diff --git a/.github/workflows/deploy-development.yml b/.github/workflows/deploy-development.yml index 21547c7e7..fa912f772 100644 --- a/.github/workflows/deploy-development.yml +++ b/.github/workflows/deploy-development.yml @@ -2,7 +2,6 @@ name: Build & Publish Development on: workflow_dispatch: - pull_request: jobs: deploy: diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml index 6a38a604b..57e10bc30 100644 --- a/.github/workflows/lint.yml +++ b/.github/workflows/lint.yml @@ -21,9 +21,6 @@ jobs: node-version: '20' check-latest: true cache: 'npm' - cache-dependency-path: | - package-lock.json - src/package-lock.json - name: npm run lint run: | diff --git a/.github/workflows/npm-update-bot.yml b/.github/workflows/npm-update-bot.yml index 1bfa47ade..7df5de4f9 100644 --- a/.github/workflows/npm-update-bot.yml +++ b/.github/workflows/npm-update-bot.yml @@ -23,9 +23,6 @@ jobs: node-version: '20' check-latest: true cache: 'npm' - cache-dependency-path: | - package-lock.json - src/package-lock.json - name: Bot 🤖 "Updating NPM Packages..." run: | diff --git a/README.md b/README.md index 5b77f6fc1..72dde6c16 100644 --- a/README.md +++ b/README.md @@ -110,6 +110,7 @@ These options can be configured by setting environment variables using `-e KEY=" | `WG_HOST` | - | `vpn.myserver.com` | The public hostname of your VPN server. | | `WG_DEVICE` | `eth0` | `ens6f0` | Ethernet device the wireguard traffic should be forwarded through. | | `WG_PORT` | `51820` | `12345` | The public UDP port of your VPN server. WireGuard will listen on that (othwise default) inside the Docker container. | +| `WG_CONFIG_PORT`| `51820` | `12345` | The UDP port used on [Home Assistent Plugin](https://github.com/adriy-be/homeassistant-addons-jdeath/tree/main/wgeasy) | `WG_MTU` | `null` | `1420` | The MTU the clients will use. Server uses default WG MTU. | | `WG_PERSISTENT_KEEPALIVE` | `0` | `25` | Value in seconds to keep the "connection" open. If this value is 0, then connections won't be kept alive. | | `WG_DEFAULT_ADDRESS` | `10.8.0.x` | `10.6.0.x` | Clients IP address range. | diff --git a/src/lib/Server.js b/src/lib/Server.js index b7ac0e8d3..1a7953ad8 100644 --- a/src/lib/Server.js +++ b/src/lib/Server.js @@ -1,5 +1,6 @@ 'use strict'; +const bcrypt = require('bcryptjs'); const crypto = require('node:crypto'); const { createServer } = require('node:http'); const { stat, readFile } = require('node:fs/promises'); @@ -117,6 +118,15 @@ module.exports = class Server { return next(); } + if (req.url.startsWith('/api/') && req.headers['authorization']) { + if (bcrypt.compareSync(req.headers['authorization'], bcrypt.hashSync(PASSWORD, 10))) { + return next(); + } + return res.status(401).json({ + error: 'Incorrect Password', + }); + } + return res.status(401).json({ error: 'Not Logged In', }); diff --git a/src/package-lock.json b/src/package-lock.json index 6b3c675a3..9075bbb8d 100644 --- a/src/package-lock.json +++ b/src/package-lock.json @@ -9,6 +9,7 @@ "version": "1.0.1", "license": "CC BY-NC-SA 4.0", "dependencies": { + "bcryptjs": "^2.4.3", "debug": "^4.3.5", "express-session": "^1.18.0", "h3": "^1.11.1", @@ -208,6 +209,7 @@ "version": "0.5.0", "resolved": "https://registry.npmjs.org/@humanwhocodes/config-array/-/config-array-0.5.0.tgz", "integrity": "sha512-FagtKFz74XrTl7y6HCzQpwDfXP0yhxe9lHLD1UZxjvZIcbyRz8zTFF/yYNfSfzU414eDwZ1SrO0Qvtyf+wFMQg==", + "deprecated": "Use @eslint/config-array instead", "dev": true, "peer": true, "dependencies": { @@ -223,6 +225,7 @@ "version": "1.2.1", "resolved": "https://registry.npmjs.org/@humanwhocodes/object-schema/-/object-schema-1.2.1.tgz", "integrity": "sha512-ZnQMnLV4e7hDlUvw8H+U8ASL02SS2Gn6+9Ac3wGGLIe7+je2AeAOxPY+izIPJDfFDb7eDjev0Us8MO1iFRN8hA==", + "deprecated": "Use @eslint/object-schema instead", "dev": true, "peer": true }, @@ -908,6 +911,11 @@ "integrity": "sha512-3oSeUO0TMV67hN1AmbXsK4yaqU7tjiHlbxRDZOpH0KW9+CeX4bRAaX0Anxt0tx2MrpRpWwQaPwIlISEJhYU5Pw==", "dev": true }, + "node_modules/bcryptjs": { + "version": "2.4.3", + "resolved": "https://registry.npmjs.org/bcryptjs/-/bcryptjs-2.4.3.tgz", + "integrity": "sha512-V/Hy/X9Vt7f3BbPJEi8BdVFMByHi+jNXrYkW3huaybV/kQ0KJg0Y6PkEMbn+zeT+i+SiKZ/HMqJGIIt4LZDqNQ==" + }, "node_modules/binary-extensions": { "version": "2.3.0", "resolved": "https://registry.npmjs.org/binary-extensions/-/binary-extensions-2.3.0.tgz", @@ -2131,9 +2139,9 @@ } }, "node_modules/foreground-child": { - "version": "3.1.1", - "resolved": "https://registry.npmjs.org/foreground-child/-/foreground-child-3.1.1.tgz", - "integrity": "sha512-TMKDUnIte6bfb5nWv7V/caI169OHgvwjb7V4WkeUvbQQdjr5rWKqHFiKWb/fcOwB+CzBT+qbWjvj+DVwRskpIg==", + "version": "3.2.1", + "resolved": "https://registry.npmjs.org/foreground-child/-/foreground-child-3.2.1.tgz", + "integrity": "sha512-PXUUyLqrR2XCWICfv6ukppP96sdFwWbNEnfEMt7jNsISjMsvaLNinAHNDYyvkyU+SZG2BTSbT5NjG+vZslfGTA==", "dev": true, "dependencies": { "cross-spawn": "^7.0.0", @@ -2834,9 +2842,9 @@ } }, "node_modules/jiti": { - "version": "1.21.3", - "resolved": "https://registry.npmjs.org/jiti/-/jiti-1.21.3.tgz", - "integrity": "sha512-uy2bNX5zQ+tESe+TiC7ilGRz8AtRGmnJH55NC5S0nSUjvvvM2hJHmefHErugGXN4pNv4Qx7vLsnNw9qJ9mtIsw==", + "version": "1.21.6", + "resolved": "https://registry.npmjs.org/jiti/-/jiti-1.21.6.tgz", + "integrity": "sha512-2yTgeWTWzMWkHu6Jp9NKgePDaYHbntiwvYuuJLbbN9vl7DC9DvXKOB2BC3ZZ92D3cvV/aflH0osDfwpHepQ53w==", "dev": true, "bin": { "jiti": "bin/jiti.js" diff --git a/src/package.json b/src/package.json index 092233903..aff69d743 100644 --- a/src/package.json +++ b/src/package.json @@ -13,6 +13,7 @@ "author": "Emile Nijssen", "license": "CC BY-NC-SA 4.0", "dependencies": { + "bcryptjs": "^2.4.3", "debug": "^4.3.5", "express-session": "^1.18.0", "h3": "^1.11.1",