diff --git a/core/command_auth.ts b/core/command_auth.ts new file mode 100644 index 0000000..7332b8a --- /dev/null +++ b/core/command_auth.ts @@ -0,0 +1,22 @@ +import Logger from "~/core/logger"; +import {createError} from "h3"; +import {jwt_globals} from "~/core/globals"; +import jwt from "jsonwebtoken"; + +export function checkValidJwtToken(token: string) { + Logger.info("Checking token " + token); + if (!token) { + throw createError({ statusCode: 401, statusMessage: 'Unauthorized' }); + } + + const secret = jwt_globals.secret; + if (!secret) { + throw createError({ statusCode: 500, statusMessage: 'JWT secret not set' }); + } + + const decoded = jwt.verify(token, secret) as { userId: string }; + if (!decoded?.userId) { + throw createError({ statusCode: 401, statusMessage: 'Invalid token' }); + } + Logger.success("user has been authed, password: " + decoded.userId); +} \ No newline at end of file diff --git a/pages/index.vue b/pages/index.vue index e203864..221ffe0 100644 --- a/pages/index.vue +++ b/pages/index.vue @@ -12,6 +12,7 @@ const startVm = async (vm: any) => { try { const response = await axios.post('/api/controlVM', { action: 'start', + token: useCookie('token').value, vm: vm }); console.log(response.data); @@ -32,6 +33,7 @@ const shutdownVm = async (vm: any) => { const response = await axios.post('/api/controlVM', { action: 'shutdown', force: settings.force_shutdown, + token: useCookie('token').value, vm: vm }); console.log(response.data); @@ -98,8 +100,12 @@ const networkInfo = reactive({ const fetchServiceInfo = async () => { try{ - let services = await $fetch('/api/getServices') - services?.forEach((interface_obj) => { + //let services = await $fetch('/api/getServices') + const response = await axios.post('/api/getServices', { + token: useCookie('token').value + }); + let services = response.data; + services?.forEach((interface_obj: serviceInterface) => { serviceInfo.services.push(interface_obj) }); serviceInfo.isLoaded = true; @@ -110,8 +116,12 @@ const fetchServiceInfo = async () => { const fetchNetworkInfo = async () => { try{ - let networkInfoFetch = await $fetch('/api/getNetworkInterfaces') - networkInfoFetch?.forEach((interface_obj) => { + const response = await axios.post('/api/getNetworkInterfaces', { + token: useCookie('token').value + }); + let networkInfoFetch = response.data; + + networkInfoFetch?.forEach((interface_obj: networkInterface) => { networkInfo.interfacesList.push(interface_obj) }); @@ -123,7 +133,11 @@ const fetchNetworkInfo = async () => { const fetchOsInfo = async () => { try{ - let systemInfoFetch = await $fetch('/api/getSystem') + const response = await axios.post('/api/getSystem', { + token: useCookie('token').value + }); + let systemInfoFetch = response.data; + console.log(systemInfoFetch) osInfo.name = systemInfoFetch?.platform || 'N/A' osInfo.version = systemInfoFetch?.distro || 'N/A' @@ -137,7 +151,10 @@ const fetchOsInfo = async () => { const fetchCpuTemp = async () => { try { - let cpuInfoFetch = await $fetch('/api/getCpu') + const response = await axios.post('/api/getCpu', { + token: useCookie('token').value + }); + let cpuInfoFetch = response.data; console.log(cpuInfoFetch) cpuInfo.manufacturer = cpuInfoFetch?.info.manufacturer || 'N/A' cpuInfo.model = cpuInfoFetch?.info.brand || 'N/A' @@ -152,7 +169,10 @@ const fetchCpuTemp = async () => { const fetchMemoryInfo = async () => { try{ - let memoryInfoFetch = await $fetch('/api/getMemory') + const response = await axios.post('/api/getMemory', { + token: useCookie('token').value + }); + let memoryInfoFetch = response.data; console.log(memoryInfoFetch) let ram_cache = settings.ignoreCache ? (memoryInfoFetch?.cached ?? 0) : 0; if(memoryInfoFetch?.total != null) @@ -169,9 +189,12 @@ const fetchMemoryInfo = async () => { const fetchVMs = async () => { try{ - let vmInfoFetch = await $fetch('/api/getVMs') + const response = await axios.post('/api/getVMs', { + token: useCookie('token').value + }); + let vmInfoFetch = response.data; console.log(vmInfoFetch) - vmInfoFetch?.forEach(vm => { + vmInfoFetch?.forEach((vm: VM) => { vmInfo.vms.push(vm) }) vmInfo.isLoaded = true @@ -184,7 +207,10 @@ const fetchVMs = async () => { const fetchSettings = async () => { try { - let settingsFetch = await $fetch('/api/getSettings') + const response = await axios.post('/api/getSettings', { + token: useCookie('token').value + }); + let settingsFetch = response.data; console.log(settingsFetch) settings.ignoreCache = settingsFetch?.ignoreCache || false settings.enable_qemu_controls = settingsFetch?.enable_qemu_controls || false diff --git a/server/api/auth.ts b/server/api/auth.ts index dc231dd..fff6707 100644 --- a/server/api/auth.ts +++ b/server/api/auth.ts @@ -2,25 +2,12 @@ import { defineEventHandler, getCookie, createError } from 'h3'; import jwt from 'jsonwebtoken'; import {jwt_globals} from "~/core/globals"; import Logger from "~/core/logger"; +import {checkValidJwtToken} from "~/core/command_auth"; export default defineEventHandler(async (event) => { try { - const token = getCookie(event, 'token'); - Logger.info("Checking token " + token); - if (!token) { - throw createError({ statusCode: 401, statusMessage: 'Unauthorized' }); - } - - const secret = jwt_globals.secret; - if (!secret) { - throw createError({ statusCode: 500, statusMessage: 'JWT secret not set' }); - } - - const decoded = jwt.verify(token, secret) as { userId: string }; - if (!decoded?.userId) { - throw createError({ statusCode: 401, statusMessage: 'Invalid token' }); - } - Logger.success("user has been authed, password: " + decoded.userId); + const token = getCookie(event, 'token') || ""; + checkValidJwtToken(token) return { success: true }; } catch (error: any) { return createError({ diff --git a/server/api/controlVM.ts b/server/api/controlVM.ts index 83dd54f..39e946f 100644 --- a/server/api/controlVM.ts +++ b/server/api/controlVM.ts @@ -1,12 +1,15 @@ import { exec } from 'child_process'; import Logger from "~/core/logger"; +import {checkValidJwtToken} from "~/core/command_auth"; export default defineEventHandler(async (event) => { const body = await readBody(event); - const { action, force, vm } = body; + const { action, token, force, vm } = body; try { + checkValidJwtToken(token) + const command = action === 'start' ? `virsh start ${vm.name}` : (force ? `virsh destroy ${vm.name}` : `virsh shutdown ${vm.name}`); console.log(command); diff --git a/server/api/getCpu.ts b/server/api/getCpu.ts index c6a63de..c13984c 100644 --- a/server/api/getCpu.ts +++ b/server/api/getCpu.ts @@ -1,7 +1,13 @@ +import { defineEventHandler, getCookie, createError } from 'h3'; import si from 'systeminformation'; +import {checkValidJwtToken} from "~/core/command_auth"; -export default defineEventHandler(async () => { +export default defineEventHandler(async (event) => { try { + const body = await readBody(event); + const { token } = body; + checkValidJwtToken(token) + const cpuData = await si.cpu(); const cpuTemp = await si.cpuTemperature(); diff --git a/server/api/getMemory.ts b/server/api/getMemory.ts index 30a61a8..08c056d 100644 --- a/server/api/getMemory.ts +++ b/server/api/getMemory.ts @@ -1,7 +1,12 @@ import si from 'systeminformation'; - -export default defineEventHandler(async () => { +import {checkValidJwtToken} from "~/core/command_auth"; +import { defineEventHandler, getCookie, createError } from 'h3'; +export default defineEventHandler(async (event) => { try { + + const body = await readBody(event); + const { token } = body; + checkValidJwtToken(token) const memoryData = await si.mem(); return memoryData; diff --git a/server/api/getNetworkInterfaces.ts b/server/api/getNetworkInterfaces.ts index 168a167..8dc6c5f 100644 --- a/server/api/getNetworkInterfaces.ts +++ b/server/api/getNetworkInterfaces.ts @@ -3,9 +3,15 @@ import si from 'systeminformation'; import {VM} from "~/types/VM"; import {networkInterface} from "~/types/networkInterface"; import {settings} from "~/panel.config"; - -export default defineEventHandler(async () => { +import {checkValidJwtToken} from "~/core/command_auth"; +import { defineEventHandler, getCookie, createError } from 'h3'; +export default defineEventHandler(async (event) => { try { + + const body = await readBody(event); + const { token } = body; + checkValidJwtToken(token) + const network = await si.networkInterfaces(); const interfaces_to_scan = settings.interfaces_to_scan || []; diff --git a/server/api/getServices.ts b/server/api/getServices.ts index 93cca55..8634b2b 100644 --- a/server/api/getServices.ts +++ b/server/api/getServices.ts @@ -3,12 +3,15 @@ import si from 'systeminformation'; import {VM} from "~/types/VM"; import {serviceInterface} from "~/types/serviceInterface"; import {settings} from "~/panel.config"; - -export default defineEventHandler(async () => { +import {checkValidJwtToken} from "~/core/command_auth"; +import { defineEventHandler, getCookie, createError } from 'h3'; +export default defineEventHandler(async (event) => { try { + const body = await readBody(event); + const { token } = body; + checkValidJwtToken(token) + const services = await si.services(settings.systemctl_services.join(', ')); - - const interfaces: serviceInterface[] = []; if (Array.isArray(services)) { services.forEach((interface_obj) => { diff --git a/server/api/getSettings.ts b/server/api/getSettings.ts index cc11079..7299c1a 100644 --- a/server/api/getSettings.ts +++ b/server/api/getSettings.ts @@ -1,10 +1,14 @@ import si from 'systeminformation'; import {settings} from "~/panel.config"; - -export default defineEventHandler(async () => { +import {checkValidJwtToken} from "~/core/command_auth"; +import { defineEventHandler, getCookie, createError } from 'h3'; +export default defineEventHandler(async (event) => { try { + const body = await readBody(event); + const { token } = body; + checkValidJwtToken(token) return settings } catch (error) { - console.error('Error fetching CPU info:', error); + console.error('Error fetching settings:', error); } }); diff --git a/server/api/getSystem.ts b/server/api/getSystem.ts index 2b532b0..3900bd3 100644 --- a/server/api/getSystem.ts +++ b/server/api/getSystem.ts @@ -1,7 +1,11 @@ import si from 'systeminformation'; - -export default defineEventHandler(async () => { +import {checkValidJwtToken} from "~/core/command_auth"; +import { defineEventHandler, getCookie, createError } from 'h3'; +export default defineEventHandler(async (event) => { try { + const body = await readBody(event); + const { token } = body; + checkValidJwtToken(token) const systemData = await si.osInfo(); return systemData; diff --git a/server/api/getVMs.ts b/server/api/getVMs.ts index dd84ca4..0bc3ae1 100644 --- a/server/api/getVMs.ts +++ b/server/api/getVMs.ts @@ -4,41 +4,53 @@ import {vm_cache} from "~/core/globals"; import Logger from "~/core/logger"; import {reactive} from "vue"; import type {VM} from "~/types/VM"; +import {checkValidJwtToken} from "~/core/command_auth"; +import si from "systeminformation"; +import { defineEventHandler, getCookie, createError } from 'h3'; +export default defineEventHandler(async (event) => { -export default defineEventHandler(async () => { - if(vm_cache.vms.length > 0){ - Logger.info("VMs are cached, refreshing vm states...") - for (const vm of vm_cache.vms) { - const stateValue = await getStateValue(vm.name, true) - vm.state = stateValue === "running" ? 'on' : 'off'; - } - }else{ - Logger.info("VMs havent been Loaded yet, loading now...") - for (const vm of settings.qemu_vms) { - Logger.info("Loading " + vm.name) - const vCpuCount = await getVcpuCount(vm.name); - const maxMemory = await getMaxMemory(vm.name); - const autostartValue = await getAutostartValue(vm.name); - const autostart = autostartValue === "enable"; - const stateValue = await getStateValue(vm.name); - - - const state: 'on' | 'off' = stateValue === "running" ? 'on' : 'off'; - - - vm_cache.vms.push({ - name: vm.name, - os: vm.os, - vCpuCount: vCpuCount || 0, - maxMemory: maxMemory || 0, - autostart: autostart, - state: state - }); + + try { + const body = await readBody(event); + const { token } = body; + checkValidJwtToken(token) + if(vm_cache.vms.length > 0){ + Logger.info("VMs are cached, refreshing vm states...") + for (const vm of vm_cache.vms) { + const stateValue = await getStateValue(vm.name, true) + vm.state = stateValue === "running" ? 'on' : 'off'; + } + }else{ + Logger.info("VMs havent been Loaded yet, loading now...") + for (const vm of settings.qemu_vms) { + Logger.info("Loading " + vm.name) + const vCpuCount = await getVcpuCount(vm.name); + const maxMemory = await getMaxMemory(vm.name); + const autostartValue = await getAutostartValue(vm.name); + const autostart = autostartValue === "enable"; + const stateValue = await getStateValue(vm.name); + + + const state: 'on' | 'off' = stateValue === "running" ? 'on' : 'off'; + + + vm_cache.vms.push({ + name: vm.name, + os: vm.os, + vCpuCount: vCpuCount || 0, + maxMemory: maxMemory || 0, + autostart: autostart, + state: state + }); + } } + return vm_cache.vms; + } catch (error) { + console.error('Error fetching VM info:', error); } - return vm_cache.vms; + });