WeeXnes/nuvira
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

made all apis token secured

Browse source
This commit is contained in:
WeeXnes 2025-02-27 23:42:00 +01:00
parent aa3cf50b5d
commit d04a25b0e0
11 changed files with 149 additions and 71 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

22
core/command_auth.ts Normal file
View file

@ -0,0 +1,22 @@
import Logger from "~/core/logger";
import {createError} from "h3";
import {jwt_globals} from "~/core/globals";
import jwt from "jsonwebtoken";
export function checkValidJwtToken(token: string) {
Logger.info("Checking token " + token);
if (!token) {
throw createError({ statusCode: 401, statusMessage: 'Unauthorized' });
}
const secret = jwt_globals.secret;
if (!secret) {
throw createError({ statusCode: 500, statusMessage: 'JWT secret not set' });
}
const decoded = jwt.verify(token, secret) as { userId: string };
if (!decoded?.userId) {
throw createError({ statusCode: 401, statusMessage: 'Invalid token' });
}
Logger.success("user has been authed, password: " + decoded.userId);
}

46
pages/index.vue
View file

@ -12,6 +12,7 @@ const startVm = async (vm: any) => {
try { try {
const response = await axios.post('/api/controlVM', { const response = await axios.post('/api/controlVM', {
action: 'start', action: 'start',
token: useCookie('token').value,
vm: vm vm: vm
}); });
console.log(response.data); console.log(response.data);
@ -32,6 +33,7 @@ const shutdownVm = async (vm: any) => {
const response = await axios.post('/api/controlVM', { const response = await axios.post('/api/controlVM', {
action: 'shutdown', action: 'shutdown',
force: settings.force_shutdown, force: settings.force_shutdown,
token: useCookie('token').value,
vm: vm vm: vm
}); });
console.log(response.data); console.log(response.data);
@ -98,8 +100,12 @@ const networkInfo = reactive({
const fetchServiceInfo = async () => { const fetchServiceInfo = async () => {
try{ try{
let services = await $fetch('/api/getServices') //let services = await $fetch('/api/getServices')
services?.forEach((interface_obj) => { const response = await axios.post('/api/getServices', {
token: useCookie('token').value
});
let services = response.data;
services?.forEach((interface_obj: serviceInterface) => {
serviceInfo.services.push(interface_obj) serviceInfo.services.push(interface_obj)
}); });
serviceInfo.isLoaded = true; serviceInfo.isLoaded = true;
@ -110,8 +116,12 @@ const fetchServiceInfo = async () => {
const fetchNetworkInfo = async () => { const fetchNetworkInfo = async () => {
try{ try{
let networkInfoFetch = await $fetch('/api/getNetworkInterfaces') const response = await axios.post('/api/getNetworkInterfaces', {
networkInfoFetch?.forEach((interface_obj) => { token: useCookie('token').value
});
let networkInfoFetch = response.data;
networkInfoFetch?.forEach((interface_obj: networkInterface) => {
networkInfo.interfacesList.push(interface_obj) networkInfo.interfacesList.push(interface_obj)
}); });
@ -123,7 +133,11 @@ const fetchNetworkInfo = async () => {
const fetchOsInfo = async () => { const fetchOsInfo = async () => {
try{ try{
let systemInfoFetch = await $fetch('/api/getSystem') const response = await axios.post('/api/getSystem', {
token: useCookie('token').value
});
let systemInfoFetch = response.data;
console.log(systemInfoFetch) console.log(systemInfoFetch)
osInfo.name = systemInfoFetch?.platform || 'N/A' osInfo.name = systemInfoFetch?.platform || 'N/A'
osInfo.version = systemInfoFetch?.distro || 'N/A' osInfo.version = systemInfoFetch?.distro || 'N/A'
@ -137,7 +151,10 @@ const fetchOsInfo = async () => {
const fetchCpuTemp = async () => { const fetchCpuTemp = async () => {
try { try {
let cpuInfoFetch = await $fetch('/api/getCpu') const response = await axios.post('/api/getCpu', {
token: useCookie('token').value
});
let cpuInfoFetch = response.data;
console.log(cpuInfoFetch) console.log(cpuInfoFetch)
cpuInfo.manufacturer = cpuInfoFetch?.info.manufacturer || 'N/A' cpuInfo.manufacturer = cpuInfoFetch?.info.manufacturer || 'N/A'
cpuInfo.model = cpuInfoFetch?.info.brand || 'N/A' cpuInfo.model = cpuInfoFetch?.info.brand || 'N/A'
@ -152,7 +169,10 @@ const fetchCpuTemp = async () => {
const fetchMemoryInfo = async () => { const fetchMemoryInfo = async () => {
try{ try{
let memoryInfoFetch = await $fetch('/api/getMemory') const response = await axios.post('/api/getMemory', {
token: useCookie('token').value
});
let memoryInfoFetch = response.data;
console.log(memoryInfoFetch) console.log(memoryInfoFetch)
let ram_cache = settings.ignoreCache ? (memoryInfoFetch?.cached ?? 0) : 0; let ram_cache = settings.ignoreCache ? (memoryInfoFetch?.cached ?? 0) : 0;
if(memoryInfoFetch?.total != null) if(memoryInfoFetch?.total != null)
@ -169,9 +189,12 @@ const fetchMemoryInfo = async () => {
const fetchVMs = async () => { const fetchVMs = async () => {
try{ try{
let vmInfoFetch = await $fetch('/api/getVMs') const response = await axios.post('/api/getVMs', {
token: useCookie('token').value
});
let vmInfoFetch = response.data;
console.log(vmInfoFetch) console.log(vmInfoFetch)
vmInfoFetch?.forEach(vm => { vmInfoFetch?.forEach((vm: VM) => {
vmInfo.vms.push(vm) vmInfo.vms.push(vm)
}) })
vmInfo.isLoaded = true vmInfo.isLoaded = true
@ -184,7 +207,10 @@ const fetchVMs = async () => {
const fetchSettings = async () => { const fetchSettings = async () => {
try { try {
let settingsFetch = await $fetch('/api/getSettings') const response = await axios.post('/api/getSettings', {
token: useCookie('token').value
});
let settingsFetch = response.data;
console.log(settingsFetch) console.log(settingsFetch)
settings.ignoreCache = settingsFetch?.ignoreCache || false settings.ignoreCache = settingsFetch?.ignoreCache || false
settings.enable_qemu_controls = settingsFetch?.enable_qemu_controls || false settings.enable_qemu_controls = settingsFetch?.enable_qemu_controls || false

19
server/api/auth.ts
View file

@ -2,25 +2,12 @@ import { defineEventHandler, getCookie, createError } from 'h3';
import jwt from 'jsonwebtoken'; import jwt from 'jsonwebtoken';
import {jwt_globals} from "~/core/globals"; import {jwt_globals} from "~/core/globals";
import Logger from "~/core/logger"; import Logger from "~/core/logger";
import {checkValidJwtToken} from "~/core/command_auth";
export default defineEventHandler(async (event) => { export default defineEventHandler(async (event) => {
try { try {
const token = getCookie(event, 'token'); const token = getCookie(event, 'token') || "";
Logger.info("Checking token " + token); checkValidJwtToken(token)
if (!token) {
throw createError({ statusCode: 401, statusMessage: 'Unauthorized' });
}
const secret = jwt_globals.secret;
if (!secret) {
throw createError({ statusCode: 500, statusMessage: 'JWT secret not set' });
}
const decoded = jwt.verify(token, secret) as { userId: string };
if (!decoded?.userId) {
throw createError({ statusCode: 401, statusMessage: 'Invalid token' });
}
Logger.success("user has been authed, password: " + decoded.userId);
return { success: true }; return { success: true };
} catch (error: any) { } catch (error: any) {
return createError({ return createError({

5
server/api/controlVM.ts
View file

@ -1,12 +1,15 @@
import { exec } from 'child_process'; import { exec } from 'child_process';
import Logger from "~/core/logger"; import Logger from "~/core/logger";
import {checkValidJwtToken} from "~/core/command_auth";
export default defineEventHandler(async (event) => { export default defineEventHandler(async (event) => {
const body = await readBody(event); const body = await readBody(event);
const { action, force, vm } = body; const { action, token, force, vm } = body;
try { try {
checkValidJwtToken(token)
const command = action === 'start' ? `virsh start ${vm.name}` : (force ? `virsh destroy ${vm.name}` : `virsh shutdown ${vm.name}`); const command = action === 'start' ? `virsh start ${vm.name}` : (force ? `virsh destroy ${vm.name}` : `virsh shutdown ${vm.name}`);
console.log(command); console.log(command);

8
server/api/getCpu.ts
View file

@ -1,7 +1,13 @@
import { defineEventHandler, getCookie, createError } from 'h3';
import si from 'systeminformation'; import si from 'systeminformation';
import {checkValidJwtToken} from "~/core/command_auth";
export default defineEventHandler(async () => { export default defineEventHandler(async (event) => {
try { try {
const body = await readBody(event);
const { token } = body;
checkValidJwtToken(token)
const cpuData = await si.cpu(); const cpuData = await si.cpu();
const cpuTemp = await si.cpuTemperature(); const cpuTemp = await si.cpuTemperature();

9
server/api/getMemory.ts
View file

@ -1,7 +1,12 @@
import si from 'systeminformation'; import si from 'systeminformation';
import {checkValidJwtToken} from "~/core/command_auth";
export default defineEventHandler(async () => { import { defineEventHandler, getCookie, createError } from 'h3';
export default defineEventHandler(async (event) => {
try { try {
const body = await readBody(event);
const { token } = body;
checkValidJwtToken(token)
const memoryData = await si.mem(); const memoryData = await si.mem();
return memoryData; return memoryData;

10
server/api/getNetworkInterfaces.ts
View file

@ -3,9 +3,15 @@ import si from 'systeminformation';
import {VM} from "~/types/VM"; import {VM} from "~/types/VM";
import {networkInterface} from "~/types/networkInterface"; import {networkInterface} from "~/types/networkInterface";
import {settings} from "~/panel.config"; import {settings} from "~/panel.config";
import {checkValidJwtToken} from "~/core/command_auth";
export default defineEventHandler(async () => { import { defineEventHandler, getCookie, createError } from 'h3';
export default defineEventHandler(async (event) => {
try { try {
const body = await readBody(event);
const { token } = body;
checkValidJwtToken(token)
const network = await si.networkInterfaces(); const network = await si.networkInterfaces();
const interfaces_to_scan = settings.interfaces_to_scan || []; const interfaces_to_scan = settings.interfaces_to_scan || [];

11
server/api/getServices.ts
View file

@ -3,12 +3,15 @@ import si from 'systeminformation';
import {VM} from "~/types/VM"; import {VM} from "~/types/VM";
import {serviceInterface} from "~/types/serviceInterface"; import {serviceInterface} from "~/types/serviceInterface";
import {settings} from "~/panel.config"; import {settings} from "~/panel.config";
import {checkValidJwtToken} from "~/core/command_auth";
export default defineEventHandler(async () => { import { defineEventHandler, getCookie, createError } from 'h3';
export default defineEventHandler(async (event) => {
try { try {
const body = await readBody(event);
const { token } = body;
checkValidJwtToken(token)
const services = await si.services(settings.systemctl_services.join(', ')); const services = await si.services(settings.systemctl_services.join(', '));
const interfaces: serviceInterface[] = []; const interfaces: serviceInterface[] = [];
if (Array.isArray(services)) { if (Array.isArray(services)) {
services.forEach((interface_obj) => { services.forEach((interface_obj) => {

10
server/api/getSettings.ts
View file

@ -1,10 +1,14 @@
import si from 'systeminformation'; import si from 'systeminformation';
import {settings} from "~/panel.config"; import {settings} from "~/panel.config";
import {checkValidJwtToken} from "~/core/command_auth";
export default defineEventHandler(async () => { import { defineEventHandler, getCookie, createError } from 'h3';
export default defineEventHandler(async (event) => {
try { try {
const body = await readBody(event);
const { token } = body;
checkValidJwtToken(token)
return settings return settings
} catch (error) { } catch (error) {
console.error('Error fetching CPU info:', error); console.error('Error fetching settings:', error);
} }
}); });

8
server/api/getSystem.ts
View file

@ -1,7 +1,11 @@
import si from 'systeminformation'; import si from 'systeminformation';
import {checkValidJwtToken} from "~/core/command_auth";
export default defineEventHandler(async () => { import { defineEventHandler, getCookie, createError } from 'h3';
export default defineEventHandler(async (event) => {
try { try {
const body = await readBody(event);
const { token } = body;
checkValidJwtToken(token)
const systemData = await si.osInfo(); const systemData = await si.osInfo();
return systemData; return systemData;

16
server/api/getVMs.ts
View file

@ -4,9 +4,17 @@ import {vm_cache} from "~/core/globals";
import Logger from "~/core/logger"; import Logger from "~/core/logger";
import {reactive} from "vue"; import {reactive} from "vue";
import type {VM} from "~/types/VM"; import type {VM} from "~/types/VM";
import {checkValidJwtToken} from "~/core/command_auth";
import si from "systeminformation";
import { defineEventHandler, getCookie, createError } from 'h3';
export default defineEventHandler(async (event) => {
export default defineEventHandler(async () => {
try {
const body = await readBody(event);
const { token } = body;
checkValidJwtToken(token)
if(vm_cache.vms.length > 0){ if(vm_cache.vms.length > 0){
Logger.info("VMs are cached, refreshing vm states...") Logger.info("VMs are cached, refreshing vm states...")
for (const vm of vm_cache.vms) { for (const vm of vm_cache.vms) {
@ -37,8 +45,12 @@ export default defineEventHandler(async () => {
}); });
} }
} }
return vm_cache.vms; return vm_cache.vms;
} catch (error) {
console.error('Error fetching VM info:', error);
}
}); });