Added invitation link email, server fixes and improvements.

This commit is contained in:
Ylian Saint-Hilaire 2019-06-12 10:23:26 -07:00
parent 3c6c109077
commit feb3542e8b
7 changed files with 98 additions and 46 deletions

View File

@ -234,6 +234,9 @@ function CreateMeshCentralServer(config, args) {
//var wincmd = require('node-windows');
//wincmd.list(function (svc) { console.log(svc); }, true);
// Check top level configuration for any unreconized values
if (config) { for (var i in config) { if ((typeof i == 'string') && (i.length > 0) && (i[0] != '_') && (['settings', 'domains', 'configfiles', 'smtp', 'letsencrypt', 'peers'].indexOf(i) == -1)) { console.log('WARNING: unrecognized configuration option \"' + i + '\".'); } } }
if (typeof obj.args.userallowedip == 'string') { if (obj.args.userallowedip == '') { obj.args.userallowedip = null; } else { obj.args.userallowedip = obj.args.userallowedip.split(','); } }
if (typeof obj.args.userblockedip == 'string') { if (obj.args.userblockedip == '') { obj.args.userblockedip = null; } else { obj.args.userblockedip = obj.args.userblockedip.split(','); } }
if (typeof obj.args.agentallowedip == 'string') { if (obj.args.agentallowedip == '') { obj.args.agentallowedip = null; } else { obj.args.agentallowedip = obj.args.agentallowedip.split(','); } }

View File

@ -39,10 +39,10 @@ module.exports.CreateMeshMail = function (parent) {
// If the server hash many domains, just add the domainid to the file like this: 'account-check-customer1.html', 'mesh-invite-customer1.txt'.
obj.mailTemplates['account-check.html'] = '<title>[[[SERVERNAME]]] - Email Verification</title>\r\n<div style="font-family:Arial,Helvetica,sans-serif"><table style="background-color:#003366;color:lightgray;width:100%" cellpadding=8><tr><td><b style="font-size:20px;font-family:Arial,Helvetica,sans-serif">[[[SERVERNAME]]] - Verification</b></td></tr></table><p>Hi [[[USERNAME]]], <a href="[[[SERVERURL]]]">[[[SERVERNAME]]]</a> is requesting email verification, click on the following link to complete the process.</p><p style="margin-left:30px"><a href="[[[SERVERURL]]]/checkmail?c=[[[COOKIE]]]">Click here to verify your e-mail address.</a></p>If you did not initiate this request, please ignore this mail.</div>';
obj.mailTemplates['account-reset.html'] = '<title>[[[SERVERNAME]]] - Account Reset</title>\r\n<div style="font-family:Arial,Helvetica,sans-serif"><table style="background-color:#003366;color:lightgray;width:100%" cellpadding=8><tr><td><b style="font-size:20px;font-family:Arial,Helvetica,sans-serif">[[[SERVERNAME]]] - Verification</b></td></tr></table><p>Hi [[[USERNAME]]], <a href="[[[SERVERURL]]]">[[[SERVERNAME]]]</a> is requesting an account password reset, click on the following link to complete the process.</p><p style="margin-left:30px"><a href="[[[SERVERURL]]]/checkmail?c=[[[COOKIE]]]">Click here to reset your account password.</a></p>If you did not initiate this request, please ignore this mail.</div>';
obj.mailTemplates['mesh-invite.html'] = '<title>[[[SERVERNAME]]] - Invitation</title>\r\n<div style="font-family:Arial,Helvetica,sans-serif"><table style="background-color:#003366;color:lightgray;width:100%" cellpadding=8><tr><td><b style="font-size:20px;font-family:Arial,Helvetica,sans-serif">[[[SERVERNAME]]] - Agent Installation</b></td></tr></table>[[[AREA-NAME]]]<p>Hello [[[NAME]]],</p>[[[/AREA-NAME]]]<p>User [[[USERNAME]]] on server <a href="[[[SERVERURL]]]">[[[SERVERNAME]]]</a> is requesting you to download the following software to start the remote control session.</p>[[[AREA-MSG]]]<p>Message: <b>[[[MSG]]]</b></p>[[[/AREA-MSG]]][[[AREA-WINDOWS]]]<p style="margin-left:30px"><a href="[[[SERVERURL]]]/meshagents?id=3&meshid=[[[MESHIDHEX]]]&tag=mailto:[[[EMAIL]]]&installflags=[[[INSTALLFLAGS]]]">Click here to download the MeshAgent for Windows.</a></p>[[[/AREA-WINDOWS]]][[[AREA-OSX]]]<p style="margin-left:30px"><a href="[[[SERVERURL]]]/meshagents?id=16&meshid=[[[MESHIDHEX]]]&tag=mailto:[[[EMAIL]]]&installflags=[[[INSTALLFLAGS]]]">Click here to download the MeshAgent for Apple OSX.</a></p>[[[/AREA-OSX]]][[[AREA-LINUX]]]<p>For Linux, cut & paste the following in a terminal to install the agent:<br /><pre style="margin-left:30px">wget -q [[[SERVERURL]]]/meshagents?script=1 --no-check-certificate -O ./meshinstall.sh && chmod 755 ./meshinstall.sh && sudo ./meshinstall.sh [[[SERVERURL]]] [[[MESHIDHEX]]]</pre></p>[[[/AREA-LINUX]]]<p>If you did not initiate this request, please ignore this mail.</p>Best regards,<br>[[[USERNAME]]]<br></div>';
obj.mailTemplates['mesh-invite.html'] = '<title>[[[SERVERNAME]]] - Invitation</title>\r\n<div style="font-family:Arial,Helvetica,sans-serif"><table style="background-color:#003366;color:lightgray;width:100%" cellpadding=8><tr><td><b style="font-size:20px;font-family:Arial,Helvetica,sans-serif">[[[SERVERNAME]]] - Agent Installation</b></td></tr></table>[[[AREA-NAME]]]<p>Hello [[[NAME]]],</p>[[[/AREA-NAME]]]<p>User [[[USERNAME]]] on server <a href="[[[SERVERURL]]]">[[[SERVERNAME]]]</a> is requesting you to install software to start a remote control session.</p>[[[AREA-MSG]]]<p>Message: <b>[[[MSG]]]</b></p>[[[/AREA-MSG]]][[[AREA-WINDOWS]]]<p style="margin-left:30px"><a href="[[[SERVERURL]]]/meshagents?id=3&meshid=[[[MESHIDHEX]]]&tag=mailto:[[[EMAIL]]]&installflags=[[[INSTALLFLAGS]]]">Click here to download the MeshAgent for Windows.</a></p>[[[/AREA-WINDOWS]]][[[AREA-OSX]]]<p style="margin-left:30px"><a href="[[[SERVERURL]]]/meshagents?id=16&meshid=[[[MESHIDHEX]]]&tag=mailto:[[[EMAIL]]]&installflags=[[[INSTALLFLAGS]]]">Click here to download the MeshAgent for Apple OSX.</a></p>[[[/AREA-OSX]]][[[AREA-LINUX]]]<p>For Linux, cut & paste the following in a terminal to install the agent:<br /><pre style="margin-left:30px">wget -q [[[SERVERURL]]]/meshagents?script=1 --no-check-certificate -O ./meshinstall.sh && chmod 755 ./meshinstall.sh && sudo ./meshinstall.sh [[[SERVERURL]]] [[[MESHIDHEX]]]</pre></p>[[[/AREA-LINUX]]][[[AREA-LINK]]]<p>To install the software, <a href="[[[SERVERURL]]][[[LINKURL]]]">click here</a> and follow the instructions.</p>[[[/AREA-LINK]]]<p>If you did not initiate this request, please ignore this mail.</p>Best regards,<br>[[[USERNAME]]]<br></div>';
obj.mailTemplates['account-check.txt'] = '[[[SERVERNAME]]] - Email Verification\r\nHi [[[USERNAME]]], [[[SERVERNAME]]] ([[[SERVERURL]]]) is performing an e-mail verification. Nagivate to the following link to complete the process:\r\n\r\n[[[SERVERURL]]]/checkmail?c=[[[COOKIE]]]\r\n\r\nIf you did not initiate this request, please ignore this mail.\r\n';
obj.mailTemplates['account-reset.txt'] = '[[[SERVERNAME]]] - Account Reset\r\nHi [[[USERNAME]]], [[[SERVERNAME]]] ([[[SERVERURL]]]) is requesting an account password reset. Nagivate to the following link to complete the process:\r\n\r\n[[[SERVERURL]]]/checkmail?c=[[[COOKIE]]]\r\n\r\nIf you did not initiate this request, please ignore this mail.';
obj.mailTemplates['mesh-invite.txt'] = '[[[SERVERNAME]]] - Invitation\r\n[[[AREA-NAME]]]Hello [[[NAME]]],\r\n\r\n[[[/AREA-NAME]]]User [[[USERNAME]]] on server [[[SERVERNAME]]] ([[[SERVERURL]]]/) is requesting you to download the following software to start the remote control session.[[[AREA-MSG]]]\r\n\r\nMessage: [[[MSG]]]\r\n\r\n[[[/AREA-MSG]]][[[AREA-WINDOWS]]]For Windows, nagivate to the following link to complete the process:\r\n\r\n[[[SERVERURL]]]/meshagents?id=3&meshid=[[[MESHIDHEX]]]&tag=mailto:[[[EMAIL]]]&installflags=[[[INSTALLFLAGS]]]\r\n\r\n[[[/AREA-WINDOWS]]][[[AREA-OSX]]]For Apple OSX, nagivate to the following link to complete the process:\r\n\r\n[[[SERVERURL]]]/meshagents?id=16&meshid=[[[MESHIDHEX]]]&tag=mailto:[[[EMAIL]]]&installflags=[[[INSTALLFLAGS]]]\r\n\r\n[[[/AREA-OSX]]][[[AREA-LINUX]]]For Linux, cut & paste the following in a terminal to install the agent:\r\n\r\nwget -q [[[SERVERURL]]]/meshagents?script=1 --no-check-certificate -O ./meshinstall.sh && chmod 755 ./meshinstall.sh && sudo ./meshinstall.sh [[[SERVERURL]]] [[[MESHIDHEX]]]\r\n\r\n[[[/AREA-LINUX]]]If you did not initiate this request, please ignore this mail.\r\n\r\nBest regards,\r\n[[[USERNAME]]]';
obj.mailTemplates['mesh-invite.txt'] = '[[[SERVERNAME]]] - Invitation\r\n[[[AREA-NAME]]]Hello [[[NAME]]],\r\n\r\n[[[/AREA-NAME]]]User [[[USERNAME]]] on server [[[SERVERNAME]]] ([[[SERVERURL]]]/) is requesting you install software to start the remote control session.[[[AREA-MSG]]]\r\n\r\nMessage: [[[MSG]]]\r\n\r\n[[[/AREA-MSG]]][[[AREA-WINDOWS]]]For Windows, nagivate to the following link to complete the process:\r\n\r\n[[[SERVERURL]]]/meshagents?id=3&meshid=[[[MESHIDHEX]]]&tag=mailto:[[[EMAIL]]]&installflags=[[[INSTALLFLAGS]]]\r\n\r\n[[[/AREA-WINDOWS]]][[[AREA-OSX]]]For Apple OSX, nagivate to the following link to complete the process:\r\n\r\n[[[SERVERURL]]]/meshagents?id=16&meshid=[[[MESHIDHEX]]]&tag=mailto:[[[EMAIL]]]&installflags=[[[INSTALLFLAGS]]]\r\n\r\n[[[/AREA-OSX]]][[[AREA-LINUX]]]For Linux, cut & paste the following in a terminal to install the agent:\r\n\r\nwget -q [[[SERVERURL]]]/meshagents?script=1 --no-check-certificate -O ./meshinstall.sh && chmod 755 ./meshinstall.sh && sudo ./meshinstall.sh [[[SERVERURL]]] [[[MESHIDHEX]]]\r\n\r\n[[[/AREA-LINUX]]][[[AREA-LINK]]]To install the software, navigate to [[[SERVERURL]]][[[LINKURL]]] and follow the instructions.\r\n\r\n[[[/AREA-LINK]]]If you did not initiate this request, please ignore this mail.\r\n\r\nBest regards,\r\n[[[USERNAME]]]';
// Load all of the mail templates if present
if (obj.parent.fs.existsSync(obj.parent.path.join(obj.parent.datapath, 'mail-templates'))) {
@ -93,7 +93,7 @@ module.exports.CreateMeshMail = function (parent) {
return str.substring(0, si) + str.substring(ei + end.length);
}
// Remove the string between two markers
// Keep or remove the string between two markers
function strZone(str, marker, keep) {
marker = marker.toUpperCase();
if (keep) { return str.split('[[[AREA-' + marker + ']]]').join('').split('[[[/AREA-' + marker + ']]]').join(''); }
@ -153,7 +153,7 @@ module.exports.CreateMeshMail = function (parent) {
};
// Send agent invite mail
obj.sendAgentInviteMail = function (domain, username, email, meshid, name, os, msg, flags) {
obj.sendAgentInviteMail = function (domain, username, email, meshid, name, os, msg, flags, expirehours) {
var template = getTemplateEx('mesh-invite', domain);
if ((template == null) || (template.htmlSubject == null) || (template.txtSubject == null) || (parent.certificates == null) || (parent.certificates.CommonName == null) || (parent.certificates.CommonName.indexOf('.') == -1)) return; // If the server name is not set, don't validate the email address.
@ -162,6 +162,8 @@ module.exports.CreateMeshMail = function (parent) {
options.windows = ((os == 0) || (os == 1)) ? 1 : 0;
options.linux = ((os == 0) || (os == 2)) ? 1 : 0;
options.osx = ((os == 0) || (os == 3)) ? 1 : 0;
options.link = (os == 4) ? 1 : 0;
options.linkurl = createInviteLink(domain, meshid, flags, expirehours);
// Send the email
obj.pendingMails.push({ to: email, from: parent.config.smtp.from, subject: mailReplacements(template.htmlSubject, domain, options), text: mailReplacements(template.txt, domain, options), html: mailReplacements(template.html, domain, options) });
@ -213,5 +215,10 @@ module.exports.CreateMeshMail = function (parent) {
}
});
// Create a agent invitation link
function createInviteLink(domain, meshid, flags, expirehours) {
return '/agentinvite?c=' + parent.encodeCookie({ a: 4, mid: meshid, f: flags, expire: expirehours * 60 }, parent.invitationLinkEncryptionKey);
}
return obj;
};

View File

@ -2103,7 +2103,7 @@ module.exports.CreateMeshUser = function (parent, db, ws, req, args, domain, use
//if (mesh.links[user._id] == null || ((mesh.links[user._id].rights & 4) == 0)) return;
// Perform email invitation
parent.parent.mailserver.sendAgentInviteMail(domain, user.name, command.email, command.meshid, command.name, command.os, command.msg, command.flags);
parent.parent.mailserver.sendAgentInviteMail(domain, user.name, command.email, command.meshid, command.name, command.os, command.msg, command.flags, command.expire);
}
break;
}

View File

@ -2710,7 +2710,10 @@
x += "<div id=emailInviteDiv style=display:none>Invite someone to install the mesh agent. An email with be sent with the link to the mesh agent installation for the \"" + EscapeHtml(mesh.name) + "\" device group.<br /><br />";
x += addHtmlValue('Name (optional)', '<input id=agentInviteName value="" style=width:230px maxlength=64 />');
x += addHtmlValue('Email', '<input id=agentInviteEmail style=width:230px placeholder="example@email.com" onkeyup=validateAgentInvite()></input>');
x += addHtmlValue('Operating System', '<select id=agentInviteNameOs style=width:236px><option value=0>Any supported</option><option value=1>Windows only</option><option value=3>Apple MacOS only</option><option value=2>Linux only</option></select>');
x += addHtmlValue('Operating System', '<select id=agentInviteNameOs onchange=d2ChangedInviteType() style=width:236px><option value=4>Send installation link</option><option value=0 selected>Any supported</option><option value=1>Windows only</option><option value=3>Apple MacOS only</option><option value=2>Linux only</option></select>');
x += '<div id=d2agentexpirediv>';
x += addHtmlValue('Link Expiration', '<select id=agentInviteExpire style=width:236px><option value=1>1 hour</option><option value=8>8 hours</option><option value=24>1 day</option><option value=168>1 week</option><option value=5040>1 month</option><option value=0>Unlimited</option></select>');
x += '</div>';
x += addHtmlValue('Installation Type', '<select id=agentInviteType style=width:236px><option value=0>Background and interactive</option><option value=2>Background only</option><option value=1>Interactive only</option></select>');
x += addHtmlValue('Message<br />(optional)', '<textarea id=agentInviteMessage value="" style=width:230px;height:100px;resize:none maxlength=1024 /></textarea>');
x += '</div>';
@ -2719,6 +2722,7 @@
x += addHtmlValue('Link Expiration', '<select id=d2inviteExpire style=width:236px onchange=d2RequestInvitationLink()><option value=1>1 hour</option><option value=8>8 hours</option><option value=24>1 day</option><option value=168>1 week</option><option value=5040>1 month</option><option value=0>Unlimited</option></select>');
x += '<div id=agentInvitationLinkDiv style="text-align:center;font-size:large;margin:16px;display:none"><a id=agentInvitationLink target="_blank" href="" style=cursor:pointer></a> <img src=images/link4.png height=10 width=10 title="Copy link to clipboard" style=cursor:pointer onclick=d2CopyInviteToClip()></div></div>';
setDialogMode(2, "Invite", 3, performAgentInvite, x, meshid);
d2ChangedInviteType();
validateAgentInvite();
d2RequestInvitationLink();
}
@ -2729,6 +2733,7 @@
function d2ChangedInviteType() {
QV('urlInviteDiv', Q('d2InviteType').value == 0);
QV('d2agentexpirediv', Q('agentInviteNameOs').value == 4);
if (features & 64) { QV('emailInviteDiv', Q('d2InviteType').value == 1); }
validateAgentInvite();
}
@ -2747,7 +2752,7 @@
function performAgentInvite(button, meshid) {
if ((features & 64) && (Q('d2InviteType').value == 1)) {
meshserver.send({ action: 'inviteAgent', meshid: meshid, email: Q('agentInviteEmail').value, name: Q('agentInviteName').value, os: Q('agentInviteNameOs').value, flags: Q('agentInviteType').value, msg: Q('agentInviteMessage').value });
meshserver.send({ action: 'inviteAgent', meshid: meshid, email: Q('agentInviteEmail').value, name: Q('agentInviteName').value, os: Q('agentInviteNameOs').value, flags: Q('agentInviteType').value, msg: Q('agentInviteMessage').value, expire: parseInt(Q('agentInviteExpire').value) });
}
}

View File

@ -72,6 +72,7 @@
<div id="newAccountDiv" style="display:none;padding:2px">
Don&#39;t have an account? <a onclick=xgo(2) style=cursor:pointer>Create one</a>.
</div>
<input id=loginformargs name="urlargs" type="hidden" value="" />
</form>
</div>
<div id=createpanel style="display:none">
@ -117,6 +118,7 @@
</tr>
</table>
<hr /><a onclick=xgo(1) style=cursor:pointer>Back to login</a>
<input id=createformargs name="urlargs" type="hidden" value="" />
</form>
</div>
</div>
@ -141,6 +143,7 @@
</tr>
</table>
<hr /><a onclick=xgo(1) style=cursor:pointer>Back to login</a>
<input id=resetformargs name="urlargs" type="hidden" value="" />
</form>
</div>
<div id=tokenpanel style="background-color:#979797;border-radius:16px;width:260px;padding:16px;text-align:center;display:none;clear:both">
@ -163,6 +166,7 @@
</tr>
</table>
<hr /><a onclick=xgo(1) style=cursor:pointer>Back to login</a>
<input id=tokenformargs name="urlargs" type="hidden" value="" />
</form>
</div>
@ -186,6 +190,7 @@
</tr>
</table>
<hr /><a onclick=xgo(1) style=cursor:pointer>Back to login</a>
<input id=resettokenformargs name="urlargs" type="hidden" value="" />
</form>
</div>
@ -216,6 +221,7 @@
</tr>
</table>
<hr /><a onclick=xgo(1) style=cursor:pointer>Back to login</a>
<input id=resetpasswordformargs name="urlargs" type="hidden" value="" />
</form>
</div>
@ -264,6 +270,17 @@
var hardwareKeyChallenge = decodeURIComponent('{{{hkey}}}');
var currentpanel = 0;
// If URL arguments are provided, add them to form posts
if (window.location.href.indexOf('?') > 0) {
var urlargs = window.location.href.substring(window.location.href.indexOf('?'));
Q('loginformargs').value = urlargs;
Q('createformargs').value = urlargs;
Q('resetformargs').value = urlargs;
Q('tokenformargs').value = urlargs;
Q('resettokenformargs').value = urlargs;
Q('resetpasswordformargs').value = urlargs;
}
function startup() {
if ((features & 32) == 0) {
// Guard against other site's top frames (web bugs).

View File

@ -69,6 +69,7 @@
<div id="newAccountDiv" style="display:none;padding:2px">
Don&#39;t have an account? <a onclick=xgo(2) style=cursor:pointer>Create one</a>.
</div>
<input id=loginformargs name="urlargs" type="hidden" value="" />
</form>
</div>
<div id=createpanel style="display:none;position:relative">
@ -113,6 +114,7 @@
</tr>
</table>
<hr /><a onclick=xgo(1) style=cursor:pointer>Back to login</a>
<input id=createformargs name="urlargs" type="hidden" value="" />
</form>
</div>
<div id=resetpanel style="display:none">
@ -136,6 +138,7 @@
</tr>
</table>
<hr /><a onclick=xgo(1) style=cursor:pointer>Back to login</a>
<input id=resetformargs name="urlargs" type="hidden" value="" />
</form>
</div>
<div id=tokenpanel style="display:none">
@ -158,6 +161,7 @@
</tr>
</table>
<hr /><a onclick=xgo(1) style=cursor:pointer>Back to login</a>
<input id=tokenformargs name="urlargs" type="hidden" value="" />
</form>
</div>
<div id=resettokenpanel style="display:none">
@ -180,6 +184,7 @@
</tr>
</table>
<hr /><a onclick=xgo(1) style=cursor:pointer>Back to login</a>
<input id=resettokenformargs name="urlargs" type="hidden" value="" />
</form>
</div>
<div id=resetpasswordpanel style="display:none;position:relative">
@ -209,6 +214,7 @@
</tr>
</table>
<hr /><a onclick=xgo(1) style=cursor:pointer>Back to login</a>
<input id=resetpasswordformargs name="urlargs" type="hidden" value="" />
</form>
</div>
</td>
@ -260,6 +266,17 @@
var webPageFullScreen = true;
var nightMode = (getstore('_nightMode', '0') == '1');
// If URL arguments are provided, add them to form posts
if (window.location.href.indexOf('?') > 0) {
var urlargs = window.location.href.substring(window.location.href.indexOf('?'));
Q('loginformargs').value = urlargs;
Q('createformargs').value = urlargs;
Q('resetformargs').value = urlargs;
Q('tokenformargs').value = urlargs;
Q('resettokenformargs').value = urlargs;
Q('resetpasswordformargs').value = urlargs;
}
//var webPageFullScreen = getstore('webPageFullScreen', true);
//if (webPageFullScreen == 'false') { webPageFullScreen = false; }
//if (webPageFullScreen == 'true') { webPageFullScreen = true; }

View File

@ -647,7 +647,7 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
req.session.loginmode = '4';
req.session.tokenusername = xusername;
req.session.tokenpassword = xpassword;
res.redirect(domain.url);
res.redirect(domain.url + getQueryPortion(req));
}, randomWaitTime);
} else {
// Login succesful
@ -672,7 +672,7 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
} else {
delete req.session.passhint;
}
res.redirect(domain.url);
res.redirect(domain.url + getQueryPortion(req));
}, 2000 + (obj.crypto.randomBytes(2).readUInt16BE(0) % 4095)); // Wait for 2 to ~6 seconds.
}
});
@ -686,7 +686,7 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
req.session.error = '<b style=color:#8C001A>Password change requested.</b>';
req.session.resettokenusername = xusername;
req.session.resettokenpassword = xpassword;
res.redirect(domain.url);
res.redirect(domain.url + getQueryPortion(req));
return;
}
@ -726,12 +726,12 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
}
console.log("CurrentNode: " + req.session.currentNode);
// This redirect happens after finding node is completed
res.redirect(domain.url);
res.redirect(domain.url + getQueryPortion(req));
});
*/
res.redirect(domain.url); // Temporary
res.redirect(domain.url + getQueryPortion(req)); // Temporary
} else {
res.redirect(domain.url);
res.redirect(domain.url + getQueryPortion(req));
}
//});
}
@ -755,7 +755,7 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
if (i == -1) {
req.session.loginmode = '2';
req.session.error = '<b style=color:#8C001A>Unable to create account.</b>';
res.redirect(domain.url);
res.redirect(domain.url + getQueryPortion(req));
return;
}
var emailok = false, emaildomain = req.body.email.substring(i + 1).toLowerCase();
@ -763,7 +763,7 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
if (emailok == false) {
req.session.loginmode = '2';
req.session.error = '<b style=color:#8C001A>Unable to create account.</b>';
res.redirect(domain.url);
res.redirect(domain.url + getQueryPortion(req));
return;
}
}
@ -774,25 +774,25 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
req.session.loginmode = '2';
req.session.error = '<b style=color:#8C001A>Account limit reached.</b>';
console.log('max', req.session);
res.redirect(domain.url);
res.redirect(domain.url + getQueryPortion(req));
} else {
if (!obj.common.validateUsername(req.body.username, 1, 64) || !obj.common.validateEmail(req.body.email, 1, 256) || !obj.common.validateString(req.body.password1, 1, 256) || !obj.common.validateString(req.body.password2, 1, 256) || (req.body.password1 != req.body.password2) || req.body.username == '~' || !obj.common.checkPasswordRequirements(req.body.password1, domain.passwordrequirements)) {
req.session.loginmode = '2';
req.session.error = '<b style=color:#8C001A>Unable to create account.</b>';
res.redirect(domain.url);
res.redirect(domain.url + getQueryPortion(req));
} else {
// Check if this email was already verified
obj.db.GetUserWithVerifiedEmail(domain.id, req.body.email, function (err, docs) {
if (docs.length > 0) {
req.session.loginmode = '2';
req.session.error = '<b style=color:#8C001A>Existing account with this email address.</b>';
res.redirect(domain.url);
res.redirect(domain.url + getQueryPortion(req));
} else {
// Check if there is domain.newAccountToken, check if supplied token is valid
if ((domain.newaccountspass != null) && (domain.newaccountspass != '') && (req.body.anewaccountpass != domain.newaccountspass)) {
req.session.loginmode = '2';
req.session.error = '<b style=color:#8C001A>Invalid account creation token.</b>';
res.redirect(domain.url);
res.redirect(domain.url + getQueryPortion(req));
return;
}
// Check if user exists
@ -822,7 +822,7 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
if (obj.db.changeStream) { event.noact = 1; } // If DB change stream is active, don't use this event to create the user. Another event will come.
obj.parent.DispatchEvent(['*', 'server-users'], obj, event);
}
res.redirect(domain.url);
res.redirect(domain.url + getQueryPortion(req));
}
});
}
@ -845,7 +845,7 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
delete req.session.success;
delete req.session.error;
delete req.session.passhint;
res.redirect(domain.url);
res.redirect(domain.url + getQueryPortion(req));
return;
}
@ -859,7 +859,7 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
if (!obj.common.checkPasswordRequirements(req.body.rpassword1, domain.passwordrequirements)) {
req.session.loginmode = '6';
req.session.error = '<b style=color:#8C001A>Password rejected, use a different one.</b>';
res.redirect(domain.url);
res.redirect(domain.url + getQueryPortion(req));
return;
}
@ -869,7 +869,7 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
// This is the same password, request a password change again
req.session.loginmode = '6';
req.session.error = '<b style=color:#8C001A>Password rejected, use a different one.</b>';
res.redirect(domain.url);
res.redirect(domain.url + getQueryPortion(req));
} else {
// Update the password, use a different salt.
require('./pass').hash(req.body.rpassword1, function (err, salt, hash, tag) {
@ -902,7 +902,7 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
delete req.session.success;
delete req.session.error;
delete req.session.passhint;
res.redirect(domain.url);
res.redirect(domain.url + getQueryPortion(req));
return;
}
});
@ -921,13 +921,13 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
if (!email || checkEmail(email) == false) {
req.session.loginmode = '3';
req.session.error = '<b style=color:#8C001A>Invalid email.</b>';
res.redirect(domain.url);
res.redirect(domain.url + getQueryPortion(req));
} else {
obj.db.GetUserWithVerifiedEmail(domain.id, email, function (err, docs) {
if ((err != null) || (docs.length == 0)) {
req.session.loginmode = '3';
req.session.error = '<b style=color:#8C001A>Account not found.</b>';
res.redirect(domain.url);
res.redirect(domain.url + getQueryPortion(req));
} else {
// If many accounts have the same validated e-mail, we are going to use the first one for display, but sent a reset email for all accounts.
var responseSent = false;
@ -942,7 +942,7 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
if ((req.body.token != null) || (req.body.hwtoken != null)) { req.session.error = '<b style=color:#8C001A>Invalid token, try again.</b>'; }
req.session.loginmode = '5';
req.session.tokenemail = email;
res.redirect(domain.url);
res.redirect(domain.url + getQueryPortion(req));
}
} else {
// Send email to perform recovery.
@ -952,13 +952,13 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
if (i == 0) {
req.session.loginmode = '1';
req.session.error = '<b style=color:darkgreen>Hold on, reset mail sent.</b>';
res.redirect(domain.url);
res.redirect(domain.url + getQueryPortion(req));
}
} else {
if (i == 0) {
req.session.loginmode = '3';
req.session.error = '<b style=color:#8C001A>Unable to sent email.</b>';
res.redirect(domain.url);
res.redirect(domain.url + getQueryPortion(req));
}
}
}
@ -970,13 +970,13 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
if (i == 0) {
req.session.loginmode = '1';
req.session.error = '<b style=color:darkgreen>Hold on, reset mail sent.</b>';
res.redirect(domain.url);
res.redirect(domain.url + getQueryPortion(req));
}
} else {
if (i == 0) {
req.session.loginmode = '3';
req.session.error = '<b style=color:#8C001A>Unable to sent email.</b>';
res.redirect(domain.url);
res.redirect(domain.url + getQueryPortion(req));
}
}
}
@ -1107,7 +1107,7 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
if ((domain == null) || (domain.auth == 'sspi') || (domain.auth == 'ldap')) { res.sendStatus(404); return; }
// Check if the user is logged and we have all required parameters
if (!req.session || !req.session.userid || !req.body.apassword1 || (req.body.apassword1 != req.body.apassword2) || (req.session.domainid != domain.id)) { res.redirect(domain.url); return; }
if (!req.session || !req.session.userid || !req.body.apassword1 || (req.body.apassword1 != req.body.apassword2) || (req.session.domainid != domain.id)) { res.redirect(domain.url + getQueryPortion(req)); return; }
var user = obj.users[req.session.userid];
if (!user) return;
@ -1138,10 +1138,10 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
obj.db.Remove(user._id);
delete obj.users[user._id];
req.session = null;
res.redirect(domain.url);
res.redirect(domain.url + getQueryPortion(req));
obj.parent.DispatchEvent(['*', 'server-users'], obj, { etype: 'user', username: user.name, action: 'accountremove', msg: 'Account removed', domain: domain.id });
} else {
res.redirect(domain.url);
res.redirect(domain.url + getQueryPortion(req));
}
});
}
@ -1178,11 +1178,11 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
if ((domain == null) || (domain.auth == 'sspi') || (domain.auth == 'ldap')) { res.sendStatus(404); return; }
// Check if the user is logged and we have all required parameters
if (!req.session || !req.session.userid || !req.body.apassword0 || !req.body.apassword1 || (req.body.apassword1 != req.body.apassword2) || (req.session.domainid != domain.id)) { res.redirect(domain.url); return; }
if (!req.session || !req.session.userid || !req.body.apassword0 || !req.body.apassword1 || (req.body.apassword1 != req.body.apassword2) || (req.session.domainid != domain.id)) { res.redirect(domain.url + getQueryPortion(req)); return; }
// Get the current user
var user = obj.users[req.session.userid];
if (!user) { res.redirect(domain.url); return; }
if (!user) { res.redirect(domain.url + getQueryPortion(req)); return; }
// Check old password
obj.checkUserPassword(domain, user, req.body.apassword0, function (result) {
@ -1197,7 +1197,7 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
delete user.passtype;
obj.db.SetUser(user);
req.session.viewmode = 2;
res.redirect(domain.url);
res.redirect(domain.url + getQueryPortion(req));
obj.parent.DispatchEvent(['*', 'server-users'], obj, { etype: 'user', username: user.name, action: 'passchange', msg: 'Account password changed: ' + user.name, domain: domain.id });
}, 0);
}
@ -1232,7 +1232,7 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
res.set({ 'Cache-Control': 'no-cache, no-store, must-revalidate', 'Pragma': 'no-cache', 'Expires': '0' });
// Check if we have an incomplete domain name in the path
if ((domain.id != '') && (domain.dns == null) && (req.url.split('/').length == 2)) { res.redirect(domain.url); return; }
if ((domain.id != '') && (domain.dns == null) && (req.url.split('/').length == 2)) { res.redirect(domain.url + getQueryPortion(req)); return; }
if (obj.args.nousers == true) {
// If in single user mode, setup things here.
@ -1300,7 +1300,7 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
// If a user exists and is logged in, serve the default app, otherwise server the login app.
if (req.session && req.session.userid && obj.users[req.session.userid]) {
var user = obj.users[req.session.userid];
if (req.session.domainid != domain.id) { req.session = null; res.redirect(domain.url); return; } // Check is the session is for the correct domain
if (req.session.domainid != domain.id) { req.session = null; res.redirect(domain.url + getQueryPortion(req)); return; } // Check is the session is for the correct domain
// Check if this is a locked account
if ((user.siteadmin != null) && ((user.siteadmin & 32) != 0) && (user.siteadmin != 0xFFFFFFFF)) {
@ -1310,7 +1310,7 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
delete req.session.currentNode;
delete req.session.passhint;
req.session.error = '<b style=color:#8C001A>Account locked.</b>';
res.redirect(domain.url);
res.redirect(domain.url + getQueryPortion(req));
return;
}
@ -1393,14 +1393,14 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
obj.db.GetUserWithVerifiedEmail(domain.id, req.session.tokenemail, function (err, docs) {
if ((err != null) || (docs.length == 0)) {
req.session = null;
res.redirect(domain.url);
res.redirect(domain.url + getQueryPortion(req));
} else {
var user = obj.users[docs[0]._id];
if (user != null) {
getHardwareKeyChallenge(req, domain, user, function (hwchallenge) { handleRootRequestLogin(req, res, domain, hwchallenge, passRequirements); });
} else {
req.session = null;
res.redirect(domain.url);
res.redirect(domain.url + getQueryPortion(req));
}
}
});
@ -1486,7 +1486,7 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
// Send the terms from the database
res.set({ 'Cache-Control': 'no-cache, no-store, must-revalidate', 'Pragma': 'no-cache', 'Expires': '0' });
if (req.session && req.session.userid) {
if (req.session.domainid != domain.id) { req.session = null; res.redirect(domain.url); return; } // Check is the session is for the correct domain
if (req.session.domainid != domain.id) { req.session = null; res.redirect(domain.url + getQueryPortion(req)); return; } // Check is the session is for the correct domain
var user = obj.users[req.session.userid];
var logoutcontrol = 'Welcome ' + user.name + '.';
if ((domain.ldap == null) && (domain.sspi == null) && (obj.args.user == null) && (obj.args.nousers != true)) { logoutcontrol += ' <a href=' + domain.url + 'logout?' + Math.random() + ' style=color:white>Logout</a>'; } // If a default user is in use or no user mode, don't display the logout button
@ -1504,7 +1504,7 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
// Send the terms from terms.txt
res.set({ 'Cache-Control': 'no-cache, no-store, must-revalidate', 'Pragma': 'no-cache', 'Expires': '0' });
if (req.session && req.session.userid) {
if (req.session.domainid != domain.id) { req.session = null; res.redirect(domain.url); return; } // Check is the session is for the correct domain
if (req.session.domainid != domain.id) { req.session = null; res.redirect(domain.url + getQueryPortion(req)); return; } // Check is the session is for the correct domain
var user = obj.users[req.session.userid];
var logoutcontrol = 'Welcome ' + user.name + '.';
if ((domain.ldap == null) && (domain.sspi == null) && (obj.args.user == null) && (obj.args.nousers != true)) { logoutcontrol += ' <a href=' + domain.url + 'logout?' + Math.random() + ' style=color:white>Logout</a>'; } // If a default user is in use or no user mode, don't display the logout button
@ -1517,7 +1517,7 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
// Send the default terms
res.set({ 'Cache-Control': 'no-cache, no-store, must-revalidate', 'Pragma': 'no-cache', 'Expires': '0' });
if (req.session && req.session.userid) {
if (req.session.domainid != domain.id) { req.session = null; res.redirect(domain.url); return; } // Check is the session is for the correct domain
if (req.session.domainid != domain.id) { req.session = null; res.redirect(domain.url + getQueryPortion(req)); return; } // Check is the session is for the correct domain
var user = obj.users[req.session.userid];
var logoutcontrol = 'Welcome ' + user.name + '.';
if ((domain.ldap == null) && (domain.sspi == null) && (obj.args.user == null) && (obj.args.nousers != true)) { logoutcontrol += ' <a href=' + domain.url + 'logout?' + Math.random() + ' style=color:white>Logout</a>'; } // If a default user is in use or no user mode, don't display the logout button
@ -1721,7 +1721,7 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
if (splitUrl.length > 1) { urlArgs = '?' + splitUrl[1]; }
if ((splitUrl.length > 0) && (splitUrl[0].length > 1)) { urlName = splitUrl[0].substring(1).toLowerCase(); }
if ((urlName == null) || (domain.redirects[urlName] == null)) { res.sendStatus(404); return; }
res.redirect(domain.redirects[urlName] + urlArgs);
res.redirect(domain.redirects[urlName] + urlArgs + getQueryPortion(req));
}
// Take a "user/domain/userid/path/file" format and return the actual server disk file path if access is allowed
@ -3150,5 +3150,8 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
return (req.headers['user-agent'].toLowerCase().indexOf('mobile') >= 0);
}
// Return the query string portion of the URL, the ? and anything after.
function getQueryPortion(req) { var s = req.url.indexOf('?'); if (s == -1) { if (req.body && req.body.urlargs) { return req.body.urlargs; } return ''; } return req.url.substring(s); }
return obj;
};