent'].toLowerCase().indexOf('mobile') >= 0);
|
||||
}
|
||||
|
||||
// Return the query string portion of the URL, the ? and anything after.
|
||||
function getQueryPortion(req) { var s = req.url.indexOf('?'); if (s == -1) { if (req.body && req.body.urlargs) { return req.body.urlargs; } return ''; } return req.url.substring(s); }
|
||||
|
||||
return obj;
|
||||
};
|
Loading…
Reference in New Issue
Block a user