jostreff/wireguard-ui
1
0
Fork 0
mirror of https://github.com/ngoduykhanh/wireguard-ui.git synced 2025-06-07 00:46:58 +03:00
Code Issues Projects Releases Packages Wiki Activity Actions

Add apikey

Browse source
This commit is contained in:
alikhanich 2023-03-17 09:22:01 +03:00
parent aadf099f50
commit 73cd5ae94d
5 changed files with 50 additions and 9 deletions
Download patch file Download diff file Expand all files Collapse all files

10
docker-compose.yaml
View file

@ -3,19 +3,15 @@ version: "3"
services: services:
wg: wg:
build: . build: .
#image: ngoduykhanh/wireguard-ui:latest image: wg-ui:latest
container_name: wgui container_name: wgui
cap_add: cap_add:
- NET_ADMIN - NET_ADMIN
network_mode: host network_mode: host
environment: environment:
- SENDGRID_API_KEY - SESSION_SECRET=vnsjdvb9134f39hvn9249
- EMAIL_FROM_ADDRESS
- EMAIL_FROM_NAME
- SESSION_SECRET
- WGUI_USERNAME=alpha - WGUI_USERNAME=alpha
- WGUI_PASSWORD=this-unusual-password - WGUI_PASSWORD=Negjqgfhjkm1!
- WG_CONF_TEMPLATE
- WGUI_MANAGE_START=false - WGUI_MANAGE_START=false
- WGUI_MANAGE_RESTART=false - WGUI_MANAGE_RESTART=false
logging: logging:

20
handler/session.go
View file

@ -23,12 +23,32 @@ func ValidSession(next echo.HandlerFunc) echo.HandlerFunc {
} }
} }
func ProtectedHandler(next echo.HandlerFunc) echo.HandlerFunc {
return func(c echo.Context) error {
sess, err := session.Get("session", c)
if err != nil {
return err
}
apiKey, ok := sess.Values["api_key"].(string)
if !ok || apiKey != util.ApiKey {
return echo.NewHTTPError(http.StatusUnauthorized, "Invalid API key")
}
// Handle the request for authenticated users
return next(c)
}
}
func isValidSession(c echo.Context) bool { func isValidSession(c echo.Context) bool {
if util.DisableLogin { if util.DisableLogin {
return true return true
} }
sess, _ := session.Get("session", c) sess, _ := session.Get("session", c)
cookie, err := c.Cookie("session_token") cookie, err := c.Cookie("session_token")
apiKey, ok := sess.Values["api_key"].(string)
if ok && apiKey != util.ApiKey {
return false
}
if err != nil || sess.Values["session_token"] != cookie.Value { if err != nil || sess.Values["session_token"] != cookie.Value {
return false return false
} }

5
main.go
View file

@ -40,6 +40,7 @@ var (
flagSessionSecret string flagSessionSecret string
flagWgConfTemplate string flagWgConfTemplate string
flagBasePath string flagBasePath string
flagApiKey string
) )
const ( const (
@ -69,6 +70,7 @@ func init() {
flag.StringVar(&flagSessionSecret, "session-secret", util.LookupEnvOrString("SESSION_SECRET", flagSessionSecret), "The key used to encrypt session cookies.") flag.StringVar(&flagSessionSecret, "session-secret", util.LookupEnvOrString("SESSION_SECRET", flagSessionSecret), "The key used to encrypt session cookies.")
flag.StringVar(&flagWgConfTemplate, "wg-conf-template", util.LookupEnvOrString("WG_CONF_TEMPLATE", flagWgConfTemplate), "Path to custom wg.conf template.") flag.StringVar(&flagWgConfTemplate, "wg-conf-template", util.LookupEnvOrString("WG_CONF_TEMPLATE", flagWgConfTemplate), "Path to custom wg.conf template.")
flag.StringVar(&flagBasePath, "base-path", util.LookupEnvOrString("BASE_PATH", flagBasePath), "The base path of the URL") flag.StringVar(&flagBasePath, "base-path", util.LookupEnvOrString("BASE_PATH", flagBasePath), "The base path of the URL")
flag.StringVar(&flagApiKey, "api-key", util.LookupEnvOrString("WGUI_API_KEY", ""), "Specify API key for auth")
flag.Parse() flag.Parse()
// update runtime config // update runtime config
@ -87,7 +89,7 @@ func init() {
util.SessionSecret = []byte(flagSessionSecret) util.SessionSecret = []byte(flagSessionSecret)
util.WgConfTemplate = flagWgConfTemplate util.WgConfTemplate = flagWgConfTemplate
util.BasePath = util.ParseBasePath(flagBasePath) util.BasePath = util.ParseBasePath(flagBasePath)
util.ApiKey = flagApiKey
// print app information // print app information
fmt.Println("Wireguard UI") fmt.Println("Wireguard UI")
fmt.Println("App Version\t:", appVersion) fmt.Println("App Version\t:", appVersion)
@ -105,6 +107,7 @@ func init() {
fmt.Println("Base path\t:", util.BasePath+"/") fmt.Println("Base path\t:", util.BasePath+"/")
} }
func main() { func main() {
db, err := jsondb.New("./db") db, err := jsondb.New("./db")
if err != nil { if err != nil {

22
router/router.go
View file

@ -47,11 +47,31 @@ func (t *TemplateRegistry) Render(w io.Writer, name string, data interface{}, c
return tmpl.ExecuteTemplate(w, "base.html", data) return tmpl.ExecuteTemplate(w, "base.html", data)
} }
func apiKeyMiddleware(next echo.HandlerFunc) echo.HandlerFunc {
return func(c echo.Context) error {
apiKey := c.Request().Header.Get("X-API-Key")
if apiKey == "" {
apiKey = c.QueryParam("api_key")
}
sess, err := session.Get("session", c)
if err != nil {
return err
}
sess.Values["api_key"] = apiKey
err = sess.Save(c.Request(), c.Response())
if err != nil {
return err
}
return next(c)
}
}
// New function // New function
func New(tmplBox *rice.Box, extraData map[string]string, secret []byte) *echo.Echo { func New(tmplBox *rice.Box, extraData map[string]string, secret []byte) *echo.Echo {
e := echo.New() e := echo.New()
e.Use(session.Middleware(sessions.NewCookieStore(secret)))
store := sessions.NewCookieStore(secret)
e.Use(session.Middleware(store))
e.Use(apiKeyMiddleware)
// read html template file to string // read html template file to string
tmplBaseString, err := tmplBox.String("base.html") tmplBaseString, err := tmplBox.String("base.html")
if err != nil { if err != nil {

2
util/config.go
View file

@ -19,6 +19,7 @@ var (
SessionSecret []byte SessionSecret []byte
WgConfTemplate string WgConfTemplate string
BasePath string BasePath string
ApiKey string
) )
const ( const (
@ -49,6 +50,7 @@ const (
DefaultClientExtraAllowedIpsEnvVar = "WGUI_DEFAULT_CLIENT_EXTRA_ALLOWED_IPS" DefaultClientExtraAllowedIpsEnvVar = "WGUI_DEFAULT_CLIENT_EXTRA_ALLOWED_IPS"
DefaultClientUseServerDNSEnvVar = "WGUI_DEFAULT_CLIENT_USE_SERVER_DNS" DefaultClientUseServerDNSEnvVar = "WGUI_DEFAULT_CLIENT_USE_SERVER_DNS"
DefaultClientEnableAfterCreationEnvVar = "WGUI_DEFAULT_CLIENT_ENABLE_AFTER_CREATION" DefaultClientEnableAfterCreationEnvVar = "WGUI_DEFAULT_CLIENT_ENABLE_AFTER_CREATION"
DefaultApiKeyEnvVar = "WGUI_API_KEY"
) )
func ParseBasePath(basePath string) string { func ParseBasePath(basePath string) string {