mirror of
https://github.com/Ylianst/MeshCentral.git
synced 2024-12-25 06:35:54 -05:00
User inner authentication improvements.
This commit is contained in:
parent
72799f0346
commit
fc23237fe4
@ -5263,7 +5263,11 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
|
||||
if ((domain.loginkey != null) && (domain.loginkey.indexOf(req.query.key) == -1)) { ws.close(); return; } // Check 3FA URL key
|
||||
PerformWSSessionAuth(ws, req, true, function (ws1, req1, domain, user, cookie) {
|
||||
if (user == null) { // User is not authenticated, perform inner server authentication
|
||||
PerformWSSessionInnerAuth(ws, req, domain, function (ws1, req1, domain, user) { obj.meshUserHandler.CreateMeshUser(obj, obj.db, ws1, req1, obj.args, domain, user); }); // User is authenticated
|
||||
if (req.headers['x-meshauth'] === '*') {
|
||||
PerformWSSessionInnerAuth(ws, req, domain, function (ws1, req1, domain, user) { obj.meshUserHandler.CreateMeshUser(obj, obj.db, ws1, req1, obj.args, domain, user); }); // User is authenticated
|
||||
} else {
|
||||
try { ws.close(); } catch (ex) { } // user is not authenticated and inner authentication was not requested, disconnect now.
|
||||
}
|
||||
} else {
|
||||
obj.meshUserHandler.CreateMeshUser(obj, obj.db, ws1, req1, obj.args, domain, user); // User is authenticated
|
||||
}
|
||||
@ -5882,6 +5886,9 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
|
||||
if (domain == null) { parent.debug('web', 'WSERROR: Got no domain, user auth required.'); return; }
|
||||
}
|
||||
|
||||
// Check if inner authentication is requested
|
||||
if (req.headers['x-meshauth'] === '*') { func(ws, req, domain, null); return; }
|
||||
|
||||
var emailcheck = ((domain.mailserver != null) && (obj.parent.certificates.CommonName != null) && (obj.parent.certificates.CommonName.indexOf('.') != -1) && (obj.args.lanonly != true) && (domain.auth != 'sspi') && (domain.auth != 'ldap'))
|
||||
|
||||
// A web socket session can be authenticated in many ways (Default user, session, user/pass and cookie). Check authentication here.
|
||||
|
Loading…
Reference in New Issue
Block a user