7x31/uptime-kuma
1
0
Fork 0
mirror of https://github.com/louislam/uptime-kuma.git synced 2025-08-07 17:01:23 +08:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'master' into feature/request-with-http-proxy

Browse Source 
# Conflicts:
#	package-lock.json
#	package.json
#	server/database.js
#	src/languages/en.js
#	src/mixins/socket.js
This commit is contained in:
Louis Lam
2022-04-01 14:57:35 +08:00
parent 8078d0618d aef7719426
commit 04e3394d02
80 changed files with 2659 additions and 798 deletions
Download Patch File Download Diff File Expand all files Collapse all files

136
server/server.js
View File

@@ -52,7 +52,7 @@ console.log("Importing this project modules");
debug("Importing Monitor");
const Monitor = require("./model/monitor");
debug("Importing Settings");
const { getSettings, setSettings, setting, initJWTSecret, checkLogin, startUnitTest, FBSD, errorLog } = require("./util-server");
const { getSettings, setSettings, setting, initJWTSecret, checkLogin, startUnitTest, FBSD, errorLog, doubleCheckPassword } = require("./util-server");
debug("Importing Notification");
const { Notification } = require("./notification");
@@ -66,7 +66,7 @@ const Database = require("./database");
debug("Importing Background Jobs");
const { initBackgroundJobs } = require("./jobs");
const { loginRateLimiter } = require("./rate-limiter");
const { loginRateLimiter, twoFaRateLimiter } = require("./rate-limiter");
const { basicAuth } = require("./auth");
const { login } = require("./auth");
@@ -94,6 +94,7 @@ const port = parseInt(process.env.UPTIME_KUMA_PORT || process.env.PORT || args.p
const sslKey = process.env.UPTIME_KUMA_SSL_KEY || process.env.SSL_KEY || args["ssl-key"] || undefined;
const sslCert = process.env.UPTIME_KUMA_SSL_CERT || process.env.SSL_CERT || args["ssl-cert"] || undefined;
const disableFrameSameOrigin = !!process.env.UPTIME_KUMA_DISABLE_FRAME_SAMEORIGIN || args["disable-frame-sameorigin"] || false;
const cloudflaredToken = args["cloudflared-token"] || process.env.UPTIME_KUMA_CLOUDFLARED_TOKEN || undefined;
// 2FA / notp verification defaults
const twofa_verification_opts = {
@@ -135,6 +136,8 @@ const { sendNotificationList, sendHeartbeatList, sendImportantHeartbeatList, sen
const { statusPageSocketHandler } = require("./socket-handlers/status-page-socket-handler");
const databaseSocketHandler = require("./socket-handlers/database-socket-handler");
const TwoFA = require("./2fa");
const StatusPage = require("./model/status_page");
const { cloudflaredSocketHandler, autoStart: cloudflaredAutoStart } = require("./socket-handlers/cloudflared-socket-handler");
app.use(express.json());
@@ -203,8 +206,8 @@ exports.entryPage = "dashboard";
// Entry Page
app.get("/", async (_request, response) => {
if (exports.entryPage === "statusPage") {
response.redirect("/status");
if (exports.entryPage && exports.entryPage.startsWith("statusPage-")) {
response.redirect("/status/" + exports.entryPage.replace("statusPage-", ""));
} else {
response.redirect("/dashboard");
}
@@ -307,6 +310,15 @@ exports.entryPage = "dashboard";
socket.on("login", async (data, callback) => {
console.log("Login");
// Checking
if (typeof callback !== "function") {
return;
}
if (!data) {
return;
}
// Login Rate Limit
if (! await loginRateLimiter.pass(callback)) {
return;
@@ -365,14 +377,27 @@ exports.entryPage = "dashboard";
});
socket.on("logout", async (callback) => {
// Rate Limit
if (! await loginRateLimiter.pass(callback)) {
return;
}
socket.leave(socket.userID);
socket.userID = null;
callback();
if (typeof callback === "function") {
callback();
}
});
socket.on("prepare2FA", async (callback) => {
socket.on("prepare2FA", async (currentPassword, callback) => {
try {
if (! await twoFaRateLimiter.pass(callback)) {
return;
}
checkLogin(socket);
await doubleCheckPassword(socket, currentPassword);
let user = await R.findOne("user", " id = ? AND active = 1 ", [
socket.userID,
@@ -407,14 +432,19 @@ exports.entryPage = "dashboard";
} catch (error) {
callback({
ok: false,
msg: "Error while trying to prepare 2FA.",
msg: error.message,
});
}
});
socket.on("save2FA", async (callback) => {
socket.on("save2FA", async (currentPassword, callback) => {
try {
if (! await twoFaRateLimiter.pass(callback)) {
return;
}
checkLogin(socket);
await doubleCheckPassword(socket, currentPassword);
await R.exec("UPDATE `user` SET twofa_status = 1 WHERE id = ? ", [
socket.userID,
@@ -427,14 +457,19 @@ exports.entryPage = "dashboard";
} catch (error) {
callback({
ok: false,
msg: "Error while trying to change 2FA.",
msg: error.message,
});
}
});
socket.on("disable2FA", async (callback) => {
socket.on("disable2FA", async (currentPassword, callback) => {
try {
if (! await twoFaRateLimiter.pass(callback)) {
return;
}
checkLogin(socket);
await doubleCheckPassword(socket, currentPassword);
await TwoFA.disable2FA(socket.userID);
callback({
@@ -444,36 +479,47 @@ exports.entryPage = "dashboard";
} catch (error) {
callback({
ok: false,
msg: "Error while trying to change 2FA.",
msg: error.message,
});
}
});
socket.on("verifyToken", async (token, callback) => {
let user = await R.findOne("user", " id = ? AND active = 1 ", [
socket.userID,
]);
socket.on("verifyToken", async (token, currentPassword, callback) => {
try {
checkLogin(socket);
await doubleCheckPassword(socket, currentPassword);
let verify = notp.totp.verify(token, user.twofa_secret, twofa_verification_opts);
let user = await R.findOne("user", " id = ? AND active = 1 ", [
socket.userID,
]);
if (user.twofa_last_token !== token && verify) {
callback({
ok: true,
valid: true,
});
} else {
let verify = notp.totp.verify(token, user.twofa_secret, twofa_verification_opts);
if (user.twofa_last_token !== token && verify) {
callback({
ok: true,
valid: true,
});
} else {
callback({
ok: false,
msg: "Invalid Token.",
valid: false,
});
}
} catch (error) {
callback({
ok: false,
msg: "Invalid Token.",
valid: false,
msg: error.message,
});
}
});
socket.on("twoFAStatus", async (callback) => {
checkLogin(socket);
try {
checkLogin(socket);
let user = await R.findOne("user", " id = ? AND active = 1 ", [
socket.userID,
]);
@@ -490,9 +536,10 @@ exports.entryPage = "dashboard";
});
}
} catch (error) {
console.log(error);
callback({
ok: false,
msg: "Error while trying to get 2FA status.",
msg: error.message,
});
}
});
@@ -581,6 +628,9 @@ exports.entryPage = "dashboard";
throw new Error("Permission denied.");
}
// Reset Prometheus labels
monitorList[monitor.id]?.prometheus()?.remove();
bean.name = monitor.name;
bean.type = monitor.type;
bean.url = monitor.url;
@@ -939,21 +989,13 @@ exports.entryPage = "dashboard";
throw new Error("Password is too weak. It should contain alphabetic and numeric characters. It must be at least 6 characters in length.");
}
let user = await R.findOne("user", " id = ? AND active = 1 ", [
socket.userID,
]);
let user = await doubleCheckPassword(socket, password.currentPassword);
await user.resetPassword(password.newPassword);
if (user && passwordHash.verify(password.currentPassword, user.password)) {
user.resetPassword(password.newPassword);
callback({
ok: true,
msg: "Password has been updated successfully.",
});
} else {
throw new Error("Incorrect current password");
}
callback({
ok: true,
msg: "Password has been updated successfully.",
});
} catch (e) {
callback({
@@ -980,10 +1022,14 @@ exports.entryPage = "dashboard";
}
});
socket.on("setSettings", async (data, callback) => {
socket.on("setSettings", async (data, currentPassword, callback) => {
try {
checkLogin(socket);
if (data.disableAuth) {
await doubleCheckPassword(socket, currentPassword);
}
await setSettings("general", data);
exports.entryPage = data.entryPage;
@@ -1389,6 +1435,7 @@ exports.entryPage = "dashboard";
// Status Page Socket Handler for admin only
statusPageSocketHandler(socket);
cloudflaredSocketHandler(socket);
databaseSocketHandler(socket);
debug("added all socket handlers");
@@ -1431,6 +1478,9 @@ exports.entryPage = "dashboard";
initBackgroundJobs(args);
// Start cloudflared at the end if configured
await cloudflaredAutoStart(cloudflaredToken);
})();
async function updateMonitorNotification(monitorID, notificationIDList) {
@@ -1475,6 +1525,8 @@ async function afterLogin(socket, user) {
await sleep(500);
await StatusPage.sendStatusPageList(io, socket);
for (let monitorID in monitorList) {
await sendHeartbeatList(socket, monitorID);
}