jostreff/wireguard-ui
1
0
Fork 0
mirror of https://github.com/ngoduykhanh/wireguard-ui.git synced 2025-04-21 20:12:33 +03:00
Code Issues Projects Releases Packages Wiki Activity Actions

Add ability to disable user authentication

Browse source
This commit is contained in:
Khanh Ngo 2020-10-09 23:31:45 +02:00
parent c20fa32086
commit adee2ecb97
No known key found for this signature in database
GPG key ID: 29077342AA5648F6
7 changed files with 84 additions and 41 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

41
handler/routes.go
View file

@ -3,11 +3,12 @@ package handler
import ( import (
"encoding/json" "encoding/json"
"fmt" "fmt"
rice "github.com/GeertJohan/go.rice"
"net/http" "net/http"
"strings" "strings"
"time" "time"
rice "github.com/GeertJohan/go.rice"
"github.com/gorilla/sessions" "github.com/gorilla/sessions"
"github.com/labstack/echo-contrib/session" "github.com/labstack/echo-contrib/session"
"github.com/labstack/echo/v4" "github.com/labstack/echo/v4"
@ -81,12 +82,13 @@ func WireGuardClients() echo.HandlerFunc {
clientDataList, err := util.GetClients(true) clientDataList, err := util.GetClients(true)
if err != nil { if err != nil {
return c.JSON(http.StatusInternalServerError, jsonHTTPResponse{false, fmt.Sprintf("Cannot get client list: %v", err)}) return c.JSON(http.StatusInternalServerError, jsonHTTPResponse{
false, fmt.Sprintf("Cannot get client list: %v", err),
})
} }
return c.Render(http.StatusOK, "clients.html", map[string]interface{}{ return c.Render(http.StatusOK, "clients.html", map[string]interface{}{
"baseData": model.BaseData{Active: ""}, "baseData": model.BaseData{Active: "", CurrentUser: currentUser(c)},
"username": currentUser(c),
"clientDataList": clientDataList, "clientDataList": clientDataList,
}) })
} }
@ -100,7 +102,9 @@ func GetClients() echo.HandlerFunc {
clientDataList, err := util.GetClients(true) clientDataList, err := util.GetClients(true)
if err != nil { if err != nil {
return c.JSON(http.StatusInternalServerError, jsonHTTPResponse{false, fmt.Sprintf("Cannot get client list: %v", err)}) return c.JSON(http.StatusInternalServerError, jsonHTTPResponse{
false, fmt.Sprintf("Cannot get client list: %v", err),
})
} }
return c.JSON(http.StatusOK, clientDataList) return c.JSON(http.StatusOK, clientDataList)
@ -171,7 +175,9 @@ func NewClient() echo.HandlerFunc {
presharedKey, err := wgtypes.GenerateKey() presharedKey, err := wgtypes.GenerateKey()
if err != nil { if err != nil {
log.Error("Cannot generated preshared key: ", err) log.Error("Cannot generated preshared key: ", err)
return c.JSON(http.StatusInternalServerError, jsonHTTPResponse{false, "Cannot generate Wireguard preshared key"}) return c.JSON(http.StatusInternalServerError, jsonHTTPResponse{
false, "Cannot generate Wireguard preshared key",
})
} }
client.PrivateKey = key.String() client.PrivateKey = key.String()
@ -213,7 +219,9 @@ func UpdateClient() echo.HandlerFunc {
serverInterface := model.ServerInterface{} serverInterface := model.ServerInterface{}
if err := db.Read("server", "interfaces", &serverInterface); err != nil { if err := db.Read("server", "interfaces", &serverInterface); err != nil {
log.Error("Cannot fetch server interface config from database: ", err) log.Error("Cannot fetch server interface config from database: ", err)
return c.JSON(http.StatusBadRequest, jsonHTTPResponse{false, fmt.Sprintf("Cannot fetch server config: %s", err)}) return c.JSON(http.StatusBadRequest, jsonHTTPResponse{
false, fmt.Sprintf("Cannot fetch server config: %s", err),
})
} }
// validate the input Allocation IPs // validate the input Allocation IPs
@ -346,8 +354,7 @@ func WireGuardServer() echo.HandlerFunc {
} }
return c.Render(http.StatusOK, "server.html", map[string]interface{}{ return c.Render(http.StatusOK, "server.html", map[string]interface{}{
"baseData": model.BaseData{Active: "wg-server"}, "baseData": model.BaseData{Active: "wg-server", CurrentUser: currentUser(c)},
"username": currentUser(c),
"serverInterface": server.Interface, "serverInterface": server.Interface,
"serverKeyPair": server.KeyPair, "serverKeyPair": server.KeyPair,
}) })
@ -429,8 +436,7 @@ func GlobalSettings() echo.HandlerFunc {
} }
return c.Render(http.StatusOK, "global_settings.html", map[string]interface{}{ return c.Render(http.StatusOK, "global_settings.html", map[string]interface{}{
"baseData": model.BaseData{Active: "global-settings"}, "baseData": model.BaseData{Active: "global-settings", CurrentUser: currentUser(c)},
"username": currentUser(c),
"globalSettings": globalSettings, "globalSettings": globalSettings,
}) })
} }
@ -511,13 +517,18 @@ func SuggestIPAllocation() echo.HandlerFunc {
allocatedIPs, err := util.GetAllocatedIPs("") allocatedIPs, err := util.GetAllocatedIPs("")
if err != nil { if err != nil {
log.Error("Cannot suggest ip allocation. Failed to get list of allocated ip addresses: ", err) log.Error("Cannot suggest ip allocation. Failed to get list of allocated ip addresses: ", err)
return c.JSON(http.StatusInternalServerError, jsonHTTPResponse{false, "Cannot suggest ip allocation: failed to get list of allocated ip addresses"}) return c.JSON(http.StatusInternalServerError, jsonHTTPResponse{
false, "Cannot suggest ip allocation: failed to get list of allocated ip addresses",
})
} }
for _, cidr := range server.Interface.Addresses { for _, cidr := range server.Interface.Addresses {
ip, err := util.GetAvailableIP(cidr, allocatedIPs) ip, err := util.GetAvailableIP(cidr, allocatedIPs)
if err != nil { if err != nil {
log.Error("Failed to get available ip from a CIDR: ", err) log.Error("Failed to get available ip from a CIDR: ", err)
return c.JSON(http.StatusInternalServerError, jsonHTTPResponse{false, fmt.Sprintf("Cannot suggest ip allocation: failed to get available ip from network %s", cidr)}) return c.JSON(http.StatusInternalServerError, jsonHTTPResponse{
false,
fmt.Sprintf("Cannot suggest ip allocation: failed to get available ip from network %s", cidr),
})
} }
suggestedIPs = append(suggestedIPs, fmt.Sprintf("%s/32", ip)) suggestedIPs = append(suggestedIPs, fmt.Sprintf("%s/32", ip))
} }
@ -554,7 +565,9 @@ func ApplyServerConfig(tmplBox *rice.Box) echo.HandlerFunc {
err = util.WriteWireGuardServerConfig(tmplBox, server, clients, settings) err = util.WriteWireGuardServerConfig(tmplBox, server, clients, settings)
if err != nil { if err != nil {
log.Error("Cannot apply server config: ", err) log.Error("Cannot apply server config: ", err)
return c.JSON(http.StatusInternalServerError, jsonHTTPResponse{false, fmt.Sprintf("Cannot apply server config: %v", err)}) return c.JSON(http.StatusInternalServerError, jsonHTTPResponse{
false, fmt.Sprintf("Cannot apply server config: %v", err),
})
} }
return c.JSON(http.StatusOK, jsonHTTPResponse{true, "Applied server config successfully"}) return c.JSON(http.StatusOK, jsonHTTPResponse{true, "Applied server config successfully"})

22
handler/session.go
View file

@ -6,19 +6,21 @@ import (
"github.com/labstack/echo-contrib/session" "github.com/labstack/echo-contrib/session"
"github.com/labstack/echo/v4" "github.com/labstack/echo/v4"
"github.com/ngoduykhanh/wireguard-ui/util"
) )
// validSession to redirect user to the login page if they are not // validSession to redirect user to the login page if they are not authenticated or session expired.
// authenticated or session expired.
func validSession(c echo.Context) { func validSession(c echo.Context) {
sess, _ := session.Get("session", c) if !util.DisableLogin {
cookie, err := c.Cookie("session_token") sess, _ := session.Get("session", c)
if err != nil || sess.Values["session_token"] != cookie.Value { cookie, err := c.Cookie("session_token")
nextURL := c.Request().URL if err != nil || sess.Values["session_token"] != cookie.Value {
if nextURL != nil { nextURL := c.Request().URL
c.Redirect(http.StatusTemporaryRedirect, fmt.Sprintf("/login?next=%s", c.Request().URL)) if nextURL != nil {
} else { c.Redirect(http.StatusTemporaryRedirect, fmt.Sprintf("/login?next=%s", c.Request().URL))
c.Redirect(http.StatusTemporaryRedirect, "/login") } else {
c.Redirect(http.StatusTemporaryRedirect, "/login")
}
} }
} }
} }

45
main.go
View file

@ -1,22 +1,34 @@
package main package main
import ( import (
"flag"
"fmt" "fmt"
"net/http"
"time"
rice "github.com/GeertJohan/go.rice" rice "github.com/GeertJohan/go.rice"
"github.com/labstack/echo/v4" "github.com/labstack/echo/v4"
"github.com/ngoduykhanh/wireguard-ui/handler" "github.com/ngoduykhanh/wireguard-ui/handler"
"github.com/ngoduykhanh/wireguard-ui/router" "github.com/ngoduykhanh/wireguard-ui/router"
"github.com/ngoduykhanh/wireguard-ui/util" "github.com/ngoduykhanh/wireguard-ui/util"
"net/http"
"time"
) )
var appVersion = "development" // command-line banner information
var gitCommit = "N/A" var (
var gitRef = "N/A" appVersion = "development"
var buildTime = fmt.Sprintf(time.Now().UTC().Format("01-02-2006 15:04:05")) gitCommit = "N/A"
gitRef = "N/A"
buildTime = fmt.Sprintf(time.Now().UTC().Format("01-02-2006 15:04:05"))
)
func init() {
// command-line flags
flagDisableLogin := flag.Bool("disable-login", false, "Disable login page. Turn off authentication.")
flag.Parse()
// update runtime config
util.DisableLogin = *flagDisableLogin
func main() {
// print app information // print app information
fmt.Println("Wireguard UI") fmt.Println("Wireguard UI")
fmt.Println("App Version\t:", appVersion) fmt.Println("App Version\t:", appVersion)
@ -24,16 +36,19 @@ func main() {
fmt.Println("Git Ref\t\t:", gitRef) fmt.Println("Git Ref\t\t:", gitRef)
fmt.Println("Build Time\t:", buildTime) fmt.Println("Build Time\t:", buildTime)
fmt.Println("Git Repo\t:", "https://github.com/ngoduykhanh/wireguard-ui") fmt.Println("Git Repo\t:", "https://github.com/ngoduykhanh/wireguard-ui")
fmt.Println("Authentication\t:", !util.DisableLogin)
// set app extra data
extraData := make(map[string]string)
extraData["appVersion"] = appVersion
// initialize DB // initialize DB
err := util.InitDB() err := util.InitDB()
if err != nil { if err != nil {
fmt.Print("Cannot init database: ", err) fmt.Print("Cannot init database: ", err)
} }
}
func main() {
// set app extra data
extraData := make(map[string]string)
extraData["appVersion"] = appVersion
// create rice box for embedded template // create rice box for embedded template
tmplBox := rice.MustFindBox("templates") tmplBox := rice.MustFindBox("templates")
@ -45,8 +60,12 @@ func main() {
app := router.New(tmplBox, extraData) app := router.New(tmplBox, extraData)
app.GET("/", handler.WireGuardClients()) app.GET("/", handler.WireGuardClients())
app.GET("/login", handler.LoginPage())
app.POST("/login", handler.Login()) if !util.DisableLogin {
app.GET("/login", handler.LoginPage())
app.POST("/login", handler.Login())
}
app.GET("/logout", handler.Logout()) app.GET("/logout", handler.Logout())
app.POST("/new-client", handler.NewClient()) app.POST("/new-client", handler.NewClient())
app.POST("/update-client", handler.UpdateClient()) app.POST("/update-client", handler.UpdateClient())

2
model/client.go
View file

@ -9,7 +9,7 @@ type Client struct {
ID string `json:"id"` ID string `json:"id"`
PrivateKey string `json:"private_key"` PrivateKey string `json:"private_key"`
PublicKey string `json:"public_key"` PublicKey string `json:"public_key"`
PresharedKey string `json:"preshared_key"` PresharedKey string `json:"preshared_key"`
Name string `json:"name"` Name string `json:"name"`
Email string `json:"email"` Email string `json:"email"`
AllocatedIPs []string `json:"allocated_ips"` AllocatedIPs []string `json:"allocated_ips"`

3
model/misc.go
View file

@ -8,5 +8,6 @@ type Interface struct {
// BaseData struct to pass value to the base template // BaseData struct to pass value to the base template
type BaseData struct { type BaseData struct {
Active string Active string
CurrentUser string
} }

6
templates/base.html
View file

@ -64,8 +64,10 @@
<button style="margin-left: 0.5em;" type="button" class="btn btn-outline-danger btn-sm" data-toggle="modal" <button style="margin-left: 0.5em;" type="button" class="btn btn-outline-danger btn-sm" data-toggle="modal"
data-target="#modal_apply_config"><i class="nav-icon fas fa-check"></i> Apply data-target="#modal_apply_config"><i class="nav-icon fas fa-check"></i> Apply
Config</button> Config</button>
{{if .baseData.CurrentUser}}
<button onclick="location.href='/logout';" style="margin-left: 0.5em;" type="button" <button onclick="location.href='/logout';" style="margin-left: 0.5em;" type="button"
class="btn btn-outline-danger btn-sm"><i class="nav-icon fas fa-sign-out-alt"></i> Logout</button> class="btn btn-outline-danger btn-sm"><i class="nav-icon fas fa-sign-out-alt"></i> Logout</button>
{{end}}
</div> </div>
</nav> </nav>
<!-- /.navbar --> <!-- /.navbar -->
@ -87,7 +89,7 @@
<i class="nav-icon fas fa-2x fa-user"></i> <i class="nav-icon fas fa-2x fa-user"></i>
</div> </div>
<div class="info"> <div class="info">
<a href="#" class="d-block">{{template "username" .}}</a> <a href="#" class="d-block">{{if .baseData.CurrentUser}} {{.baseData.CurrentUser}} {{else}} Administrator {{end}}</a>
</div> </div>
</div> </div>
@ -95,7 +97,7 @@
<nav class="mt-2"> <nav class="mt-2">
<ul class="nav nav-pills nav-sidebar flex-column" data-widget="treeview" role="menu" data-accordion="false"> <ul class="nav nav-pills nav-sidebar flex-column" data-widget="treeview" role="menu" data-accordion="false">
<li class="nav-item"> <li class="nav-item">
<a href="/" class="nav-link {{if eq .baseData.Active "" }}active{{end}}"> <a href="/" class="nav-link {{if eq .baseData.Active ""}}active{{end}}">
<i class="nav-icon fas fa-user-secret"></i> <i class="nav-icon fas fa-user-secret"></i>
<p> <p>
Wireguard Clients Wireguard Clients

6
util/config.go Normal file
View file

@ -0,0 +1,6 @@
package util
// Runtime config
var (
DisableLogin bool
)