valentin
/
accessGate
mirror of https://github.com/itsmrval/accessGate
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

first functionnal instance ! 🎉

pull/1/head
Valentin 2023-09-12 23:44:38 +02:00
parent 86cf05c43f
commit 7b0a757fc7
15 changed files with 301 additions and 71 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
exemple.env
View File

@ -1,3 +1,4 @@
GITHUB_CLIENT_ID= GITHUB_CLIENT_ID=
GITHUB_CLIENT_SECRET= GITHUB_CLIENT_SECRET=
SESSION_SECRET= SESSION_SECRET=
APP_URL=http://exemple:8080

1
index.js
View File

@ -21,7 +21,6 @@ databaseService.sync().then(() => {
}) })
require('dotenv').config()
app.use(bodyParser.urlencoded({ extended: false })) app.use(bodyParser.urlencoded({ extended: false }))

4
model/server.model.js
View File

@ -24,6 +24,10 @@ Server.init({
secret: { secret: {
type: DataTypes.STRING, type: DataTypes.STRING,
required: true, required: true,
},
tmp: {
type: DataTypes.STRING,
required: true,
} }
}, { }, {
sequelize, sequelize,

51
routes/admin/groups.route.js
View File

@ -4,6 +4,7 @@ const User = require("../../model/user.model");
const Group = require("../../model/group.model"); const Group = require("../../model/group.model");
const Server = require("../../model/server.model"); const Server = require("../../model/server.model");
const {groupServerList} = require("../../services/groups.service"); const {groupServerList} = require("../../services/groups.service");
const url = require("url");
groupService = require("../../services/groups.service"); groupService = require("../../services/groups.service");
memberService = require("../../services/members.service"); memberService = require("../../services/members.service");
@ -17,7 +18,7 @@ router.get("/", (req, res) => {
for (x in groups) { for (x in groups) {
groups[x]['servers'] = groups2[x].dataValues.accesses groups[x]['servers'] = groups2[x].dataValues.accesses
} }
res.render('admin/groups', { "groups": groups }) res.render('admin/groups', { "groups": groups, locals: {alert: req.query.alert, alert_type: req.query.type} })
}) })
}) })
} catch (e) { } catch (e) {
@ -29,20 +30,45 @@ router.get("/", (req, res) => {
router.post("/add", (req, res) => { router.post("/add", (req, res) => {
if (req.body.group_name) { if (req.body.group_name) {
groupService.addGroup(req.body.group_name).then((result) => { groupService.addGroup(req.body.group_name).then((result) => {
res.redirect("/admin/groups") res.redirect(url.format({
pathname:'/admin/groups',
query: {
"alert": "✅ Group " + req.body.group_name + " added.",
"type": "success"
}
}));
}) })
} else { } else {
res.redirect("/admin/groups") res.redirect(url.format({
pathname:'/admin/groups',
query: {
"alert": "⚠️ Missing or invalid arguments.",
"type": "warning"
}
}));
} }
}) })
router.get("/delete/:group", (req, res) => { router.get("/delete/:group", (req, res) => {
try { try {
groupService.delGroup(req.params.group).then((result) => { groupService.delGroup(req.params.group).then((result) => {
res.redirect("/admin/groups") res.redirect(url.format({
pathname:'/admin/groups',
query: {
"alert": "🗑️ Group " + req.params.group + " deleted.",
"type": "success"
}
}));
}) })
} catch (e) { } catch (e) {
console.log(e) console.log(e)
res.redirect(url.format({
pathname:'/admin/groups',
query: {
"alert": "⚠️ An error occured, ask your admin to check logs.",
"type": "danger"
}
}));
} }
}); });
@ -54,6 +80,7 @@ router.get("/:name", async (req, res) => {
res.render('admin/group_new') res.render('admin/group_new')
} else { } else {
Group.findOne({ where: { name: req.params.name } }).then((group) => { Group.findOne({ where: { name: req.params.name } }).then((group) => {
if (group) {
groupService.groupUserList(req.params.name).then((result) => { groupService.groupUserList(req.params.name).then((result) => {
User.findAll().then((users) => { User.findAll().then((users) => {
for (user in users) { for (user in users) {
@ -73,11 +100,27 @@ router.get("/:name", async (req, res) => {
}); });
}) })
}); });
} else {
res.redirect(url.format({
pathname:'/admin/groups',
query: {
"alert": "⚠️ Missing or invalid group.",
"type": "warning"
}
}));
}
}) })
; ;
} }
} catch(e){ } catch(e){
console.log(e) console.log(e)
res.redirect(url.format({
pathname:'/admin/groups',
query: {
"alert": "⚠️ An error occured, ask your admin to check logs.",
"type": "danger"
}
}));
} }
}) })

67
routes/admin/servers.route.js
View File

@ -3,6 +3,7 @@ const User = require("../../model/user.model");
const Group = require("../../model/group.model"); const Group = require("../../model/group.model");
const Server = require("../../model/server.model"); const Server = require("../../model/server.model");
const url = require('url'); const url = require('url');
require('dotenv').config()
memberService = require("../../services/members.service"); memberService = require("../../services/members.service");
serverService = require("../../services/server.service"); serverService = require("../../services/server.service");
@ -12,14 +13,28 @@ var router = express.Router();
router.get("/", (req, res) => { router.get("/", (req, res) => {
try { try {
Server.findAll().then((servers) => { Server.findAll().then((servers) => {
if (req.query.alert) { if (req.query.alert === "secretDisplay") {
res.render('admin/servers', { "servers": servers, locals: { alert: req.query.alert, alert_type: req.query.type} }) var tmp = ''
} else { var secret_display = {}
res.render('admin/servers', { "servers": servers }) servers.forEach((server) => {
if (server.hostname === req.query.server) {
secret_display.content = server.tmp
secret_display.url = process.env.APP_URL
secret_display.name = server.hostname
} }
})
}
res.render('admin/servers', { "servers": servers, locals: {secret: secret_display, alert: req.query.alert, alert_type: req.query.type} })
}); });
} catch (e) { } catch (e) {
console.log(e) console.log(e)
res.redirect(url.format({
pathname:'/admin/users',
query: {
"alert": "⚠️ An error occured, ask your admin to check logs.",
"type": "danger"
}
}));
} }
}) })
@ -27,46 +42,64 @@ router.get("/", (req, res) => {
router.post("/add", (req, res) => { router.post("/add", (req, res) => {
try { try {
if (req.body.server_hostname && req.body.server_ip && req.body.server_username) { if (req.body.server_hostname && req.body.server_ip && req.body.server_username) {
serverService.addServer(req.body.server_hostname, req.body.server_ip, req.body.server_username).then((result) => { serverService.addServer(req.body.server_hostname, req.body.server_ip, req.body.server_username).then((secret) => {
res.redirect(url.format({
pathname:'/admin/servers',
query: {
"server": req.body.server_hostname,
"alert": "secretDisplay"
}
}));
res.redirect("/admin/servers")
}) })
} else { } else {
res.redirect(url.format({ res.redirect(url.format({
pathname:'/admin/servers', pathname:'/admin/servers',
query: { query: {
"alert": "Please check the value of your fields or if the server does not already exist.", "alert": "⚠️ Please check the value of your fields or if the server does not already exist.",
"type": "danger" "type": "danger"
} }
})); }));
} }
} catch (e) { } catch (e) {
console.log(e) console.log(e)
res.redirect(url.format({
pathname:'/admin/servers',
query: {
"alert": "⚠️ An error occured, ask your admin to check logs.",
"type": "danger"
}
}));
} }
}) })
router.get("/delete/:server", (req, res) => { router.get("/delete/:server", (req, res) => {
try { try {
serverService.delServer(req.params.server).then((result) => { serverService.delServer(req.params.server).then((result) => {
res.redirect("/admin/servers") res.redirect(url.format({
pathname:'/admin/servers',
query: {
"alert": "✅ Server " + req.params.server + " deleted.",
"type": "success"
}
}));
}) })
} catch (e) { } catch (e) {
console.log(e) console.log(e)
res.redirect(url.format({
pathname:'/admin/servers',
query: {
"alert": "⚠️ An error occured, ask your admin to check logs.",
"type": "danger"
}
}));
} }
}); });
router.get("/:name", async (req, res) => { router.get("/new", async (req, res) => {
try {
if (req.params.name === "new") {
res.render('admin/server_new') res.render('admin/server_new')
} else {
console.log('a')
}
} catch(e){
console.log(e)
}
}) })

80
routes/admin/users.route.js
View File

@ -1,6 +1,7 @@
const express = require('express'); const express = require('express');
const User = require("../../model/user.model"); const User = require("../../model/user.model");
const Key = require("../../model/key.model"); const Key = require("../../model/key.model");
const url = require("url");
keyService = require("../../services/keys.service"); keyService = require("../../services/keys.service");
groupService = require("../../services/groups.service"); groupService = require("../../services/groups.service");
@ -13,7 +14,7 @@ var router = express.Router();
router.get("/",async (req, res) => { router.get("/",async (req, res) => {
try { try {
User.findAll().then((users) => { User.findAll().then((users) => {
res.render('admin/users', { "users": users}) res.render('admin/users', { "users": users, locals: {alert: req.query.alert, alert_type: req.query.type}})
}) })
} catch(e) { } catch(e) {
console.log(e) console.log(e)
@ -25,13 +26,32 @@ router.get("/delete/:userId", (req, res) => {
try { try {
if (req.params.userId != req.session.user.id) { if (req.params.userId != req.session.user.id) {
userService.delUser(req.params.userId).then((result) => { userService.delUser(req.params.userId).then((result) => {
res.redirect("/admin/users") res.redirect(url.format({
pathname:'/admin/users',
query: {
"alert": "🗑️ User " + req.params.userId + " deleted.",
"type": "success"
}
}));
}) })
} else { } else {
res.redirect("/admin/users") res.redirect(url.format({
pathname:'/admin/users',
query: {
"alert": "☹️",
"type": "danger"
}
}));
} }
} catch(e) { } catch(e) {
console.log(e) console.log(e)
res.redirect(url.format({
pathname:'/admin/users',
query: {
"alert": "⚠️ An error occured, ask your admin to check logs.",
"type": "danger"
}
}));
} }
}); });
@ -40,21 +60,46 @@ router.get("/delete/:userId", (req, res) => {
router.get("/:id", async (req, res) => { router.get("/:id", async (req, res) => {
try { try {
User.findOne({ where: { id: req.params.id } }).then((user) => { User.findOne({ where: { id: req.params.id } }).then((user) => {
Key.findAll({where: { "idOwner": user.id}}).then((keys) => { Key.findAll({where: {"idOwner": user.id}}).then((keys) => {
res.render('admin/user_edit', { "keys": keys, "user": user})}); res.render('admin/user_edit', {
"keys": keys,
"user": user,
locals: {alert: req.query.alert, alert_type: req.query.type}
})
}); });
})
} catch(e) { } catch(e) {
console.log(e) console.log(e)
res.redirect(url.format({
pathname:'/admin/users',
query: {
"alert": "⚠️ An error occured, ask your admin to check logs.",
"type": "danger"
}
}));
} }
}) })
router.get("/:id/deleteKey/:key", (req, res) => { router.get("/:id/deleteKey/:key", (req, res) => {
try { try {
keyService.delKey(req.params.key, req.params.id).then((result) => { keyService.delKey(req.params.key, req.params.id).then((result) => {
res.redirect("/admin/users/"+req.params.id) res.redirect(url.format({
pathname:"/admin/users/"+req.params.id,
query: {
"alert": "🗑️ Key " + req.params.key + " deleted.",
"type": "success"
}
}));
}) })
} catch (e) { } catch (e) {
console.log(e) console.log(e)
res.redirect(url.format({
pathname:'/admin/users',
query: {
"alert": "⚠️ An error occured, ask your admin to check logs.",
"type": "danger"
}
}));
} }
}); });
@ -62,13 +107,32 @@ router.post("/:id/addKey", (req, res) => {
try { try {
if (req.body.key_content && req.body.key_name) { if (req.body.key_content && req.body.key_name) {
keyService.addKey(req.body.key_content, req.body.key_name, req.params.id).then((result) => { keyService.addKey(req.body.key_content, req.body.key_name, req.params.id).then((result) => {
res.redirect("/admin/users/"+req.params.id) res.redirect(url.format({
pathname:"/admin/users/"+req.params.id,
query: {
"alert": "✅ Key " + req.body.key_name + " added.",
"type": "success"
}
}));
}) })
} else { } else {
res.redirect("/admin/users/"+req.params.id) res.redirect(url.format({
pathname:"/admin/users/"+req.params.id,
query: {
"alert": "⚠️ Missing or invalid arguments.",
"type": "warning"
}
}));
} }
} catch(e) { } catch(e) {
console.log(e) console.log(e)
res.redirect(url.format({
pathname:'/admin/users',
query: {
"alert": "⚠️ An error occured, ask your admin to check logs.",
"type": "danger"
}
}));
} }
}) })

6
routes/endpoint/update.route.js
View File

@ -11,6 +11,7 @@ const serverService = require("../../services/server.service");
router.get("/:server", async (req, res) => { router.get("/:server", async (req, res) => {
try { try {
Server.findOne({ where: { hostname: req.params.server } }).then((server) => { Server.findOne({ where: { hostname: req.params.server } }).then((server) => {
if (server) {
if (bcrypt.compareSync(req.body.secret, server.secret)) { if (bcrypt.compareSync(req.body.secret, server.secret)) {
serverService.getServerKeys(req.params.server).then((result) => { serverService.getServerKeys(req.params.server).then((result) => {
var raw = '' var raw = ''
@ -20,7 +21,10 @@ router.get("/:server", async (req, res) => {
res.send(raw) res.send(raw)
}) })
} else { } else {
res.send("invalid secret") res.send("invalid request")
}
} else {
res.send("invalid request")
} }
}) })
} catch (e) { } catch (e) {

42
routes/keys.route.js
View File

@ -2,6 +2,7 @@ const express = require('express');
const keyService = require("../services/keys.service"); const keyService = require("../services/keys.service");
const Key = require("../model/key.model"); const Key = require("../model/key.model");
const url = require("url");
var router = express.Router(); var router = express.Router();
@ -17,13 +18,32 @@ router.post("/add", (req, res) => {
try { try {
if (req.body.key_content && req.body.key_name) { if (req.body.key_content && req.body.key_name) {
keyService.addKey(req.body.key_content, req.body.key_name, req.session.user.id).then((result) => { keyService.addKey(req.body.key_content, req.body.key_name, req.session.user.id).then((result) => {
res.redirect("/keys") res.redirect(url.format({
pathname:'/keys',
query: {
"alert": "✅ Key " + req.body.key_name + " added.",
"type": "success"
}
}));
}) })
} else { } else {
res.redirect("/keys") res.redirect(url.format({
pathname:'/keys',
query: {
"alert": "⚠️ Missing or invalid arguments.",
"type": "warning"
}
}));
} }
} catch (e) { } catch (e) {
console.log(e) console.log(e)
res.redirect(url.format({
pathname:'/keys',
query: {
"alert": "⚠️ An error occured, ask your admin to check logs.",
"type": "danger"
}
}));
} }
}) })
@ -31,10 +51,23 @@ router.post("/add", (req, res) => {
router.get("/delete/:key", (req, res) => { router.get("/delete/:key", (req, res) => {
try { try {
keyService.delKey(req.params.key, req.session.user.id).then((result) => { keyService.delKey(req.params.key, req.session.user.id).then((result) => {
res.redirect("/keys") res.redirect(url.format({
pathname:'/keys',
query: {
"alert": "🗑️ Key " + req.params.key + " deleted.",
"type": "success"
}
}));
}) })
} catch(e) { } catch(e) {
console.log(e) console.log(e)
res.redirect(url.format({
pathname:'/keys',
query: {
"alert": "⚠️ An error occured, ask your admin to check logs.",
"type": "danger"
}
}));
} }
}); });
@ -43,10 +76,11 @@ router.get("/delete/:key", (req, res) => {
router.get("/", (req, res) => { router.get("/", (req, res) => {
try { try {
Key.findAll({where: {idOwner: req.session.user.id}}).then((keys) => { Key.findAll({where: {idOwner: req.session.user.id}}).then((keys) => {
res.render('keys', { "keys": keys }) res.render('keys', { "keys": keys, locals: {alert: req.query.alert, alert_type: req.query.type} })
}) })
} catch(e) { } catch(e) {
console.log(e) console.log(e)
} }
}); });

2
services/groups.service.js
View File

@ -107,8 +107,6 @@ async function groupServerList(groupName) {
} }
groupServerList('admin')
module.exports = { module.exports = {
addGroup, addGroup,
delGroup, delGroup,

21
services/server.service.js
View File

@ -16,15 +16,21 @@ async function addServer(hostname, ip, username) {
} else { } else {
if (hostname && ip && username && regexp_space.test(hostname, username) && regexp_ip.test(ip)) { if (hostname && ip && username && regexp_space.test(hostname, username) && regexp_ip.test(ip)) {
var secret_generated= (Math.random() + 1).toString(36).substring(2); var secret_generated= (Math.random() + 1).toString(36).substring(2);
console.log('secret: TODO' + secret_generated)
Server.create({ Server.create({
hostname: hostname.toLowerCase(), hostname: hostname.toLowerCase(),
ip: ip, ip: ip,
username: username.toLowerCase(), username: username.toLowerCase(),
secret: bcrypt.hashSync(secret_generated, bcrypt.genSaltSync(10)) secret: bcrypt.hashSync(secret_generated, bcrypt.genSaltSync(10)),
tmp: secret_generated
}).then((result) => { }).then((result) => {
try {
console.log('Server ' + result.hostname + ' added to database') console.log('Server ' + result.hostname + ' added to database')
return secret_generated return secret_generated
} finally {
setTimeout(function() {
serverSecretDestroy(hostname)
},100)
}
}); });
} else { } else {
return false; return false;
@ -34,6 +40,12 @@ async function addServer(hostname, ip, username) {
}); });
} }
async function serverSecretDestroy(hostname){
Server.findOne({where: { hostname: hostname}}).then((result) => {
result.tmp = 'destroyed'
result.save()
});
}
async function delServer(hostname) { async function delServer(hostname) {
@ -90,9 +102,12 @@ async function getServerListForUserId(userId) {
return result return result
} }
module.exports = { module.exports = {
addServer, addServer,
delServer, delServer,
getServerKeys, getServerKeys,
getServerListForUserId getServerListForUserId,
serverSecretDestroy
}; };

5
views/admin/groups.ejs
View File

@ -2,6 +2,11 @@
<div class="container-fluid"> <div class="container-fluid">
<h3 class="text-dark mb-4">Groups</h3> <h3 class="text-dark mb-4">Groups</h3>
<% if (locals.alert) { %>
<div class="alert alert-<%= locals.alert_type %>" role="alert">
<%= locals.alert %>
</div>
<% } %>
<div class="card shadow"> <div class="card shadow">
<div class="card-header py-3"> <div class="card-header py-3">
<p class="text-primary m-0 fw-bold">Group list</p> <p class="text-primary m-0 fw-bold">Group list</p>

17
views/admin/servers.ejs
View File

@ -2,11 +2,26 @@
<div class="container-fluid"> <div class="container-fluid">
<h3 class="text-dark mb-4">Servers</h3> <h3 class="text-dark mb-4">Servers</h3>
<% if (locals.alert) { %> <% if (locals.alert && (!locals.secret)) { %>
<div class="alert alert-<%= locals.alert_type %>" role="alert"> <div class="alert alert-<%= locals.alert_type %>" role="alert">
<%= locals.alert %> <%= locals.alert %>
</div> </div>
<% } %> <% } %>
<% if (locals.secret) { %>
<% if (locals.secret.content === "destroyed") { %>
<div class="alert alert-danger" role="alert">
⚠️ The secret expired ⚠️
</div>
<% } else { %>
<div class="alert alert-warning" role="alert">
⚠️ The installation command <b>will not be shown again later.</b> ⚠️
</div>
<div class="alert alert-success" role="alert">
Run the command below to login the server <br><code>bash <( curl -s https://raw.githubusercontent.com/itsmrval/accessgate/scripts/agent.sh ) '<%= locals.secret.url %>' <%= locals.secret.name %> <%= locals.secret.content %> </code>
</div>
<% } %>
<% } %>
<div class="card shadow"> <div class="card shadow">
<div class="card-header py-3"> <div class="card-header py-3">
<p class="text-primary m-0 fw-bold">Server list</p> <p class="text-primary m-0 fw-bold">Server list</p>

5
views/admin/user_edit.ejs
View File

@ -1,6 +1,11 @@
<%- include('../navbar', {active: "admin-users"}); %> <%- include('../navbar', {active: "admin-users"}); %>
<div class="container-fluid"> <div class="container-fluid">
<h3 class="text-dark mb-4"><a style="text-decoration: none" href="/admin/users/">Users</a> / <%= user.login %></h3></h3> <h3 class="text-dark mb-4"><a style="text-decoration: none" href="/admin/users/">Users</a> / <%= user.login %></h3></h3>
<% if (locals.alert) { %>
<div class="alert alert-<%= locals.alert_type %>" role="alert">
<%= locals.alert %>
</div>
<% } %>
<div class="card shadow mb-5"> <div class="card shadow mb-5">
<div class="card-header py-3"> <div class="card-header py-3">
<p class="text-primary m-0 fw-bold">SSH Keys</p> <p class="text-primary m-0 fw-bold">SSH Keys</p>

5
views/admin/users.ejs
View File

@ -1,6 +1,11 @@
<%- include('../navbar', {active: "admin-users"}); %> <%- include('../navbar', {active: "admin-users"}); %>
<div class="container-fluid"> <div class="container-fluid">
<h3 class="text-dark mb-4">Users</h3> <h3 class="text-dark mb-4">Users</h3>
<% if (locals.alert) { %>
<div class="alert alert-<%= locals.alert_type %>" role="alert">
<%= locals.alert %>
</div>
<% } %>
<div class="card shadow"> <div class="card shadow">
<div class="card-header py-3"> <div class="card-header py-3">
<p class="text-primary m-0 fw-bold">User list</p> <p class="text-primary m-0 fw-bold">User list</p>

5
views/keys.ejs
View File

@ -1,6 +1,11 @@
<%- include('navbar', {active: "keys"}); %> <%- include('navbar', {active: "keys"}); %>
<div class="container-fluid"> <div class="container-fluid">
<h3 class="text-dark mb-4"><a style="text-decoration: none" href="/">Dashboard</a> / keys</h3></h3> <h3 class="text-dark mb-4"><a style="text-decoration: none" href="/">Dashboard</a> / keys</h3></h3>
<% if (locals.alert) { %>
<div class="alert alert-<%= locals.alert_type %>" role="alert">
<%= locals.alert %>
</div>
<% } %>
<div class="card shadow mb-5"> <div class="card shadow mb-5">
<div class="card-header py-3"> <div class="card-header py-3">
<p class="text-primary m-0 fw-bold">SSH Keys</p> <p class="text-primary m-0 fw-bold">SSH Keys</p>