From f8a98f3a528d2544686fd7121c67a707e4af516d Mon Sep 17 00:00:00 2001
From: Keith Irwin <git@ki9.us>
Date: Sun, 12 Dec 2021 22:24:21 -0700
Subject: [PATCH] Removed IP check for intra-server comms

---
 admin/add.js           | 13 +------------
 admin/del.js           | 13 +------------
 includes/middleware.js | 15 +++++++++------
 3 files changed, 11 insertions(+), 30 deletions(-)

diff --git a/admin/add.js b/admin/add.js
index e0b68bf..9cf4fb9 100644
--- a/admin/add.js
+++ b/admin/add.js
@@ -6,19 +6,8 @@
 const env = require(process.argv[2]||'../env.json')
 const fs = require('fs').promises
 
-// Get secret
-const local_secret = env.SERVERS.filter(
-	(server) => server.host === env.LOCAL_SERVER
-)[0].secret
-
 module.exports = async (req, res) => {
-	
-	// Check secret auth
-	if (req.query['secret']!==local_secret) {
-		console.log(`Peer sent from ${req.requester} without correct secret querystring!`)
-		return res.sendStatus(403)
-	}
-	
+
 	// Add request body to wg config
 	try {
 		await fs.appendFile(env.WG_CONFIG_FILE, req.body)
diff --git a/admin/del.js b/admin/del.js
index d734616..a73fd6b 100644
--- a/admin/del.js
+++ b/admin/del.js
@@ -6,23 +6,12 @@
 const env = require(process.argv[2]||'../env.json')
 const fs = require('fs').promises
 
-// Get secret
-const local_secret = env.SERVERS.filter(
-	(server) => server.host === env.LOCAL_SERVER
-)[0].secret
-
 module.exports = async (req, res) => {
 	console.log(`Received delete from ${req.requester} for ${req.body}`)
 	let config
-
-	// Check secret
-	if (req.query['secret']!==local_secret) {
-		console.log(`Peer sent from ${req.requester} without correct secret querystring!`)
-		return res.sendStatus(403)
-	}
 		
 	// Read config file
-	else try {
+	try {
 		const config_file = await fs.readFile(env.WG_CONFIG_FILE)
 		config = config_file.toString()
 	}
diff --git a/includes/middleware.js b/includes/middleware.js
index 3b176b6..0d06b54 100644
--- a/includes/middleware.js
+++ b/includes/middleware.js
@@ -16,6 +16,9 @@ for (const server of env.SERVERS) {
 }
 const DNS_SERVERS_STRING = DNS_SERVERS.join(', ')
 
+const local_secret = env.SERVERS.filter(
+	(server) => server.host === env.LOCAL_SERVER
+)[0].secret
 
 // Actual middleware
 // These functions run every request so keep them lean
@@ -46,13 +49,13 @@ module.exports = {
 			next()
 		},
 	
-	// Block clients, only allow servers (for intra-server peer sharing)
+	// Authenticate servers with secret
 	allowServers: (req, res, next) => {
-		if (SERVER_IPS.includes(req.requester)) next()
-		else {
-			console.log(`Rejected request to ${req.path} from ${req.requester} not in SERVER_IPS`)
-			res.sendStatus(403)
-		}
+		// Check secret
+		if (req.query['secret']!==local_secret) {
+			console.log(`Peer sent from ${req.requester} without correct secret querystring!`)
+			return res.sendStatus(403)
+		} else next()
 	},
 	
 }
\ No newline at end of file