uptime-kuma/server/server.js

1878 lines
61 KiB
JavaScript
Raw Permalink Normal View History

/*
* Uptime Kuma Server
* node "server/server.js"
* DO NOT require("./server") in other modules, it likely creates circular dependency!
*/
2021-08-08 13:03:10 +00:00
console.log("Welcome to Uptime Kuma");
2022-10-09 12:59:58 +00:00
// As the log function need to use dayjs, it should be very top
const dayjs = require("dayjs");
dayjs.extend(require("dayjs/plugin/utc"));
2022-12-15 05:39:48 +00:00
dayjs.extend(require("./modules/dayjs/plugin/timezone"));
dayjs.extend(require("dayjs/plugin/customParseFormat"));
2022-10-09 12:59:58 +00:00
2023-02-01 12:07:08 +00:00
// Load environment variables from `.env`
require("dotenv").config();
// Check Node.js Version
const nodeVersion = process.versions.node;
// Get the required Node.js version from package.json
const requiredNodeVersions = require("../package.json").engines.node;
const bannedNodeVersions = " < 18 || 20.0.* || 20.1.* || 20.2.* || 20.3.* ";
console.log(`Your Node.js version: ${nodeVersion}`);
const semver = require("semver");
const requiredNodeVersionsComma = requiredNodeVersions.split("||").map((version) => version.trim()).join(", ");
2023-05-26 10:08:52 +00:00
// Exit Uptime Kuma immediately if the Node.js version is banned
if (semver.satisfies(nodeVersion, bannedNodeVersions)) {
console.error("\x1b[31m%s\x1b[0m", `Error: Your Node.js version: ${nodeVersion} is not supported, please upgrade your Node.js to ${requiredNodeVersionsComma}.`);
process.exit(-1);
}
// Warning if the Node.js version is not in the support list, but it maybe still works
if (!semver.satisfies(nodeVersion, requiredNodeVersions)) {
console.warn("\x1b[31m%s\x1b[0m", `Warning: Your Node.js version: ${nodeVersion} is not officially supported, please upgrade your Node.js to ${requiredNodeVersionsComma}.`);
}
2021-10-09 18:36:20 +00:00
const args = require("args-parser")(process.argv);
2022-05-31 15:06:43 +00:00
const { sleep, log, getRandomInt, genSecret, isDev } = require("../src/util");
2021-10-15 16:57:26 +00:00
const config = require("./config");
2021-10-09 18:36:20 +00:00
log.debug("server", "Arguments");
log.debug("server", args);
if (! process.env.NODE_ENV) {
process.env.NODE_ENV = "production";
}
if (!process.env.UPTIME_KUMA_WS_ORIGIN_CHECK) {
process.env.UPTIME_KUMA_WS_ORIGIN_CHECK = "cors-like";
}
2021-07-31 13:57:58 +00:00
log.info("server", "Env: " + process.env.NODE_ENV);
log.debug("server", "Inside Container: " + (process.env.UPTIME_KUMA_IS_CONTAINER === "1"));
2021-07-31 13:57:58 +00:00
if (process.env.UPTIME_KUMA_WS_ORIGIN_CHECK === "bypass") {
log.warn("server", "WebSocket Origin Check: " + process.env.UPTIME_KUMA_WS_ORIGIN_CHECK);
}
2021-07-31 13:57:58 +00:00
const checkVersion = require("./check-version");
log.info("server", "Uptime Kuma Version: " + checkVersion.version);
2021-07-31 13:57:58 +00:00
log.info("server", "Loading modules");
log.debug("server", "Importing express");
2021-07-31 13:57:58 +00:00
const express = require("express");
const expressStaticGzip = require("express-static-gzip");
log.debug("server", "Importing redbean-node");
2021-07-27 17:47:13 +00:00
const { R } = require("redbean-node");
log.debug("server", "Importing jsonwebtoken");
2021-07-27 17:47:13 +00:00
const jwt = require("jsonwebtoken");
log.debug("server", "Importing http-graceful-shutdown");
2021-07-27 17:47:13 +00:00
const gracefulShutdown = require("http-graceful-shutdown");
log.debug("server", "Importing prometheus-api-metrics");
2021-07-27 17:47:13 +00:00
const prometheusAPIMetrics = require("prometheus-api-metrics");
2021-10-21 14:54:04 +00:00
const { passwordStrength } = require("check-password-strength");
2021-07-31 13:57:58 +00:00
log.debug("server", "Importing 2FA Modules");
const notp = require("notp");
const base32 = require("thirty-two");
const { UptimeKumaServer } = require("./uptime-kuma-server");
const server = UptimeKumaServer.getInstance();
const io = module.exports.io = server.io;
const app = server.app;
2022-04-07 14:53:32 +00:00
log.debug("server", "Importing Monitor");
2021-07-31 13:57:58 +00:00
const Monitor = require("./model/monitor");
const User = require("./model/user");
log.debug("server", "Importing Settings");
const { getSettings, setSettings, setting, initJWTSecret, checkLogin, doubleCheckPassword, shake256, SHAKE256_LENGTH, allowDevAllOrigin,
} = require("./util-server");
2021-09-07 14:42:46 +00:00
log.debug("server", "Importing Notification");
2021-07-31 13:57:58 +00:00
const { Notification } = require("./notification");
2021-09-07 14:42:46 +00:00
Notification.init();
log.debug("server", "Importing Database");
2021-07-31 13:57:58 +00:00
const Database = require("./database");
log.debug("server", "Importing Background Jobs");
const { initBackgroundJobs, stopBackgroundJobs } = require("./jobs");
2022-03-29 09:38:48 +00:00
const { loginRateLimiter, twoFaRateLimiter } = require("./rate-limiter");
const { apiAuth } = require("./auth");
2021-07-27 17:47:13 +00:00
const { login } = require("./auth");
2021-07-28 12:35:55 +00:00
const passwordHash = require("./password-hash");
2021-07-31 13:57:58 +00:00
const hostname = config.hostname;
if (hostname) {
log.info("server", "Custom hostname: " + hostname);
}
const port = config.port;
2021-06-25 13:55:49 +00:00
2021-10-19 08:29:09 +00:00
const disableFrameSameOrigin = !!process.env.UPTIME_KUMA_DISABLE_FRAME_SAMEORIGIN || args["disable-frame-sameorigin"] || false;
const cloudflaredToken = args["cloudflared-token"] || process.env.UPTIME_KUMA_CLOUDFLARED_TOKEN || undefined;
2021-09-02 12:18:27 +00:00
2021-10-11 18:18:40 +00:00
// 2FA / notp verification defaults
const twoFAVerifyOptions = {
2021-10-11 18:18:40 +00:00
"window": 1,
"time": 30
2021-10-18 09:15:28 +00:00
};
2021-09-02 12:18:27 +00:00
/**
* Run unit test after the server is ready
* @type {boolean}
*/
const testMode = !!args["test"] || false;
2021-09-02 12:18:27 +00:00
// Must be after io instantiation
2024-08-30 19:48:13 +00:00
const { sendNotificationList, sendHeartbeatList, sendInfo, sendProxyList, sendDockerHostList, sendAPIKeyList, sendRemoteBrowserList, sendMonitorTypeList } = require("./client");
2021-09-16 14:48:28 +00:00
const { statusPageSocketHandler } = require("./socket-handlers/status-page-socket-handler");
const { databaseSocketHandler } = require("./socket-handlers/database-socket-handler");
const { remoteBrowserSocketHandler } = require("./socket-handlers/remote-browser-socket-handler");
2021-11-18 10:22:03 +00:00
const TwoFA = require("./2fa");
2022-03-10 13:34:30 +00:00
const StatusPage = require("./model/status_page");
const { cloudflaredSocketHandler, autoStart: cloudflaredAutoStart, stop: cloudflaredStop } = require("./socket-handlers/cloudflared-socket-handler");
const { proxySocketHandler } = require("./socket-handlers/proxy-socket-handler");
const { dockerSocketHandler } = require("./socket-handlers/docker-socket-handler");
const { maintenanceSocketHandler } = require("./socket-handlers/maintenance-socket-handler");
const { apiKeySocketHandler } = require("./socket-handlers/api-key-socket-handler");
2022-12-12 14:57:57 +00:00
const { generalSocketHandler } = require("./socket-handlers/general-socket-handler");
2022-10-08 15:56:58 +00:00
const { Settings } = require("./settings");
2023-03-05 07:59:43 +00:00
const apicache = require("./modules/apicache");
2023-06-27 07:54:33 +00:00
const { resetChrome } = require("./monitor-types/real-browser-monitor-type");
2023-02-05 10:01:54 +00:00
const { EmbeddedMariaDB } = require("./embedded-mariadb");
const { SetupDatabase } = require("./setup-database");
const { chartSocketHandler } = require("./socket-handlers/chart-socket-handler");
app.use(express.json());
2021-07-09 11:33:22 +00:00
2021-10-19 06:26:10 +00:00
// Global Middleware
app.use(function (req, res, next) {
2021-10-19 08:29:09 +00:00
if (!disableFrameSameOrigin) {
res.setHeader("X-Frame-Options", "SAMEORIGIN");
}
2021-10-19 06:26:10 +00:00
res.removeHeader("X-Powered-By");
next();
});
2021-07-21 18:02:35 +00:00
/**
* Show Setup Page
* @type {boolean}
*/
2021-07-11 05:47:57 +00:00
let needSetup = false;
2021-06-25 13:55:49 +00:00
(async () => {
// Create a data directory
Database.initDataDir(args);
// Check if is chosen a database type
let setupDatabase = new SetupDatabase(args, server);
if (setupDatabase.isNeedSetup()) {
// Hold here and start a special setup page until user choose a database type
await setupDatabase.start(hostname, port);
}
// Connect to database
2023-02-11 14:21:06 +00:00
try {
await initDatabase(testMode);
} catch (e) {
log.error("server", "Failed to prepare your database: " + e.message);
process.exit(1);
}
// Database should be ready now
2022-10-09 12:59:58 +00:00
await server.initAfterDatabaseReady();
2022-10-08 15:56:58 +00:00
server.entryPage = await Settings.get("entryPage");
2022-04-06 14:43:22 +00:00
await StatusPage.loadDomainMappingList();
2021-07-27 16:52:31 +00:00
log.debug("server", "Adding route");
2021-07-27 16:52:31 +00:00
2021-09-11 11:40:03 +00:00
// ***************************
2021-07-27 16:52:31 +00:00
// Normal Router here
2021-09-11 11:40:03 +00:00
// ***************************
2021-07-27 16:52:31 +00:00
// Entry Page
2022-04-06 14:43:22 +00:00
app.get("/", async (request, response) => {
let hostname = request.hostname;
if (await setting("trustProxy")) {
const proxy = request.headers["x-forwarded-host"];
if (proxy) {
hostname = proxy;
}
}
log.debug("entry", `Request Domain: ${hostname}`);
2022-04-06 14:43:22 +00:00
2022-10-08 15:56:58 +00:00
const uptimeKumaEntryPage = server.entryPage;
if (hostname in StatusPage.domainMappingList) {
2022-05-30 07:45:44 +00:00
log.debug("entry", "This is a status page domain");
let slug = StatusPage.domainMappingList[hostname];
2022-05-30 07:45:44 +00:00
await StatusPage.handleStatusPageResponse(response, server.indexHTML, slug);
2022-10-03 15:01:52 +00:00
} else if (uptimeKumaEntryPage && uptimeKumaEntryPage.startsWith("statusPage-")) {
response.redirect("/status/" + uptimeKumaEntryPage.replace("statusPage-", ""));
2022-05-30 07:45:44 +00:00
} else {
response.redirect("/dashboard");
}
});
app.get("/setup-database-info", (request, response) => {
allowDevAllOrigin(response);
response.json({
runningSetup: false,
needSetup: false,
});
});
2022-04-17 11:30:58 +00:00
if (isDev) {
app.use(express.urlencoded({ extended: true }));
2022-04-17 11:30:58 +00:00
app.post("/test-webhook", async (request, response) => {
log.debug("test", request.headers);
2022-04-17 11:30:58 +00:00
log.debug("test", request.body);
response.send("OK");
});
app.post("/test-x-www-form-urlencoded", async (request, response) => {
log.debug("test", request.headers);
log.debug("test", request.body);
response.send("OK");
});
const fs = require("fs");
app.get("/_e2e/take-sqlite-snapshot", async (request, response) => {
await Database.close();
try {
fs.cpSync(Database.sqlitePath, `${Database.sqlitePath}.e2e-snapshot`);
} catch (err) {
throw new Error("Unable to copy SQLite DB.");
}
await Database.connect();
response.send("Snapshot taken.");
});
app.get("/_e2e/restore-sqlite-snapshot", async (request, response) => {
if (!fs.existsSync(`${Database.sqlitePath}.e2e-snapshot`)) {
throw new Error("Snapshot doesn't exist.");
}
await Database.close();
try {
fs.cpSync(`${Database.sqlitePath}.e2e-snapshot`, Database.sqlitePath);
} catch (err) {
throw new Error("Unable to copy snapshot file.");
}
await Database.connect();
response.send("Snapshot restored.");
});
2022-04-17 11:30:58 +00:00
}
2021-08-09 10:16:27 +00:00
// Robots.txt
app.get("/robots.txt", async (_request, response) => {
let txt = "User-agent: *\nDisallow:";
if (!await setting("searchEngineIndex")) {
2021-08-09 10:16:27 +00:00
txt += " /";
}
response.setHeader("Content-Type", "text/plain");
response.send(txt);
});
2021-06-25 13:55:49 +00:00
2021-07-27 16:52:31 +00:00
// Basic Auth Router here
// Prometheus API metrics /metrics
// With Basic Auth using the first user's username/password
app.get("/metrics", apiAuth, prometheusAPIMetrics());
2021-08-09 10:16:27 +00:00
app.use("/", expressStaticGzip("dist", {
enableBrotli: true,
}));
2021-07-22 07:22:15 +00:00
// ./data/upload
app.use("/upload", express.static(Database.uploadDir));
2021-09-14 04:10:25 +00:00
app.get("/.well-known/change-password", async (_, response) => {
response.redirect("https://github.com/louislam/uptime-kuma/wiki/Reset-Password-via-CLI");
});
2021-09-14 06:55:45 +00:00
// API Router
const apiRouter = require("./routers/api-router");
app.use(apiRouter);
2021-09-11 11:40:03 +00:00
2022-05-30 07:45:44 +00:00
// Status Page Router
const statusPageRouter = require("./routers/status-page-router");
app.use(statusPageRouter);
2021-10-19 06:26:10 +00:00
// Universal Route Handler, must be at the end of all express routes.
2021-08-09 10:16:27 +00:00
app.get("*", async (_request, response) => {
if (_request.originalUrl.startsWith("/upload/")) {
response.status(404).send("File not found.");
} else {
2022-05-30 07:45:44 +00:00
response.send(server.indexHTML);
}
2021-07-09 06:14:03 +00:00
});
log.debug("server", "Adding socket handler");
2021-07-27 17:47:13 +00:00
io.on("connection", async (socket) => {
2021-07-13 10:08:12 +00:00
await sendInfo(socket, true);
2021-07-13 10:08:12 +00:00
2021-07-11 05:47:57 +00:00
if (needSetup) {
log.info("server", "Redirect to setup page");
socket.emit("setup");
2021-07-11 05:47:57 +00:00
}
2021-07-30 03:33:44 +00:00
// ***************************
2021-09-11 11:40:03 +00:00
// Public Socket API
2021-07-30 03:33:44 +00:00
// ***************************
2021-06-25 13:55:49 +00:00
socket.on("loginByToken", async (token, callback) => {
2022-07-31 15:36:33 +00:00
const clientIP = await server.getClientIP(socket);
log.info("auth", `Login by token. IP=${clientIP}`);
2021-06-25 13:55:49 +00:00
try {
2023-06-27 07:54:33 +00:00
let decoded = jwt.verify(token, server.jwtSecret);
2021-06-25 13:55:49 +00:00
log.info("auth", "Username from JWT: " + decoded.username);
2021-06-25 13:55:49 +00:00
let user = await R.findOne("user", " username = ? AND active = 1 ", [
2021-07-27 17:47:13 +00:00
decoded.username,
]);
2021-06-25 13:55:49 +00:00
if (user) {
// Check if the password changed
if (decoded.h !== shake256(user.password, SHAKE256_LENGTH)) {
throw new Error("The token is invalid due to password change or old token");
}
log.debug("auth", "afterLogin");
await afterLogin(socket, user);
log.debug("auth", "afterLogin ok");
2021-06-25 13:55:49 +00:00
2022-07-31 15:36:33 +00:00
log.info("auth", `Successfully logged in user ${decoded.username}. IP=${clientIP}`);
2021-08-03 17:03:40 +00:00
2021-06-25 13:55:49 +00:00
callback({
ok: true,
});
2021-06-25 13:55:49 +00:00
} else {
2021-11-11 11:31:28 +00:00
2022-07-31 15:36:33 +00:00
log.info("auth", `Inactive or deleted user ${decoded.username}. IP=${clientIP}`);
2021-11-11 11:31:28 +00:00
2021-06-25 13:55:49 +00:00
callback({
ok: false,
msg: "authUserInactiveOrDeleted",
msgi18n: true,
});
2021-06-25 13:55:49 +00:00
}
} catch (error) {
2022-07-31 15:36:33 +00:00
log.error("auth", `Invalid token. IP=${clientIP}`);
if (error.message) {
log.error("auth", error.message, `IP=${clientIP}`);
}
2021-06-25 13:55:49 +00:00
callback({
ok: false,
msg: "authInvalidToken",
msgi18n: true,
});
2021-06-25 13:55:49 +00:00
}
});
socket.on("login", async (data, callback) => {
2022-07-31 15:36:33 +00:00
const clientIP = await server.getClientIP(socket);
log.info("auth", `Login by username + password. IP=${clientIP}`);
2021-06-25 13:55:49 +00:00
2022-03-29 09:38:48 +00:00
// Checking
if (typeof callback !== "function") {
return;
}
if (!data) {
return;
}
2021-06-25 13:55:49 +00:00
2021-10-23 08:35:13 +00:00
// Login Rate Limit
if (!await loginRateLimiter.pass(callback)) {
2022-07-31 15:36:33 +00:00
log.info("auth", `Too many failed requests for user ${data.username}. IP=${clientIP}`);
2021-10-23 08:35:13 +00:00
return;
}
let user = await login(data.username, data.password);
2021-07-13 14:22:46 +00:00
2021-07-27 16:52:31 +00:00
if (user) {
2022-04-25 22:26:26 +00:00
if (user.twofa_status === 0) {
await afterLogin(socket, user);
2021-11-11 11:31:28 +00:00
2022-07-31 15:36:33 +00:00
log.info("auth", `Successfully logged in user ${data.username}. IP=${clientIP}`);
2021-11-11 11:31:28 +00:00
callback({
ok: true,
token: User.createJWT(user, server.jwtSecret),
});
}
2022-04-25 22:26:26 +00:00
if (user.twofa_status === 1 && !data.token) {
2021-11-11 11:31:28 +00:00
2022-07-31 15:36:33 +00:00
log.info("auth", `2FA token required for user ${data.username}. IP=${clientIP}`);
2021-11-11 11:31:28 +00:00
callback({
tokenRequired: true,
});
}
if (data.token) {
let verify = notp.totp.verify(data.token, user.twofa_secret, twoFAVerifyOptions);
2021-10-18 22:42:33 +00:00
if (user.twofa_last_token !== data.token && verify) {
await afterLogin(socket, user);
2021-10-18 22:42:33 +00:00
await R.exec("UPDATE `user` SET twofa_last_token = ? WHERE id = ? ", [
data.token,
socket.userID,
]);
2022-07-31 15:36:33 +00:00
log.info("auth", `Successfully logged in user ${data.username}. IP=${clientIP}`);
2021-11-11 11:31:28 +00:00
callback({
ok: true,
token: User.createJWT(user, server.jwtSecret),
});
} else {
2021-11-11 11:31:28 +00:00
2022-07-31 15:36:33 +00:00
log.warn("auth", `Invalid token provided for user ${data.username}. IP=${clientIP}`);
2021-11-11 11:31:28 +00:00
callback({
ok: false,
msg: "authInvalidToken",
msgi18n: true,
});
}
}
2021-06-25 13:55:49 +00:00
} else {
2021-11-11 11:31:28 +00:00
2022-07-31 15:36:33 +00:00
log.warn("auth", `Incorrect username or password for user ${data.username}. IP=${clientIP}`);
2021-11-11 11:31:28 +00:00
2021-06-25 13:55:49 +00:00
callback({
ok: false,
msg: "authIncorrectCreds",
msgi18n: true,
});
2021-06-25 13:55:49 +00:00
}
});
socket.on("logout", async (callback) => {
2022-03-29 09:38:48 +00:00
// Rate Limit
if (!await loginRateLimiter.pass(callback)) {
2022-03-29 09:38:48 +00:00
return;
}
socket.leave(socket.userID);
2021-06-25 13:55:49 +00:00
socket.userID = null;
2022-03-29 09:38:48 +00:00
if (typeof callback === "function") {
callback();
}
2021-07-11 05:47:57 +00:00
});
2022-03-29 09:38:48 +00:00
socket.on("prepare2FA", async (currentPassword, callback) => {
try {
if (!await twoFaRateLimiter.pass(callback)) {
2022-03-29 09:38:48 +00:00
return;
}
checkLogin(socket);
2022-03-29 09:38:48 +00:00
await doubleCheckPassword(socket, currentPassword);
let user = await R.findOne("user", " id = ? AND active = 1 ", [
socket.userID,
]);
2022-04-25 22:26:26 +00:00
if (user.twofa_status === 0) {
2021-10-18 09:37:11 +00:00
let newSecret = genSecret();
let encodedSecret = base32.encode(newSecret);
// Google authenticator doesn't like equal signs
// The fix is found at https://github.com/guyht/notp
// Related issue: https://github.com/louislam/uptime-kuma/issues/486
encodedSecret = encodedSecret.toString().replace(/=/g, "");
2021-09-11 18:25:51 +00:00
let uri = `otpauth://totp/Uptime%20Kuma:${user.username}?secret=${encodedSecret}`;
await R.exec("UPDATE `user` SET twofa_secret = ? WHERE id = ? ", [
newSecret,
socket.userID,
]);
callback({
ok: true,
uri: uri,
});
} else {
callback({
ok: false,
msg: "2faAlreadyEnabled",
msgi18n: true,
});
}
} catch (error) {
callback({
ok: false,
2022-03-29 09:38:48 +00:00
msg: error.message,
});
}
});
2022-03-29 09:38:48 +00:00
socket.on("save2FA", async (currentPassword, callback) => {
2022-07-31 15:36:33 +00:00
const clientIP = await server.getClientIP(socket);
try {
if (!await twoFaRateLimiter.pass(callback)) {
2022-03-29 09:38:48 +00:00
return;
}
checkLogin(socket);
2022-03-29 09:38:48 +00:00
await doubleCheckPassword(socket, currentPassword);
await R.exec("UPDATE `user` SET twofa_status = 1 WHERE id = ? ", [
socket.userID,
]);
2022-07-31 15:36:33 +00:00
log.info("auth", `Saved 2FA token. IP=${clientIP}`);
2021-11-11 11:31:28 +00:00
callback({
ok: true,
msg: "2faEnabled",
msgi18n: true,
});
} catch (error) {
2021-11-11 11:31:28 +00:00
2022-07-31 15:36:33 +00:00
log.error("auth", `Error changing 2FA token. IP=${clientIP}`);
2021-11-11 11:31:28 +00:00
callback({
ok: false,
2022-03-29 09:38:48 +00:00
msg: error.message,
});
}
});
2022-03-29 09:38:48 +00:00
socket.on("disable2FA", async (currentPassword, callback) => {
2022-07-31 15:36:33 +00:00
const clientIP = await server.getClientIP(socket);
try {
if (!await twoFaRateLimiter.pass(callback)) {
2022-03-29 09:38:48 +00:00
return;
}
checkLogin(socket);
2022-03-29 09:38:48 +00:00
await doubleCheckPassword(socket, currentPassword);
2021-11-18 10:22:03 +00:00
await TwoFA.disable2FA(socket.userID);
2022-07-31 15:36:33 +00:00
log.info("auth", `Disabled 2FA token. IP=${clientIP}`);
2021-11-11 11:31:28 +00:00
callback({
ok: true,
msg: "2faDisabled",
msgi18n: true,
});
} catch (error) {
2021-11-11 11:31:28 +00:00
2022-07-31 15:36:33 +00:00
log.error("auth", `Error disabling 2FA token. IP=${clientIP}`);
2021-11-11 11:31:28 +00:00
callback({
ok: false,
2022-03-29 09:38:48 +00:00
msg: error.message,
});
}
});
2022-03-29 09:38:48 +00:00
socket.on("verifyToken", async (token, currentPassword, callback) => {
try {
checkLogin(socket);
await doubleCheckPassword(socket, currentPassword);
2022-03-29 09:38:48 +00:00
let user = await R.findOne("user", " id = ? AND active = 1 ", [
socket.userID,
]);
let verify = notp.totp.verify(token, user.twofa_secret, twoFAVerifyOptions);
2022-03-29 09:38:48 +00:00
if (user.twofa_last_token !== token && verify) {
callback({
ok: true,
valid: true,
});
} else {
callback({
ok: false,
msg: "authInvalidToken",
msgi18n: true,
2022-03-29 09:38:48 +00:00
valid: false,
});
}
} catch (error) {
callback({
ok: false,
2022-03-29 09:38:48 +00:00
msg: error.message,
});
}
});
socket.on("twoFAStatus", async (callback) => {
try {
2022-03-29 09:38:48 +00:00
checkLogin(socket);
let user = await R.findOne("user", " id = ? AND active = 1 ", [
socket.userID,
]);
2022-04-25 22:26:26 +00:00
if (user.twofa_status === 1) {
callback({
ok: true,
status: true,
});
} else {
callback({
ok: true,
status: false,
});
}
} catch (error) {
callback({
ok: false,
2022-03-29 09:38:48 +00:00
msg: error.message,
});
}
});
2021-07-11 05:47:57 +00:00
socket.on("needSetup", async (callback) => {
callback(needSetup);
});
socket.on("setup", async (username, password, callback) => {
try {
2021-10-21 14:54:04 +00:00
if (passwordStrength(password).value === "Too weak") {
throw new Error("Password is too weak. It should contain alphabetic and numeric characters. It must be at least 6 characters in length.");
}
2023-04-03 11:36:07 +00:00
if ((await R.knex("user").count("id as count").first()).count !== 0) {
2021-10-18 20:35:47 +00:00
throw new Error("Uptime Kuma has been initialized. If you want to run setup again, please delete the database.");
2021-07-11 05:47:57 +00:00
}
let user = R.dispense("user");
2021-07-11 05:47:57 +00:00
user.username = username;
user.password = passwordHash.generate(password);
await R.store(user);
2021-07-11 05:47:57 +00:00
needSetup = false;
callback({
ok: true,
msg: "successAdded",
msgi18n: true,
2021-07-11 05:47:57 +00:00
});
} catch (e) {
callback({
ok: false,
2021-07-27 17:47:13 +00:00
msg: e.message,
2021-07-11 05:47:57 +00:00
});
}
2021-06-25 13:55:49 +00:00
});
2021-07-30 03:33:44 +00:00
// ***************************
2021-06-25 13:55:49 +00:00
// Auth Only API
2021-07-30 03:33:44 +00:00
// ***************************
2021-06-25 13:55:49 +00:00
2021-07-30 11:18:26 +00:00
// Add a new monitor
2021-06-25 13:55:49 +00:00
socket.on("add", async (monitor, callback) => {
try {
checkLogin(socket);
let bean = R.dispense("monitor");
let notificationIDList = monitor.notificationIDList;
delete monitor.notificationIDList;
// Ensure status code ranges are strings
if (!monitor.accepted_statuscodes.every((code) => typeof code === "string")) {
throw new Error("Accepted status codes are not all strings");
}
2021-08-06 18:10:38 +00:00
monitor.accepted_statuscodes_json = JSON.stringify(monitor.accepted_statuscodes);
delete monitor.accepted_statuscodes;
✨ feat: added kafka producer (#3268) * ✨ feat: added kafka producer Signed-off-by: Muhammed Hussein Karimi <info@karimi.dev> * 🐛 fix: eslint warn Signed-off-by: Muhammed Hussein Karimi <info@karimi.dev> * 🐛 fix: typings and auth problems Signed-off-by: Muhammed Hussein Karimi <info@karimi.dev> * 🐛 fix: better variable name to trrack disconnection Signed-off-by: Muhammed Hussein Karimi <info@karimi.dev> * 🐛 fix: grouping Kafka Producer special settings into one template Signed-off-by: Muhammed Hussein Karimi <info@karimi.dev> * ✨ feat: add kafka producer translations into `en.json` Signed-off-by: Muhammed Hussein Karimi <info@karimi.dev> * 🐛 fix: disable close-on-select on kafka broker picker Signed-off-by: Muhammed Hussein Karimi <info@karimi.dev> * 🐛 fix: `en.json` invalid json (conflict resolve) Signed-off-by: Muhammed Hussein Karimi <info@karimi.dev> * Nostr dm notifications (#3051) * Add nostr DM notification provider * require crypto for node 18 compatibility * remove whitespace Co-authored-by: Frank Elsinga <frank@elsinga.de> * move closer to where it is used * simplify success or failure logic * don't clobber the non-alert msg * Update server/notification-providers/nostr.js Co-authored-by: Frank Elsinga <frank@elsinga.de> * polyfills required for node <= 18 * resolve linter warnings * missing comma --------- Co-authored-by: Frank Elsinga <frank@elsinga.de> * Drop nostr * Minor * Fix a bug of clone --------- Signed-off-by: Muhammed Hussein Karimi <info@karimi.dev> Co-authored-by: Frank Elsinga <frank@elsinga.de> Co-authored-by: Louis Lam <louislam@users.noreply.github.com>
2023-07-17 08:15:44 +00:00
monitor.kafkaProducerBrokers = JSON.stringify(monitor.kafkaProducerBrokers);
monitor.kafkaProducerSaslOptions = JSON.stringify(monitor.kafkaProducerSaslOptions);
2024-08-30 19:48:13 +00:00
monitor.conditions = JSON.stringify(monitor.conditions);
monitor.rabbitmqNodes = JSON.stringify(monitor.rabbitmqNodes);
bean.import(monitor);
bean.user_id = socket.userID;
2022-12-08 15:21:55 +00:00
bean.validate();
await R.store(bean);
2021-06-25 13:55:49 +00:00
await updateMonitorNotification(bean.id, notificationIDList);
await server.sendUpdateMonitorIntoList(socket, bean.id);
if (monitor.active !== false) {
await startMonitor(socket.userID, bean.id);
}
2021-06-27 08:10:55 +00:00
log.info("monitor", `Added Monitor: ${bean.id} User ID: ${socket.userID}`);
2021-11-11 11:31:28 +00:00
2021-06-25 13:55:49 +00:00
callback({
ok: true,
msg: "successAdded",
msgi18n: true,
2021-07-27 17:47:13 +00:00
monitorID: bean.id,
2021-06-25 13:55:49 +00:00
});
2021-06-27 08:10:55 +00:00
} catch (e) {
2021-11-11 11:31:28 +00:00
log.error("monitor", `Error adding Monitor: ${monitor.id} User ID: ${socket.userID}`);
2021-11-11 11:31:28 +00:00
2021-06-27 08:10:55 +00:00
callback({
ok: false,
2021-07-27 17:47:13 +00:00
msg: e.message,
2021-06-27 08:10:55 +00:00
});
}
});
2021-07-30 11:18:26 +00:00
// Edit a monitor
2021-06-27 08:10:55 +00:00
socket.on("editMonitor", async (monitor, callback) => {
try {
let removeGroupChildren = false;
checkLogin(socket);
2021-06-27 08:10:55 +00:00
let bean = await R.findOne("monitor", " id = ? ", [ monitor.id ]);
2021-06-27 08:10:55 +00:00
if (bean.user_id !== socket.userID) {
throw new Error("Permission denied.");
2021-06-27 08:10:55 +00:00
}
// Check if Parent is Descendant (would cause endless loop)
if (monitor.parent !== null) {
const childIDs = await Monitor.getAllChildrenIDs(monitor.id);
if (childIDs.includes(monitor.parent)) {
throw new Error("Invalid Monitor Group");
}
}
// Remove children if monitor type has changed (from group to non-group)
if (bean.type === "group" && monitor.type !== bean.type) {
removeGroupChildren = true;
}
// Ensure status code ranges are strings
if (!monitor.accepted_statuscodes.every((code) => typeof code === "string")) {
throw new Error("Accepted status codes are not all strings");
}
bean.name = monitor.name;
bean.description = monitor.description;
bean.parent = monitor.parent;
bean.type = monitor.type;
bean.url = monitor.url;
bean.method = monitor.method;
bean.body = monitor.body;
bean.headers = monitor.headers;
bean.basic_auth_user = monitor.basic_auth_user;
bean.basic_auth_pass = monitor.basic_auth_pass;
bean.timeout = monitor.timeout;
bean.oauth_client_id = monitor.oauth_client_id;
bean.oauth_client_secret = monitor.oauth_client_secret;
bean.oauth_auth_method = monitor.oauth_auth_method;
bean.oauth_token_url = monitor.oauth_token_url;
bean.oauth_scopes = monitor.oauth_scopes;
bean.tlsCa = monitor.tlsCa;
bean.tlsCert = monitor.tlsCert;
bean.tlsKey = monitor.tlsKey;
bean.interval = monitor.interval;
bean.retryInterval = monitor.retryInterval;
2022-01-23 14:22:57 +00:00
bean.resendInterval = monitor.resendInterval;
2021-07-01 06:03:06 +00:00
bean.hostname = monitor.hostname;
2023-01-08 08:22:36 +00:00
bean.game = monitor.game;
bean.maxretries = monitor.maxretries;
2022-06-21 14:33:09 +00:00
bean.port = parseInt(monitor.port);
2023-02-12 07:14:41 +00:00
if (isNaN(bean.port)) {
bean.port = null;
}
2021-07-01 09:19:28 +00:00
bean.keyword = monitor.keyword;
2023-04-06 00:10:21 +00:00
bean.invertKeyword = monitor.invertKeyword;
2021-07-30 11:18:26 +00:00
bean.ignoreTls = monitor.ignoreTls;
bean.expiryNotification = monitor.expiryNotification;
2021-07-30 11:18:26 +00:00
bean.upsideDown = monitor.upsideDown;
bean.packetSize = monitor.packetSize;
2021-08-08 16:23:51 +00:00
bean.maxredirects = monitor.maxredirects;
bean.accepted_statuscodes_json = JSON.stringify(monitor.accepted_statuscodes);
2021-08-22 22:05:48 +00:00
bean.dns_resolve_type = monitor.dns_resolve_type;
bean.dns_resolve_server = monitor.dns_resolve_server;
2021-09-30 16:09:43 +00:00
bean.pushToken = monitor.pushToken;
bean.docker_container = monitor.docker_container;
bean.docker_host = monitor.docker_host;
bean.proxyId = Number.isInteger(monitor.proxyId) ? monitor.proxyId : null;
2021-12-18 21:35:18 +00:00
bean.mqttUsername = monitor.mqttUsername;
2022-04-18 11:05:14 +00:00
bean.mqttPassword = monitor.mqttPassword;
2021-12-18 21:35:18 +00:00
bean.mqttTopic = monitor.mqttTopic;
bean.mqttSuccessMessage = monitor.mqttSuccessMessage;
bean.mqttCheckType = monitor.mqttCheckType;
2022-05-12 17:48:03 +00:00
bean.databaseConnectionString = monitor.databaseConnectionString;
bean.databaseQuery = monitor.databaseQuery;
2022-05-13 17:58:23 +00:00
bean.authMethod = monitor.authMethod;
bean.authWorkstation = monitor.authWorkstation;
bean.authDomain = monitor.authDomain;
2022-08-20 15:45:11 +00:00
bean.grpcUrl = monitor.grpcUrl;
bean.grpcProtobuf = monitor.grpcProtobuf;
2022-12-28 15:31:33 +00:00
bean.grpcServiceName = monitor.grpcServiceName;
bean.grpcMethod = monitor.grpcMethod;
bean.grpcBody = monitor.grpcBody;
bean.grpcMetadata = monitor.grpcMetadata;
bean.grpcEnableTls = monitor.grpcEnableTls;
2022-05-12 09:48:38 +00:00
bean.radiusUsername = monitor.radiusUsername;
bean.radiusPassword = monitor.radiusPassword;
bean.radiusCalledStationId = monitor.radiusCalledStationId;
bean.radiusCallingStationId = monitor.radiusCallingStationId;
bean.radiusSecret = monitor.radiusSecret;
2022-08-12 00:57:03 +00:00
bean.httpBodyEncoding = monitor.httpBodyEncoding;
✨ feat: json-query monitor added (#3253) * ✨ feat: json-query monitor added Signed-off-by: Muhammed Hussein Karimi <info@karimi.dev> * 🐛 fix: import warning error Signed-off-by: Muhammed Hussein Karimi <info@karimi.dev> * 🐛 fix: br tag and remove comment Signed-off-by: Muhammed Hussein Karimi <info@karimi.dev> * 🐛 fix: supporting compare string with other types Signed-off-by: Muhammed Hussein Karimi <info@karimi.dev> * 🐛 fix: switch to a better lib for json query Signed-off-by: Muhammed Hussein Karimi <info@karimi.dev> * 🐛 fix: better description on json query and using `v-html` in jsonQueryDescription element to fix `a` tags Signed-off-by: Muhammed Hussein Karimi <info@karimi.dev> * 🐛 fix: result variable in error message Signed-off-by: Muhammed Hussein Karimi <info@karimi.dev> * 🐛 fix: typos in json query description Co-authored-by: Frank Elsinga <frank@elsinga.de> * 📝 docs: `HTTP(s) Json Query` added to monitor list in `README.md` Signed-off-by: Muhammed Hussein Karimi <info@karimi.dev> * 🐛 fix: needed white space in `README.md` Co-authored-by: Frank Elsinga <frank@elsinga.de> * Nostr dm notifications (#3051) * Add nostr DM notification provider * require crypto for node 18 compatibility * remove whitespace Co-authored-by: Frank Elsinga <frank@elsinga.de> * move closer to where it is used * simplify success or failure logic * don't clobber the non-alert msg * Update server/notification-providers/nostr.js Co-authored-by: Frank Elsinga <frank@elsinga.de> * polyfills required for node <= 18 * resolve linter warnings * missing comma --------- Co-authored-by: Frank Elsinga <frank@elsinga.de> * Drop nostr * Rebuild package-lock.json * Lint --------- Signed-off-by: Muhammed Hussein Karimi <info@karimi.dev> Co-authored-by: Frank Elsinga <frank@elsinga.de> Co-authored-by: zappityzap <128872140+zappityzap@users.noreply.github.com> Co-authored-by: Louis Lam <louislam@users.noreply.github.com>
2023-07-13 15:37:26 +00:00
bean.expectedValue = monitor.expectedValue;
bean.jsonPath = monitor.jsonPath;
✨ feat: added kafka producer (#3268) * ✨ feat: added kafka producer Signed-off-by: Muhammed Hussein Karimi <info@karimi.dev> * 🐛 fix: eslint warn Signed-off-by: Muhammed Hussein Karimi <info@karimi.dev> * 🐛 fix: typings and auth problems Signed-off-by: Muhammed Hussein Karimi <info@karimi.dev> * 🐛 fix: better variable name to trrack disconnection Signed-off-by: Muhammed Hussein Karimi <info@karimi.dev> * 🐛 fix: grouping Kafka Producer special settings into one template Signed-off-by: Muhammed Hussein Karimi <info@karimi.dev> * ✨ feat: add kafka producer translations into `en.json` Signed-off-by: Muhammed Hussein Karimi <info@karimi.dev> * 🐛 fix: disable close-on-select on kafka broker picker Signed-off-by: Muhammed Hussein Karimi <info@karimi.dev> * 🐛 fix: `en.json` invalid json (conflict resolve) Signed-off-by: Muhammed Hussein Karimi <info@karimi.dev> * Nostr dm notifications (#3051) * Add nostr DM notification provider * require crypto for node 18 compatibility * remove whitespace Co-authored-by: Frank Elsinga <frank@elsinga.de> * move closer to where it is used * simplify success or failure logic * don't clobber the non-alert msg * Update server/notification-providers/nostr.js Co-authored-by: Frank Elsinga <frank@elsinga.de> * polyfills required for node <= 18 * resolve linter warnings * missing comma --------- Co-authored-by: Frank Elsinga <frank@elsinga.de> * Drop nostr * Minor * Fix a bug of clone --------- Signed-off-by: Muhammed Hussein Karimi <info@karimi.dev> Co-authored-by: Frank Elsinga <frank@elsinga.de> Co-authored-by: Louis Lam <louislam@users.noreply.github.com>
2023-07-17 08:15:44 +00:00
bean.kafkaProducerTopic = monitor.kafkaProducerTopic;
bean.kafkaProducerBrokers = JSON.stringify(monitor.kafkaProducerBrokers);
bean.kafkaProducerAllowAutoTopicCreation = monitor.kafkaProducerAllowAutoTopicCreation;
bean.kafkaProducerSaslOptions = JSON.stringify(monitor.kafkaProducerSaslOptions);
bean.kafkaProducerMessage = monitor.kafkaProducerMessage;
bean.cacheBust = monitor.cacheBust;
bean.kafkaProducerSsl = monitor.kafkaProducerSsl;
bean.kafkaProducerAllowAutoTopicCreation =
monitor.kafkaProducerAllowAutoTopicCreation;
bean.gamedigGivenPortOnly = monitor.gamedigGivenPortOnly;
bean.remote_browser = monitor.remote_browser;
bean.snmpVersion = monitor.snmpVersion;
bean.snmpOid = monitor.snmpOid;
bean.jsonPathOperator = monitor.jsonPathOperator;
bean.timeout = monitor.timeout;
bean.rabbitmqNodes = JSON.stringify(monitor.rabbitmqNodes);
bean.rabbitmqUsername = monitor.rabbitmqUsername;
bean.rabbitmqPassword = monitor.rabbitmqPassword;
2024-08-30 19:48:13 +00:00
bean.conditions = JSON.stringify(monitor.conditions);
2021-06-27 08:10:55 +00:00
2022-12-08 15:21:55 +00:00
bean.validate();
await R.store(bean);
2021-06-27 08:10:55 +00:00
if (removeGroupChildren) {
await Monitor.unlinkAllChildren(monitor.id);
}
await updateMonitorNotification(bean.id, monitor.notificationIDList);
if (await Monitor.isActive(bean.id, bean.active)) {
await restartMonitor(socket.userID, bean.id);
2021-06-27 08:10:55 +00:00
}
await server.sendUpdateMonitorIntoList(socket, bean.id);
2021-06-25 13:55:49 +00:00
2021-06-27 08:10:55 +00:00
callback({
ok: true,
msg: "Saved.",
msgi18n: true,
2021-07-27 17:47:13 +00:00
monitorID: bean.id,
2021-06-27 08:10:55 +00:00
});
2021-06-25 13:55:49 +00:00
} catch (e) {
log.error("monitor", e);
2021-06-25 13:55:49 +00:00
callback({
ok: false,
2021-07-27 17:47:13 +00:00
msg: e.message,
2021-06-25 13:55:49 +00:00
});
}
});
socket.on("getMonitorList", async (callback) => {
try {
checkLogin(socket);
2022-04-07 15:02:57 +00:00
await server.sendMonitorList(socket);
callback({
ok: true,
});
} catch (e) {
log.error("monitor", e);
callback({
ok: false,
msg: e.message,
});
}
});
2021-06-25 13:55:49 +00:00
socket.on("getMonitor", async (monitorID, callback) => {
try {
checkLogin(socket);
2021-06-25 13:55:49 +00:00
log.info("monitor", `Get Monitor: ${monitorID} User ID: ${socket.userID}`);
2021-06-25 13:55:49 +00:00
let monitor = await R.findOne("monitor", " id = ? AND user_id = ? ", [
2021-06-25 13:55:49 +00:00
monitorID,
socket.userID,
]);
const monitorData = [{ id: monitor.id,
active: monitor.active
}];
const preloadData = await Monitor.preparePreloadData(monitorData);
2021-06-25 13:55:49 +00:00
callback({
ok: true,
monitor: monitor.toJSON(preloadData),
2021-06-25 13:55:49 +00:00
});
} catch (e) {
callback({
ok: false,
2021-07-27 17:47:13 +00:00
msg: e.message,
2021-06-25 13:55:49 +00:00
});
}
});
socket.on("getMonitorBeats", async (monitorID, period, callback) => {
try {
checkLogin(socket);
log.info("monitor", `Get Monitor Beats: ${monitorID} User ID: ${socket.userID}`);
if (period == null) {
throw new Error("Invalid period.");
}
2023-02-12 08:59:07 +00:00
const sqlHourOffset = Database.sqlHourOffset();
let list = await R.getAll(`
SELECT *
FROM heartbeat
WHERE monitor_id = ?
2023-02-12 08:59:07 +00:00
AND time > ${sqlHourOffset}
ORDER BY time ASC
`, [
monitorID,
2023-02-12 08:59:07 +00:00
-period,
]);
callback({
ok: true,
data: list,
});
} catch (e) {
callback({
ok: false,
msg: e.message,
});
}
});
2021-06-25 13:55:49 +00:00
// Start or Resume the monitor
socket.on("resumeMonitor", async (monitorID, callback) => {
try {
checkLogin(socket);
2021-06-25 13:55:49 +00:00
await startMonitor(socket.userID, monitorID);
await server.sendUpdateMonitorIntoList(socket, monitorID);
2021-06-25 13:55:49 +00:00
callback({
ok: true,
msg: "successResumed",
msgi18n: true,
2021-06-25 13:55:49 +00:00
});
} catch (e) {
callback({
ok: false,
2021-07-27 17:47:13 +00:00
msg: e.message,
2021-06-25 13:55:49 +00:00
});
}
});
socket.on("pauseMonitor", async (monitorID, callback) => {
try {
checkLogin(socket);
await pauseMonitor(socket.userID, monitorID);
await server.sendUpdateMonitorIntoList(socket, monitorID);
2021-06-25 13:55:49 +00:00
callback({
ok: true,
msg: "successPaused",
msgi18n: true,
2021-06-25 13:55:49 +00:00
});
} catch (e) {
callback({
ok: false,
2021-07-27 17:47:13 +00:00
msg: e.message,
2021-06-25 13:55:49 +00:00
});
}
});
socket.on("deleteMonitor", async (monitorID, callback) => {
try {
checkLogin(socket);
2021-06-25 13:55:49 +00:00
log.info("manage", `Delete Monitor: ${monitorID} User ID: ${socket.userID}`);
2021-06-25 13:55:49 +00:00
2022-04-07 14:53:32 +00:00
if (monitorID in server.monitorList) {
2023-02-23 16:16:49 +00:00
await server.monitorList[monitorID].stop();
2022-04-07 14:53:32 +00:00
delete server.monitorList[monitorID];
2021-06-25 13:55:49 +00:00
}
const startTime = Date.now();
2021-06-25 13:55:49 +00:00
await R.exec("DELETE FROM monitor WHERE id = ? AND user_id = ? ", [
monitorID,
2021-07-27 17:47:13 +00:00
socket.userID,
2021-06-25 13:55:49 +00:00
]);
2023-03-05 07:59:43 +00:00
// Fix #2880
apicache.clear();
const endTime = Date.now();
log.info("DB", `Delete Monitor completed in : ${endTime - startTime} ms`);
2021-06-25 13:55:49 +00:00
callback({
ok: true,
msg: "successDeleted",
msgi18n: true,
2021-06-25 13:55:49 +00:00
});
await server.sendDeleteMonitorFromList(socket, monitorID);
2021-06-25 13:55:49 +00:00
} catch (e) {
callback({
ok: false,
msg: e.message,
});
}
});
socket.on("getTags", async (callback) => {
try {
checkLogin(socket);
const list = await R.findAll("tag");
callback({
ok: true,
tags: list.map(bean => bean.toJSON()),
});
} catch (e) {
callback({
ok: false,
msg: e.message,
});
}
});
socket.on("addTag", async (tag, callback) => {
try {
checkLogin(socket);
let bean = R.dispense("tag");
bean.name = tag.name;
bean.color = tag.color;
await R.store(bean);
callback({
ok: true,
tag: await bean.toJSON(),
});
} catch (e) {
callback({
ok: false,
msg: e.message,
});
}
});
socket.on("editTag", async (tag, callback) => {
try {
checkLogin(socket);
let bean = await R.findOne("tag", " id = ? ", [ tag.id ]);
if (bean == null) {
callback({
ok: false,
msg: "tagNotFound",
msgi18n: true,
});
return;
}
bean.name = tag.name;
bean.color = tag.color;
await R.store(bean);
callback({
ok: true,
msg: "Saved.",
msgi18n: true,
tag: await bean.toJSON(),
});
} catch (e) {
callback({
ok: false,
msg: e.message,
});
}
});
socket.on("deleteTag", async (tagID, callback) => {
try {
checkLogin(socket);
await R.exec("DELETE FROM tag WHERE id = ? ", [ tagID ]);
callback({
ok: true,
msg: "successDeleted",
msgi18n: true,
});
} catch (e) {
callback({
ok: false,
msg: e.message,
});
}
});
socket.on("addMonitorTag", async (tagID, monitorID, value, callback) => {
try {
checkLogin(socket);
await R.exec("INSERT INTO monitor_tag (tag_id, monitor_id, value) VALUES (?, ?, ?)", [
tagID,
monitorID,
value,
]);
callback({
ok: true,
msg: "successAdded",
msgi18n: true,
});
} catch (e) {
callback({
ok: false,
msg: e.message,
});
}
});
socket.on("editMonitorTag", async (tagID, monitorID, value, callback) => {
try {
checkLogin(socket);
await R.exec("UPDATE monitor_tag SET value = ? WHERE tag_id = ? AND monitor_id = ?", [
value,
tagID,
monitorID,
]);
callback({
ok: true,
msg: "successEdited",
msgi18n: true,
});
} catch (e) {
callback({
ok: false,
msg: e.message,
});
}
});
socket.on("deleteMonitorTag", async (tagID, monitorID, value, callback) => {
try {
checkLogin(socket);
await R.exec("DELETE FROM monitor_tag WHERE tag_id = ? AND monitor_id = ? AND value = ?", [
tagID,
monitorID,
value,
]);
callback({
ok: true,
msg: "successDeleted",
msgi18n: true,
});
} catch (e) {
2021-06-25 13:55:49 +00:00
callback({
ok: false,
2021-07-27 17:47:13 +00:00
msg: e.message,
2021-06-25 13:55:49 +00:00
});
}
});
socket.on("monitorImportantHeartbeatListCount", async (monitorID, callback) => {
try {
checkLogin(socket);
let count;
if (monitorID == null) {
count = await R.count("heartbeat", "important = 1");
} else {
count = await R.count("heartbeat", "monitor_id = ? AND important = 1", [
monitorID,
]);
}
callback({
ok: true,
count: count,
});
} catch (e) {
callback({
ok: false,
msg: e.message,
});
}
});
socket.on("monitorImportantHeartbeatListPaged", async (monitorID, offset, count, callback) => {
try {
checkLogin(socket);
let list;
if (monitorID == null) {
list = await R.find("heartbeat", `
important = 1
ORDER BY time DESC
LIMIT ?
OFFSET ?
`, [
count,
offset,
]);
} else {
list = await R.find("heartbeat", `
monitor_id = ?
AND important = 1
ORDER BY time DESC
LIMIT ?
OFFSET ?
`, [
monitorID,
count,
offset,
]);
}
callback({
ok: true,
data: list,
});
} catch (e) {
2021-06-25 13:55:49 +00:00
callback({
ok: false,
2021-07-27 17:47:13 +00:00
msg: e.message,
2021-06-25 13:55:49 +00:00
});
}
});
socket.on("changePassword", async (password, callback) => {
try {
checkLogin(socket);
2021-06-25 13:55:49 +00:00
if (!password.newPassword) {
throw new Error("Invalid new password");
2021-06-25 13:55:49 +00:00
}
2021-10-21 14:54:04 +00:00
if (passwordStrength(password.newPassword).value === "Too weak") {
throw new Error("Password is too weak. It should contain alphabetic and numeric characters. It must be at least 6 characters in length.");
}
2022-03-29 09:38:48 +00:00
let user = await doubleCheckPassword(socket, password.currentPassword);
await user.resetPassword(password.newPassword);
2021-06-25 13:55:49 +00:00
server.disconnectAllSocketClients(user.id, socket.id);
2022-03-29 09:38:48 +00:00
callback({
ok: true,
token: User.createJWT(user, server.jwtSecret),
msg: "successAuthChangePassword",
msgi18n: true,
2022-03-29 09:38:48 +00:00
});
2021-06-25 13:55:49 +00:00
} catch (e) {
callback({
ok: false,
2021-07-27 17:47:13 +00:00
msg: e.message,
2021-06-25 13:55:49 +00:00
});
}
});
2021-07-06 06:30:10 +00:00
2021-07-31 13:57:58 +00:00
socket.on("getSettings", async (callback) => {
2021-07-06 06:30:10 +00:00
try {
checkLogin(socket);
const data = await getSettings("general");
2022-10-09 12:59:58 +00:00
if (!data.serverTimezone) {
data.serverTimezone = await server.getTimezone();
}
2021-07-06 06:30:10 +00:00
callback({
ok: true,
2022-10-09 12:59:58 +00:00
data: data,
2021-07-31 13:57:58 +00:00
});
} catch (e) {
callback({
ok: false,
msg: e.message,
});
}
});
2022-03-29 09:38:48 +00:00
socket.on("setSettings", async (data, currentPassword, callback) => {
2021-07-31 13:57:58 +00:00
try {
checkLogin(socket);
2021-07-31 13:57:58 +00:00
2022-04-28 15:12:16 +00:00
// If currently is disabled auth, don't need to check
// Disabled Auth + Want to Disable Auth => No Check
// Disabled Auth + Want to Enable Auth => No Check
// Enabled Auth + Want to Disable Auth => Check!!
// Enabled Auth + Want to Enable Auth => No Check
const currentDisabledAuth = await setting("disableAuth");
2022-04-28 15:12:16 +00:00
if (!currentDisabledAuth && data.disableAuth) {
2022-03-29 09:38:48 +00:00
await doubleCheckPassword(socket, currentPassword);
}
// Log out all clients if enabling auth
// GHSA-23q2-5gf8-gjpp
if (currentDisabledAuth && !data.disableAuth) {
server.disconnectAllSocketClients(socket.userID, socket.id);
}
2023-06-27 07:54:33 +00:00
const previousChromeExecutable = await Settings.get("chromeExecutable");
const previousNSCDStatus = await Settings.get("nscd");
2023-06-27 07:54:33 +00:00
await setSettings("general", data);
2022-10-08 15:56:58 +00:00
server.entryPage = data.entryPage;
2021-07-31 13:57:58 +00:00
2022-10-09 12:59:58 +00:00
// Also need to apply timezone globally
if (data.serverTimezone) {
await server.setTimezone(data.serverTimezone);
}
2021-07-31 13:57:58 +00:00
2023-06-27 07:54:33 +00:00
// If Chrome Executable is changed, need to reset the browser
if (previousChromeExecutable !== data.chromeExecutable) {
log.info("settings", "Chrome executable is changed. Resetting Chrome...");
await resetChrome();
}
// Update nscd status
if (previousNSCDStatus !== data.nscd) {
if (data.nscd) {
await server.startNSCDServices();
} else {
await server.stopNSCDServices();
}
}
2021-07-31 13:57:58 +00:00
callback({
ok: true,
msg: "Saved.",
msgi18n: true,
2021-07-06 06:30:10 +00:00
});
await sendInfo(socket);
await server.sendMaintenanceList(socket);
2021-07-06 06:30:10 +00:00
} catch (e) {
callback({
ok: false,
2021-07-27 17:47:13 +00:00
msg: e.message,
2021-07-06 06:30:10 +00:00
});
}
});
2021-07-09 06:14:03 +00:00
// Add or Edit
socket.on("addNotification", async (notification, notificationID, callback) => {
try {
checkLogin(socket);
2021-07-09 06:14:03 +00:00
let notificationBean = await Notification.save(notification, notificationID, socket.userID);
await sendNotificationList(socket);
2021-07-09 06:14:03 +00:00
callback({
ok: true,
msg: "Saved.",
msgi18n: true,
id: notificationBean.id,
2021-07-09 06:14:03 +00:00
});
} catch (e) {
callback({
ok: false,
2021-07-27 17:47:13 +00:00
msg: e.message,
2021-07-09 06:14:03 +00:00
});
}
});
socket.on("deleteNotification", async (notificationID, callback) => {
try {
checkLogin(socket);
2021-07-09 06:14:03 +00:00
await Notification.delete(notificationID, socket.userID);
await sendNotificationList(socket);
2021-07-09 06:14:03 +00:00
callback({
ok: true,
msg: "successDeleted",
msgi18n: true,
2021-07-09 06:14:03 +00:00
});
} catch (e) {
callback({
ok: false,
2021-07-27 17:47:13 +00:00
msg: e.message,
2021-07-09 06:14:03 +00:00
});
}
});
socket.on("testNotification", async (notification, callback) => {
try {
checkLogin(socket);
2021-07-09 06:14:03 +00:00
let msg = await Notification.send(notification, notification.name + " Testing");
2021-07-09 06:14:03 +00:00
callback({
ok: true,
2021-07-27 17:47:13 +00:00
msg,
2021-07-09 06:14:03 +00:00
});
} catch (e) {
console.error(e);
2021-07-18 12:49:46 +00:00
2021-07-09 06:14:03 +00:00
callback({
ok: false,
2021-07-27 17:47:13 +00:00
msg: e.message,
2021-07-09 06:14:03 +00:00
});
}
});
2021-07-18 10:51:58 +00:00
socket.on("checkApprise", async (callback) => {
try {
checkLogin(socket);
2021-07-18 10:51:58 +00:00
callback(Notification.checkApprise());
} catch (e) {
callback(false);
}
});
2021-08-03 17:03:40 +00:00
socket.on("clearEvents", async (monitorID, callback) => {
try {
checkLogin(socket);
log.info("manage", `Clear Events Monitor: ${monitorID} User ID: ${socket.userID}`);
await R.exec("UPDATE heartbeat SET msg = ?, important = ? WHERE monitor_id = ? ", [
"",
"0",
monitorID,
]);
callback({
ok: true,
});
} catch (e) {
callback({
ok: false,
msg: e.message,
});
}
});
socket.on("clearHeartbeats", async (monitorID, callback) => {
try {
checkLogin(socket);
log.info("manage", `Clear Heartbeats Monitor: ${monitorID} User ID: ${socket.userID}`);
await R.exec("DELETE FROM heartbeat WHERE monitor_id = ?", [
monitorID
]);
await sendHeartbeatList(socket, monitorID, true, true);
callback({
ok: true,
2021-08-31 22:36:24 +00:00
});
} catch (e) {
callback({
ok: false,
msg: e.message,
});
}
});
socket.on("clearStatistics", async (callback) => {
try {
checkLogin(socket);
2021-08-31 22:36:24 +00:00
log.info("manage", `Clear Statistics User ID: ${socket.userID}`);
2021-08-31 22:36:24 +00:00
await R.exec("DELETE FROM heartbeat");
2024-01-05 12:51:05 +00:00
await R.exec("DELETE FROM stat_daily");
await R.exec("DELETE FROM stat_hourly");
await R.exec("DELETE FROM stat_minutely");
// Restart all monitors to reset the stats
for (let monitorID in server.monitorList) {
await restartMonitor(socket.userID, monitorID);
}
2021-08-31 22:36:24 +00:00
callback({
ok: true,
});
} catch (e) {
callback({
ok: false,
msg: e.message,
});
}
});
2021-09-16 14:48:28 +00:00
// Status Page Socket Handler for admin only
statusPageSocketHandler(socket);
2022-03-29 06:48:02 +00:00
cloudflaredSocketHandler(socket);
databaseSocketHandler(socket);
proxySocketHandler(socket);
dockerSocketHandler(socket);
maintenanceSocketHandler(socket);
apiKeySocketHandler(socket);
remoteBrowserSocketHandler(socket);
2022-12-12 14:57:57 +00:00
generalSocketHandler(socket, server);
chartSocketHandler(socket);
2021-09-16 14:48:28 +00:00
log.debug("server", "added all socket handlers");
2021-08-03 17:03:40 +00:00
2021-08-04 05:31:17 +00:00
// ***************************
// Better do anything after added all socket handlers here
// ***************************
log.debug("auth", "check auto login");
if (await setting("disableAuth")) {
log.info("auth", "Disabled Auth: auto login to admin");
await afterLogin(socket, await R.findOne("user"));
socket.emit("autoLogin");
2021-08-03 17:03:40 +00:00
} else {
socket.emit("loginRequired");
log.debug("auth", "need auth");
2021-08-03 17:03:40 +00:00
}
2021-06-25 13:55:49 +00:00
});
log.debug("server", "Init the server");
2021-08-10 13:28:54 +00:00
server.httpServer.once("error", async (err) => {
log.error("server", "Cannot listen: " + err.message);
await shutdownFunction();
process.exit(1);
2021-08-10 13:28:54 +00:00
});
2021-08-10 08:36:21 +00:00
await server.start();
2024-10-11 10:06:59 +00:00
server.httpServer.listen(port, hostname, async () => {
2021-08-10 08:36:21 +00:00
if (hostname) {
log.info("server", `Listening on ${hostname}:${port}`);
2021-08-10 08:36:21 +00:00
} else {
log.info("server", `Listening on ${port}`);
2021-08-10 08:36:21 +00:00
}
2024-10-11 10:06:59 +00:00
await startMonitors();
// Put this here. Start background jobs after the db and server is ready to prevent clear up during db migration.
await initBackgroundJobs();
2021-08-21 11:50:22 +00:00
checkVersion.startInterval();
2021-06-25 13:55:49 +00:00
});
2022-03-30 03:59:49 +00:00
// Start cloudflared at the end if configured
await cloudflaredAutoStart(cloudflaredToken);
2022-03-30 03:59:49 +00:00
2021-06-25 13:55:49 +00:00
})();
/**
* Update notifications for a given monitor
* @param {number} monitorID ID of monitor to update
* @param {number[]} notificationIDList List of new notification
* providers to add
* @returns {Promise<void>}
*/
async function updateMonitorNotification(monitorID, notificationIDList) {
2021-08-10 13:37:51 +00:00
await R.exec("DELETE FROM monitor_notification WHERE monitor_id = ? ", [
2021-07-27 17:47:13 +00:00
monitorID,
]);
for (let notificationID in notificationIDList) {
if (notificationIDList[notificationID]) {
let relation = R.dispense("monitor_notification");
relation.monitor_id = monitorID;
relation.notification_id = notificationID;
await R.store(relation);
}
}
}
/**
* Check if a given user owns a specific monitor
* @param {number} userID ID of user to check
* @param {number} monitorID ID of monitor to check
* @returns {Promise<void>}
* @throws {Error} The specified user does not own the monitor
*/
2021-06-25 13:55:49 +00:00
async function checkOwner(userID, monitorID) {
let row = await R.getRow("SELECT id FROM monitor WHERE id = ? AND user_id = ? ", [
monitorID,
userID,
]);
2021-06-25 13:55:49 +00:00
if (! row) {
throw new Error("You do not own this monitor.");
}
}
/**
* Function called after user login
2021-11-10 05:24:31 +00:00
* This function is used to send the heartbeat list of a monitor.
* @param {Socket} socket Socket.io instance
* @param {object} user User object
* @returns {Promise<void>}
*/
2021-06-25 13:55:49 +00:00
async function afterLogin(socket, user) {
socket.userID = user.id;
socket.join(user.id);
2021-06-29 08:06:20 +00:00
2022-04-07 15:02:57 +00:00
let monitorList = await server.sendMonitorList(socket);
await Promise.allSettled([
sendInfo(socket),
server.sendMaintenanceList(socket),
sendNotificationList(socket),
sendProxyList(socket),
sendDockerHostList(socket),
sendAPIKeyList(socket),
sendRemoteBrowserList(socket),
2024-08-30 19:48:13 +00:00
sendMonitorTypeList(socket),
]);
2021-08-23 10:52:55 +00:00
2022-03-21 07:28:59 +00:00
await StatusPage.sendStatusPageList(io, socket);
const monitorPromises = [];
2021-08-23 10:52:55 +00:00
for (let monitorID in monitorList) {
monitorPromises.push(sendHeartbeatList(socket, monitorID));
monitorPromises.push(Monitor.sendStats(io, monitorID, user.id));
2021-08-23 10:52:55 +00:00
}
await Promise.all(monitorPromises);
2022-12-12 14:57:57 +00:00
// Set server timezone from client browser if not set
// It should be run once only
if (! await Settings.get("initServerTimezone")) {
log.debug("server", "emit initServerTimezone");
socket.emit("initServerTimezone");
}
2021-06-25 13:55:49 +00:00
}
/**
* Initialize the database
* @param {boolean} testMode Should the connection be
* started in test mode?
* @returns {Promise<void>}
*/
async function initDatabase(testMode = false) {
log.debug("server", "Connecting to the database");
await Database.connect(testMode);
log.info("server", "Connected to the database");
2021-07-18 10:51:58 +00:00
2021-07-21 18:02:35 +00:00
// Patch the database
await Database.patch();
2021-07-21 18:02:35 +00:00
2021-06-25 13:55:49 +00:00
let jwtSecretBean = await R.findOne("setting", " `key` = ? ", [
2021-07-27 17:47:13 +00:00
"jwtSecret",
2021-06-25 13:55:49 +00:00
]);
if (! jwtSecretBean) {
log.info("server", "JWT secret is not found, generate one.");
2021-08-09 12:09:01 +00:00
jwtSecretBean = await initJWTSecret();
log.info("server", "Stored JWT secret into database");
2021-06-25 13:55:49 +00:00
} else {
log.debug("server", "Load JWT secret from database.");
2021-06-25 13:55:49 +00:00
}
2021-07-21 18:02:35 +00:00
// If there is no record in user table, it is a new Uptime Kuma instance, need to setup
2023-04-03 11:36:07 +00:00
if ((await R.knex("user").count("id as count").first()).count === 0) {
log.info("server", "No user, need setup");
2021-07-11 05:47:57 +00:00
needSetup = true;
}
2023-06-27 07:54:33 +00:00
server.jwtSecret = jwtSecretBean.value;
2021-06-25 13:55:49 +00:00
}
/**
* Start the specified monitor
* @param {number} userID ID of user who owns monitor
* @param {number} monitorID ID of monitor to start
* @returns {Promise<void>}
*/
2021-06-25 13:55:49 +00:00
async function startMonitor(userID, monitorID) {
await checkOwner(userID, monitorID);
2021-06-25 13:55:49 +00:00
log.info("manage", `Resume Monitor: ${monitorID} User ID: ${userID}`);
2021-06-25 13:55:49 +00:00
await R.exec("UPDATE monitor SET active = 1 WHERE id = ? AND user_id = ? ", [
monitorID,
2021-07-27 17:47:13 +00:00
userID,
2021-06-25 13:55:49 +00:00
]);
let monitor = await R.findOne("monitor", " id = ? ", [
2021-07-27 17:47:13 +00:00
monitorID,
]);
2021-06-25 13:55:49 +00:00
2022-04-07 14:53:32 +00:00
if (monitor.id in server.monitorList) {
2023-02-23 16:16:49 +00:00
await server.monitorList[monitor.id].stop();
2021-06-27 08:10:55 +00:00
}
2022-04-07 14:53:32 +00:00
server.monitorList[monitor.id] = monitor;
2023-02-23 16:16:49 +00:00
await monitor.start(io);
2021-06-25 13:55:49 +00:00
}
/**
* Restart a given monitor
* @param {number} userID ID of user who owns monitor
* @param {number} monitorID ID of monitor to start
* @returns {Promise<void>}
*/
2021-06-27 08:10:55 +00:00
async function restartMonitor(userID, monitorID) {
return await startMonitor(userID, monitorID);
2021-06-27 08:10:55 +00:00
}
/**
* Pause a given monitor
* @param {number} userID ID of user who owns monitor
* @param {number} monitorID ID of monitor to start
* @returns {Promise<void>}
*/
2021-06-25 13:55:49 +00:00
async function pauseMonitor(userID, monitorID) {
await checkOwner(userID, monitorID);
2021-06-25 13:55:49 +00:00
log.info("manage", `Pause Monitor: ${monitorID} User ID: ${userID}`);
2021-06-25 13:55:49 +00:00
await R.exec("UPDATE monitor SET active = 0 WHERE id = ? AND user_id = ? ", [
monitorID,
2021-07-27 17:47:13 +00:00
userID,
2021-06-25 13:55:49 +00:00
]);
2022-04-07 14:53:32 +00:00
if (monitorID in server.monitorList) {
2023-02-23 16:16:49 +00:00
await server.monitorList[monitorID].stop();
server.monitorList[monitorID].active = 0;
2021-06-25 13:55:49 +00:00
}
}
/**
* Resume active monitors
* @returns {Promise<void>}
*/
2021-06-25 13:55:49 +00:00
async function startMonitors() {
let list = await R.find("monitor", " active = 1 ");
2021-06-25 13:55:49 +00:00
for (let monitor of list) {
2022-04-07 14:53:32 +00:00
server.monitorList[monitor.id] = monitor;
}
for (let monitor of list) {
try {
await monitor.start(io);
} catch (e) {
log.error("monitor", e);
}
// Give some delays, so all monitors won't make request at the same moment when just start the server.
await sleep(getRandomInt(300, 1000));
2021-06-25 13:55:49 +00:00
}
}
/**
* Shutdown the application
2021-11-10 05:24:31 +00:00
* Stops all monitors and closes the database connection.
* @param {string} signal The signal that triggered this function to be called.
* @returns {Promise<void>}
*/
2021-07-15 17:44:51 +00:00
async function shutdownFunction(signal) {
log.info("server", "Shutdown requested");
log.info("server", "Called signal: " + signal);
2021-07-15 17:44:51 +00:00
await server.stop();
log.info("server", "Stopping all monitors");
2022-04-07 14:53:32 +00:00
for (let id in server.monitorList) {
let monitor = server.monitorList[id];
2023-02-23 16:16:49 +00:00
await monitor.stop();
2021-07-15 17:44:51 +00:00
}
2021-07-21 18:02:35 +00:00
await sleep(2000);
await Database.close();
2023-02-05 10:01:54 +00:00
if (EmbeddedMariaDB.hasInstance()) {
EmbeddedMariaDB.getInstance().stop();
}
stopBackgroundJobs();
await cloudflaredStop();
2022-12-08 11:13:47 +00:00
Settings.stopCacheCleaner();
2021-07-15 17:44:51 +00:00
}
/**
* Final function called before application exits
* @returns {void}
*/
2021-07-15 17:44:51 +00:00
function finalFunction() {
log.info("server", "Graceful shutdown successful!");
2021-07-15 17:44:51 +00:00
}
gracefulShutdown(server.httpServer, {
2021-07-27 17:47:13 +00:00
signals: "SIGINT SIGTERM",
2021-07-15 17:44:51 +00:00
timeout: 30000, // timeout: 30 secs
development: false, // not in dev mode
forceExit: true, // triggers process.exit() at the end of shutdown process
onShutdown: shutdownFunction, // shutdown function (async) - e.g. for cleanup DB, ...
2021-07-27 17:47:13 +00:00
finally: finalFunction, // finally function (sync) - e.g. for logging
2021-07-15 17:44:51 +00:00
});
2021-08-17 07:32:34 +00:00
// Catch unexpected errors here
let unexpectedErrorHandler = (error, promise) => {
2021-08-17 07:32:34 +00:00
console.trace(error);
UptimeKumaServer.errorLog(error, false);
2021-08-17 07:32:34 +00:00
console.error("If you keep encountering errors, please report to https://github.com/louislam/uptime-kuma/issues");
};
process.addListener("unhandledRejection", unexpectedErrorHandler);
process.addListener("uncaughtException", unexpectedErrorHandler);