mirror of
https://github.com/louislam/uptime-kuma.git
synced 2024-11-30 18:24:03 +00:00
Merge 49edf0d830
into d7ffa33950
This commit is contained in:
commit
c20df07e38
8 changed files with 212 additions and 76 deletions
65
extra/change-username.js
Normal file
65
extra/change-username.js
Normal file
|
@ -0,0 +1,65 @@
|
||||||
|
console.log("== Uptime Kuma Change Username Tool ==");
|
||||||
|
|
||||||
|
const Database = require("../server/database");
|
||||||
|
const { R } = require("redbean-node");
|
||||||
|
const readline = require("readline");
|
||||||
|
const { initJWTSecret } = require("../server/util-server");
|
||||||
|
const User = require("../server/model/user");
|
||||||
|
const args = require("args-parser")(process.argv);
|
||||||
|
const rl = readline.createInterface({
|
||||||
|
input: process.stdin,
|
||||||
|
output: process.stdout
|
||||||
|
});
|
||||||
|
|
||||||
|
const main = async () => {
|
||||||
|
console.log("Connecting the database");
|
||||||
|
Database.init(args);
|
||||||
|
await Database.connect(false, false, true);
|
||||||
|
|
||||||
|
try {
|
||||||
|
// No need to actually reset the password for testing, just make sure no connection problem. It is ok for now.
|
||||||
|
if (!process.env.TEST_BACKEND) {
|
||||||
|
const user = await R.findOne("user");
|
||||||
|
if (! user) {
|
||||||
|
throw new Error("user not found, have you installed?");
|
||||||
|
}
|
||||||
|
|
||||||
|
console.log("Found user: " + user.username);
|
||||||
|
let newUsername = await question("New username: ");
|
||||||
|
await User.updateUsername(user.id, newUsername);
|
||||||
|
|
||||||
|
// Reset all sessions by reset jwt secret
|
||||||
|
await initJWTSecret();
|
||||||
|
|
||||||
|
console.log("Username change successfully.");
|
||||||
|
}
|
||||||
|
} catch (e) {
|
||||||
|
console.error("Error: " + e.message);
|
||||||
|
}
|
||||||
|
|
||||||
|
await Database.close();
|
||||||
|
rl.close();
|
||||||
|
|
||||||
|
console.log("Finished.");
|
||||||
|
};
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Ask question of user
|
||||||
|
* @param {string} question Question to ask
|
||||||
|
* @returns {Promise<string>} Users response
|
||||||
|
*/
|
||||||
|
function question(question) {
|
||||||
|
return new Promise((resolve) => {
|
||||||
|
rl.question(question, (answer) => {
|
||||||
|
resolve(answer);
|
||||||
|
});
|
||||||
|
});
|
||||||
|
}
|
||||||
|
|
||||||
|
if (!process.env.TEST_BACKEND) {
|
||||||
|
main();
|
||||||
|
}
|
||||||
|
|
||||||
|
module.exports = {
|
||||||
|
main,
|
||||||
|
};
|
|
@ -50,6 +50,7 @@
|
||||||
"setup": "git checkout 1.23.14 && npm ci --production && npm run download-dist",
|
"setup": "git checkout 1.23.14 && npm ci --production && npm run download-dist",
|
||||||
"download-dist": "node extra/download-dist.js",
|
"download-dist": "node extra/download-dist.js",
|
||||||
"mark-as-nightly": "node extra/mark-as-nightly.js",
|
"mark-as-nightly": "node extra/mark-as-nightly.js",
|
||||||
|
"change-username": "node extra/change-username.js",
|
||||||
"reset-password": "node extra/reset-password.js",
|
"reset-password": "node extra/reset-password.js",
|
||||||
"remove-2fa": "node extra/remove-2fa.js",
|
"remove-2fa": "node extra/remove-2fa.js",
|
||||||
"simple-dns-server": "node extra/simple-dns-server.js",
|
"simple-dns-server": "node extra/simple-dns-server.js",
|
||||||
|
|
|
@ -7,6 +7,9 @@ const { loginRateLimiter, apiRateLimiter } = require("./rate-limiter");
|
||||||
const { Settings } = require("./settings");
|
const { Settings } = require("./settings");
|
||||||
const dayjs = require("dayjs");
|
const dayjs = require("dayjs");
|
||||||
|
|
||||||
|
const remoteAuthEnabled = process.env.REMOTE_AUTH_ENABLED || false;
|
||||||
|
const remoteAuthHeader = process.env.REMOTE_AUTH_HEADER || "Remote-User";
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Login to web app
|
* Login to web app
|
||||||
* @param {string} username Username to login with
|
* @param {string} username Username to login with
|
||||||
|
@ -133,29 +136,40 @@ function userAuthorizer(username, password, callback) {
|
||||||
* @returns {Promise<void>}
|
* @returns {Promise<void>}
|
||||||
*/
|
*/
|
||||||
exports.basicAuth = async function (req, res, next) {
|
exports.basicAuth = async function (req, res, next) {
|
||||||
|
const disabledAuth = await setting("disableAuth");
|
||||||
|
|
||||||
|
if (remoteAuthEnabled) {
|
||||||
|
const remoteUser = req.headers[remoteAuthHeader.toLowerCase()];
|
||||||
|
if (remoteUser !== undefined) {
|
||||||
|
let user = await R.findOne("user", " username = ? AND active = 1 ", [ remoteUser ]);
|
||||||
|
if (user) {
|
||||||
|
next();
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
if (!disabledAuth) {
|
||||||
const middleware = basicAuth({
|
const middleware = basicAuth({
|
||||||
authorizer: userAuthorizer,
|
authorizer: userAuthorizer,
|
||||||
authorizeAsync: true,
|
authorizeAsync: true,
|
||||||
challenge: true,
|
challenge: true,
|
||||||
});
|
});
|
||||||
|
|
||||||
const disabledAuth = await setting("disableAuth");
|
|
||||||
|
|
||||||
if (!disabledAuth) {
|
|
||||||
middleware(req, res, next);
|
middleware(req, res, next);
|
||||||
} else {
|
return;
|
||||||
next();
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
next();
|
||||||
};
|
};
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Use use API Key if API keys enabled, else use basic auth
|
* Use API Key if API keys enabled, else use basic auth
|
||||||
* @param {express.Request} req Express request object
|
* @param {express.Request} req Express request object
|
||||||
* @param {express.Response} res Express response object
|
* @param {express.Response} res Express response object
|
||||||
* @param {express.NextFunction} next Next handler in chain
|
* @param {express.NextFunction} next Next handler in chain
|
||||||
* @returns {Promise<void>}
|
* @returns {Promise<void>}
|
||||||
*/
|
*/
|
||||||
exports.apiAuth = async function (req, res, next) {
|
exports.authMiddleware = async function (req, res, next) {
|
||||||
if (!await Settings.get("disableAuth")) {
|
if (!await Settings.get("disableAuth")) {
|
||||||
let usingAPIKeys = await Settings.get("apiKeysEnabled");
|
let usingAPIKeys = await Settings.get("apiKeysEnabled");
|
||||||
let middleware;
|
let middleware;
|
||||||
|
|
|
@ -48,6 +48,17 @@ class User extends BeanModel {
|
||||||
}, jwtSecret);
|
}, jwtSecret);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @param {number} userID ID of user to update
|
||||||
|
* @param {string} newUsername Users new username
|
||||||
|
* @returns {Promise<void>}
|
||||||
|
*/
|
||||||
|
static async updateUsername(userID, newUsername) {
|
||||||
|
await R.exec("UPDATE `user` SET username = ? WHERE id = ? ", [
|
||||||
|
newUsername,
|
||||||
|
userID
|
||||||
|
]);
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
module.exports = User;
|
module.exports = User;
|
||||||
|
|
|
@ -104,12 +104,14 @@ log.debug("server", "Importing Background Jobs");
|
||||||
const { initBackgroundJobs, stopBackgroundJobs } = require("./jobs");
|
const { initBackgroundJobs, stopBackgroundJobs } = require("./jobs");
|
||||||
const { loginRateLimiter, twoFaRateLimiter } = require("./rate-limiter");
|
const { loginRateLimiter, twoFaRateLimiter } = require("./rate-limiter");
|
||||||
|
|
||||||
const { apiAuth } = require("./auth");
|
const { authMiddleware } = require("./auth");
|
||||||
const { login } = require("./auth");
|
const { login } = require("./auth");
|
||||||
const passwordHash = require("./password-hash");
|
const passwordHash = require("./password-hash");
|
||||||
|
|
||||||
const hostname = config.hostname;
|
const remoteAuthEnabled = process.env.REMOTE_AUTH_ENABLED || false;
|
||||||
|
const remoteAuthHeader = process.env.REMOTE_AUTH_HEADER || "Remote-User";
|
||||||
|
|
||||||
|
const hostname = config.hostname;
|
||||||
if (hostname) {
|
if (hostname) {
|
||||||
log.info("server", "Custom hostname: " + hostname);
|
log.info("server", "Custom hostname: " + hostname);
|
||||||
}
|
}
|
||||||
|
@ -292,7 +294,7 @@ let needSetup = false;
|
||||||
|
|
||||||
// Prometheus API metrics /metrics
|
// Prometheus API metrics /metrics
|
||||||
// With Basic Auth using the first user's username/password
|
// With Basic Auth using the first user's username/password
|
||||||
app.get("/metrics", apiAuth, prometheusAPIMetrics());
|
app.get("/metrics", authMiddleware, prometheusAPIMetrics());
|
||||||
|
|
||||||
app.use("/", expressStaticGzip("dist", {
|
app.use("/", expressStaticGzip("dist", {
|
||||||
enableBrotli: true,
|
enableBrotli: true,
|
||||||
|
@ -1578,10 +1580,26 @@ let needSetup = false;
|
||||||
// ***************************
|
// ***************************
|
||||||
|
|
||||||
log.debug("auth", "check auto login");
|
log.debug("auth", "check auto login");
|
||||||
if (await setting("disableAuth")) {
|
if (await Settings.get("disableAuth")) {
|
||||||
log.info("auth", "Disabled Auth: auto login to admin");
|
log.info("auth", "Disabled Auth: auto login to admin");
|
||||||
await afterLogin(socket, await R.findOne("user"));
|
await afterLogin(socket, await R.findOne("user"));
|
||||||
socket.emit("autoLogin");
|
socket.emit("autoLogin");
|
||||||
|
} else if (remoteAuthEnabled) {
|
||||||
|
log.debug("auth", socket.handshake.headers);
|
||||||
|
const remoteUser = socket.handshake.headers[remoteAuthHeader.toLowerCase()];
|
||||||
|
if (remoteUser !== undefined) {
|
||||||
|
const user = await R.findOne("user", " username = ? AND active = 1 ", [ remoteUser ]);
|
||||||
|
if (user) {
|
||||||
|
log.info("auth", `Login by remote-user header. IP=${await server.getClientIP(socket)}`);
|
||||||
|
log.debug("auth", `Remote user ${remoteUser} exists, found user ${user.username}`);
|
||||||
|
afterLogin(socket, user);
|
||||||
|
socket.emit("autoLoginRemoteHeader", user.username);
|
||||||
|
} else {
|
||||||
|
log.debug("auth", `Remote user ${remoteUser} doesn't exist`);
|
||||||
|
}
|
||||||
|
} else {
|
||||||
|
log.debug("auth", "Remote user header set but not found in headers");
|
||||||
|
}
|
||||||
} else {
|
} else {
|
||||||
socket.emit("loginRequired");
|
socket.emit("loginRequired");
|
||||||
log.debug("auth", "need auth");
|
log.debug("auth", "need auth");
|
||||||
|
|
|
@ -5,9 +5,9 @@
|
||||||
<template v-if="!settings.disableAuth">
|
<template v-if="!settings.disableAuth">
|
||||||
<p>
|
<p>
|
||||||
{{ $t("Current User") }}: <strong>{{ $root.username }}</strong>
|
{{ $t("Current User") }}: <strong>{{ $root.username }}</strong>
|
||||||
<button v-if="! settings.disableAuth" id="logout-btn" class="btn btn-danger ms-4 me-2 mb-2" @click="$root.logout">{{ $t("Logout") }}</button>
|
<button v-if="$root.socket.token.startsWith('autoLogin') === false" id="logout-btn" class="btn btn-danger ms-4 me-2 mb-2" @click="$root.logout">{{ $t("Logout") }}</button>
|
||||||
</p>
|
</p>
|
||||||
|
<template v-if="$root.socket.token.startsWith('autoLogin') === false">
|
||||||
<h5 class="my-4 settings-subheading">{{ $t("Change Password") }}</h5>
|
<h5 class="my-4 settings-subheading">{{ $t("Change Password") }}</h5>
|
||||||
<form class="mb-3" @submit.prevent="savePassword">
|
<form class="mb-3" @submit.prevent="savePassword">
|
||||||
<div class="mb-3">
|
<div class="mb-3">
|
||||||
|
@ -63,8 +63,9 @@
|
||||||
</div>
|
</div>
|
||||||
</form>
|
</form>
|
||||||
</template>
|
</template>
|
||||||
|
</template>
|
||||||
|
|
||||||
<div v-if="! settings.disableAuth" class="mt-5 mb-3">
|
<div v-if="$root.socket.token.startsWith('autoLogin') === false" class="mt-5 mb-3">
|
||||||
<h5 class="my-4 settings-subheading">
|
<h5 class="my-4 settings-subheading">
|
||||||
{{ $t("Two Factor Authentication") }}
|
{{ $t("Two Factor Authentication") }}
|
||||||
</h5>
|
</h5>
|
||||||
|
@ -85,7 +86,7 @@
|
||||||
|
|
||||||
<div class="mb-4">
|
<div class="mb-4">
|
||||||
<button v-if="settings.disableAuth" id="enableAuth-btn" class="btn btn-outline-primary me-2 mb-2" @click="enableAuth">{{ $t("Enable Auth") }}</button>
|
<button v-if="settings.disableAuth" id="enableAuth-btn" class="btn btn-outline-primary me-2 mb-2" @click="enableAuth">{{ $t("Enable Auth") }}</button>
|
||||||
<button v-if="! settings.disableAuth" id="disableAuth-btn" class="btn btn-primary me-2 mb-2" @click="confirmDisableAuth">{{ $t("Disable Auth") }}</button>
|
<button v-if="!settings.disableAuth" id="disableAuth-btn" class="btn btn-primary me-2 mb-2" @click="confirmDisableAuth">{{ $t("Disable Auth") }}</button>
|
||||||
</div>
|
</div>
|
||||||
</div>
|
</div>
|
||||||
</div>
|
</div>
|
||||||
|
|
|
@ -69,7 +69,7 @@
|
||||||
</a>
|
</a>
|
||||||
</li>
|
</li>
|
||||||
|
|
||||||
<li v-if="$root.loggedIn && $root.socket.token !== 'autoLogin'">
|
<li v-if="$root.loggedIn && $root.socket.token.startsWith('autoLogin') === false">
|
||||||
<button class="dropdown-item" @click="$root.logout">
|
<button class="dropdown-item" @click="$root.logout">
|
||||||
<font-awesome-icon icon="sign-out-alt" />
|
<font-awesome-icon icon="sign-out-alt" />
|
||||||
{{ $t("Logout") }}
|
{{ $t("Logout") }}
|
||||||
|
|
|
@ -119,17 +119,25 @@ export default {
|
||||||
this.info = info;
|
this.info = info;
|
||||||
});
|
});
|
||||||
|
|
||||||
socket.on("setup", (monitorID, data) => {
|
socket.on("setup", () => {
|
||||||
this.$router.push("/setup");
|
this.$router.push("/setup");
|
||||||
});
|
});
|
||||||
|
|
||||||
socket.on("autoLogin", (monitorID, data) => {
|
socket.on("autoLogin", () => {
|
||||||
this.loggedIn = true;
|
this.loggedIn = true;
|
||||||
this.storage().token = "autoLogin";
|
this.storage().token = "autoLogin";
|
||||||
this.socket.token = "autoLogin";
|
this.socket.token = "autoLogin";
|
||||||
this.allowLoginDialog = false;
|
this.allowLoginDialog = false;
|
||||||
});
|
});
|
||||||
|
|
||||||
|
socket.on("autoLoginRemoteHeader", (username) => {
|
||||||
|
this.loggedIn = true;
|
||||||
|
this.username = username;
|
||||||
|
this.storage().token = "autoLoginRemoteHeader";
|
||||||
|
this.socket.token = "autoLoginRemoteHeader";
|
||||||
|
this.allowLoginDialog = false;
|
||||||
|
});
|
||||||
|
|
||||||
socket.on("loginRequired", () => {
|
socket.on("loginRequired", () => {
|
||||||
let token = this.storage().token;
|
let token = this.storage().token;
|
||||||
if (token && token !== "autoLogin") {
|
if (token && token !== "autoLogin") {
|
||||||
|
@ -275,6 +283,24 @@ export default {
|
||||||
this.clearData();
|
this.clearData();
|
||||||
}
|
}
|
||||||
|
|
||||||
|
let token = this.storage().token;
|
||||||
|
|
||||||
|
if (token) {
|
||||||
|
if (token.startsWith("autoLogin") === false) {
|
||||||
|
this.loginByToken(token);
|
||||||
|
} else {
|
||||||
|
// Timeout if it is not actually auto login
|
||||||
|
setTimeout(() => {
|
||||||
|
if (! this.loggedIn) {
|
||||||
|
this.allowLoginDialog = true;
|
||||||
|
this.$root.storage().removeItem("token");
|
||||||
|
}
|
||||||
|
}, 5000);
|
||||||
|
}
|
||||||
|
} else {
|
||||||
|
this.allowLoginDialog = true;
|
||||||
|
}
|
||||||
|
|
||||||
this.socket.firstConnect = false;
|
this.socket.firstConnect = false;
|
||||||
});
|
});
|
||||||
|
|
||||||
|
@ -326,7 +352,7 @@ export default {
|
||||||
getJWTPayload() {
|
getJWTPayload() {
|
||||||
const jwtToken = this.$root.storage().token;
|
const jwtToken = this.$root.storage().token;
|
||||||
|
|
||||||
if (jwtToken && jwtToken !== "autoLogin") {
|
if (jwtToken && jwtToken.startsWith("autoLogin") === false) {
|
||||||
return jwtDecode(jwtToken);
|
return jwtDecode(jwtToken);
|
||||||
}
|
}
|
||||||
return undefined;
|
return undefined;
|
||||||
|
|
Loading…
Reference in a new issue