#13 Added intra-server authentication
parent
3ec541c282
commit
c2c998feae
19
admin/add.js
19
admin/add.js
|
@ -6,13 +6,22 @@
|
|||
const env = require(process.argv[2]||'../env/env.json')
|
||||
const fs = require('fs').promises
|
||||
|
||||
// Get secret
|
||||
const local_secret = env.SERVERS.filter(
|
||||
(server) => server.host === env.LOCAL_SERVER
|
||||
)[0].secret
|
||||
|
||||
module.exports = async (req, res) => {
|
||||
console.log(`Received peer from ${req.requester}`)
|
||||
try {
|
||||
if (req.query['secret']!==local_secret) {
|
||||
console.log(`Peer sent from ${req.requester} without correct secret querystring!`)
|
||||
return res.sendStatus(403)
|
||||
} else try {
|
||||
await fs.appendFile(env.WG_CONFIG_FILE, req.body)
|
||||
} catch (err) {
|
||||
console.error(`Failed to save new peer config to ${env.WG_CONFIG_FILE}`,err)
|
||||
res.sendStatus(500)
|
||||
console.error(`Failed to save new peer config from ${req.requester} to ${env.WG_CONFIG_FILE}`,err)
|
||||
return res.sendStatus(500)
|
||||
} finally {
|
||||
console.log(`Saved new peer from ${req.requester}`)
|
||||
return res.sendStatus(200)
|
||||
}
|
||||
res.sendStatus(200)
|
||||
}
|
48
admin/del.js
48
admin/del.js
|
@ -6,30 +6,54 @@
|
|||
const env = require(process.argv[2]||'../env/env.json')
|
||||
const fs = require('fs').promises
|
||||
|
||||
// Get secret
|
||||
const local_secret = env.SERVERS.filter(
|
||||
(server) => server.host === env.LOCAL_SERVER
|
||||
)[0].secret
|
||||
|
||||
module.exports = async (req, res) => {
|
||||
console.log(`Received delete from ${req.requester} for ${req.body}`)
|
||||
let config
|
||||
try {
|
||||
|
||||
// Check secret
|
||||
if (req.query['secret']!==local_secret) {
|
||||
console.log(`Peer sent from ${req.requester} without correct secret querystring!`)
|
||||
return res.sendStatus(403)
|
||||
|
||||
// Read config file
|
||||
} else try {
|
||||
const config_file = await fs.readFile(env.WG_CONFIG_FILE)
|
||||
config = config_file.toString()
|
||||
} catch (err) {
|
||||
console.error(`Failed to load config from ${env.WG_CONFIG_FILE}:\n`,err)
|
||||
res.sendStatus(500)
|
||||
}
|
||||
const peer = config.split('\n\n')
|
||||
} finally {
|
||||
|
||||
// Find peer in config
|
||||
const peer = config.split('\n\n')
|
||||
.filter( (paragraph) => {
|
||||
return paragraph.includes('[Peer]')
|
||||
}).filter( (peer) => {
|
||||
return peer.includes(`PublicKey = ${req.body}`)
|
||||
})
|
||||
try {
|
||||
await fs.writeFile(env.WG_CONFIG_FILE,
|
||||
config.replace(`\n\n${peer}`,'')
|
||||
.replace('\n\n\n','\n\n')
|
||||
)
|
||||
} catch (err) {
|
||||
console.error(`Failed to delete peer config from ${env.WG_CONFIG_FILE}:\n`,err)
|
||||
res.sendStatus(500)
|
||||
|
||||
// Delete peer
|
||||
try {
|
||||
await fs.writeFile(env.WG_CONFIG_FILE,
|
||||
config.replace(`\n\n${peer}`,'')
|
||||
.replace('\n\n\n','\n\n')
|
||||
)
|
||||
} catch (err) {
|
||||
console.error(`Failed to delete peer config from ${env.WG_CONFIG_FILE}:\n`,err)
|
||||
return res.sendStatus(500)
|
||||
} finally {
|
||||
|
||||
// Success
|
||||
console.log(`Saved new peer from ${req.requester}`)
|
||||
return res.sendStatus(200)
|
||||
|
||||
}
|
||||
|
||||
}
|
||||
res.sendStatus(200)
|
||||
|
||||
}
|
|
@ -102,7 +102,7 @@ AllowedIPs = ${ipv4_addr}/32, ${ipv6_addr}/128`
|
|||
} else {
|
||||
console.log(`Sending config to ${server.host}.gf4`)
|
||||
try {
|
||||
await axios.post(`${server.admin_endpoint}/add`, server_config, {
|
||||
await axios.post(`${server.admin_endpoint}/add?secret=${server.secret}`, server_config, {
|
||||
headers: {'Content-Type': 'text/plain'},
|
||||
})
|
||||
} catch (err) {
|
||||
|
|
|
@ -105,7 +105,7 @@ module.exports = async (req, res) => {
|
|||
if (server.host!==env.LOCAL_SERVER) {
|
||||
try {
|
||||
console.log(`Informing ${server.host} to delete ${peer_name}`)
|
||||
await axios.post(`${server.admin_endpoint}/del`, peer_pubkey, {
|
||||
await axios.post(`${server.admin_endpoint}/del?secret=${server.secret}`, peer_pubkey, {
|
||||
headers: {'Content-Type': 'text/plain'},
|
||||
})
|
||||
} catch (err) {
|
||||
|
|
Loading…
Reference in New Issue