shishantbiswas/bknd
1
0
Fork 0
mirror of https://github.com/shishantbiswas/bknd.git synced 2026-03-16 04:27:21 +00:00
Code Issues Packages Projects Releases Wiki Activity

added cookie to config + fixed config set endpoint

Browse Source
This commit is contained in:
dswbx
2024-11-25 16:57:12 +01:00
parent 824ff40133
commit 16a6a3315d
14 changed files with 114 additions and 47 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
app/src/modules/SystemApi.ts
View File

@@ -27,7 +27,10 @@ export class SystemApi extends ModuleApi<any> {
value: ModuleConfigs[Module],
force?: boolean
) {
return await this.post<any>(["config", "set", module, `?force=${force ? 1 : 0}`], value);
return await this.post<any>(
["config", "set", module].join("/") + `?force=${force ? 1 : 0}`,
value
);
}
async addConfig<Module extends ModuleKey>(module: Module, path: string, value: any) {

7
app/src/modules/migrations.ts
View File

@@ -78,6 +78,13 @@ export const migrations: Migration[] = [
up: async (config, { db }) => {
return config;
}
},
{
version: 7,
up: async (config, { db }) => {
// automatically adds auth.cookie options
return config;
}
}
];

4
app/src/modules/permissions/index.ts
View File

@@ -1,7 +1,7 @@
import { Permission } from "core";
export const admin = new Permission("system.admin");
export const api = new Permission("system.api");
export const accessAdmin = new Permission("system.access.admin");
export const accessApi = new Permission("system.access.api");
export const configRead = new Permission("system.config.read");
export const configReadSecrets = new Permission("system.config.read.secrets");
export const configWrite = new Permission("system.config.write");

39
app/src/modules/server/AdminController.tsx
View File

@@ -41,6 +41,7 @@ export class AdminController implements ClassController {
getController(): Hono<any> {
const auth = this.app.module.auth;
const configs = this.app.modules.configs();
// if auth is not enabled, authenticator is undefined
const auth_enabled = configs.auth.enabled;
const basepath = (String(configs.server.admin.basepath) + "/").replace(/\/+$/, "/");
const hono = new Hono<{
@@ -50,7 +51,7 @@ export class AdminController implements ClassController {
}>().basePath(basepath);
hono.use("*", async (c, next) => {
const obj = { user: auth.authenticator.getUser() };
const obj = { user: auth.authenticator?.getUser() };
const html = await this.getHtml(obj);
if (!html) {
console.warn("Couldn't generate HTML for admin UI");
@@ -58,29 +59,34 @@ export class AdminController implements ClassController {
return c.notFound() as unknown as void;
}
c.set("html", html);
// refresh cookie if needed
await auth.authenticator?.requestCookieRefresh(c);
await next();
});
hono.get(authRoutes.login, async (c) => {
if (
this.app.module.auth.authenticator.isUserLoggedIn() &&
this.ctx.guard.granted(SystemPermissions.admin)
) {
return c.redirect(authRoutes.root);
}
if (auth_enabled) {
hono.get(authRoutes.login, async (c) => {
if (
this.app.module.auth.authenticator?.isUserLoggedIn() &&
this.ctx.guard.granted(SystemPermissions.accessAdmin)
) {
return c.redirect(authRoutes.root);
}
const html = c.get("html");
return c.html(html);
});
const html = c.get("html");
return c.html(html);
});
hono.get(authRoutes.logout, async (c) => {
await auth.authenticator.logout(c);
return c.redirect(authRoutes.login);
});
hono.get(authRoutes.logout, async (c) => {
await auth.authenticator?.logout(c);
return c.redirect(authRoutes.login);
});
}
hono.get("*", async (c) => {
console.log("admin", c.req.url);
if (!this.ctx.guard.granted(SystemPermissions.admin)) {
if (!this.ctx.guard.granted(SystemPermissions.accessAdmin)) {
await addFlashMessage(c, "You are not authorized to access the Admin UI", "error");
return c.redirect(authRoutes.login);
}
@@ -128,6 +134,7 @@ export class AdminController implements ClassController {
return (
<Fragment>
{/* dnd complains otherwise */}
{html`<!doctype html>`}
<html lang="en" class={configs.server.admin.color_scheme ?? "light"}>
<head>