add forbid remote admin login
This commit is contained in:
parent
06933699c0
commit
93a65c271a
@ -15,7 +15,7 @@ export const getAdminCookieValue = ()=>{
|
||||
const secretKey = setting.jwt_secretkey;
|
||||
return sign({
|
||||
username: "admin",
|
||||
permission: []
|
||||
permission: [],
|
||||
},secretKey,{expiresIn:'3d'});
|
||||
}
|
||||
|
||||
@ -35,6 +35,10 @@ export const createLoginMiddleware = (knex: Knex)=>{
|
||||
sendError(400,"invalid form : username or password is not string")
|
||||
return;
|
||||
}
|
||||
if(setting.forbid_remote_admin_login && username === "admin"){
|
||||
sendError(403,"forbid remote admin login");
|
||||
return;
|
||||
}
|
||||
const user = await userController.findUser(username);
|
||||
if(user === undefined){
|
||||
sendError(401,"not authorized");
|
||||
|
@ -3,22 +3,39 @@ import { randomBytes } from 'crypto';
|
||||
import { existsSync, readFileSync, writeFileSync } from 'fs';
|
||||
|
||||
export type Setting = {
|
||||
path: string[],
|
||||
/**
|
||||
* if true, server will bind on '127.0.0.1' rather than '0.0.0.0'
|
||||
*/
|
||||
localmode: boolean,
|
||||
|
||||
guest: boolean,
|
||||
/**
|
||||
* JWT secret key. if you change its value, all access tokens are invalidated.
|
||||
*/
|
||||
jwt_secretkey: string,
|
||||
/**
|
||||
* the port which running server is binding on.
|
||||
*/
|
||||
port:number,
|
||||
|
||||
mode:"development"|"production",
|
||||
/**
|
||||
* if true, do not show 'electron' window and show terminal only.
|
||||
*/
|
||||
cli:boolean,
|
||||
/** forbid to login admin from remote client. but, it do not invalidate access token.
|
||||
* if you want to invalidate access token, change 'jwt_secretkey'.*/
|
||||
forbid_remote_admin_login:boolean,
|
||||
}
|
||||
const default_setting:Setting = {
|
||||
path:[],
|
||||
|
||||
localmode: true,
|
||||
guest:false,
|
||||
jwt_secretkey:"itsRandom",
|
||||
port:8080,
|
||||
mode:"production",
|
||||
cli:false
|
||||
cli:false,
|
||||
forbid_remote_admin_login:true,
|
||||
}
|
||||
let setting: null|Setting = null;
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user