Fixes browser app, adds no-auth (#38)
* Add no-auth flag * Install packages for app dir
This commit is contained in:
parent
a07d0c9c3d
commit
be3f0c437f
@ -24,6 +24,7 @@ export class Entry extends Command {
|
||||
open: flags.boolean({ char: "o", description: "Open in browser on startup" }),
|
||||
port: flags.integer({ char: "p", default: 8080, description: "Port to bind on" }),
|
||||
version: flags.version({ char: "v" }),
|
||||
"no-auth": flags.boolean({ default: false }),
|
||||
|
||||
// Dev flags
|
||||
"bootstrap-fork": flags.string({ hidden: true }),
|
||||
@ -132,7 +133,9 @@ export class Entry extends Command {
|
||||
|
||||
const password = "023450wf0951";
|
||||
const hasCustomHttps = certData && certKeyData;
|
||||
const app = await createApp((app) => {
|
||||
const app = await createApp({
|
||||
bypassAuth: flags["no-auth"],
|
||||
registerMiddleware: (app): void => {
|
||||
app.use((req, res, next) => {
|
||||
res.on("finish", () => {
|
||||
logger.trace(`\u001B[1m${req.method} ${res.statusCode} \u001B[0m${req.url}`, field("host", req.hostname), field("ip", req.ip));
|
||||
@ -152,7 +155,8 @@ export class Entry extends Command {
|
||||
}));
|
||||
app.use(require("webpack-hot-middleware")(compiler));
|
||||
}
|
||||
}, {
|
||||
},
|
||||
serverOptions: {
|
||||
builtInExtensionsDirectory: builtInExtensionsDir,
|
||||
dataDirectory: dataDir,
|
||||
workingDirectory: workingDir,
|
||||
@ -163,10 +167,13 @@ export class Entry extends Command {
|
||||
|
||||
return fork(modulePath, args, options);
|
||||
},
|
||||
}, password, hasCustomHttps ? {
|
||||
},
|
||||
password,
|
||||
httpsOptions: hasCustomHttps ? {
|
||||
key: certKeyData,
|
||||
cert: certData,
|
||||
} : undefined);
|
||||
} : undefined,
|
||||
});
|
||||
|
||||
logger.info("Starting webserver...", field("host", flags.host), field("port", flags.port));
|
||||
app.server.listen(flags.port, flags.host);
|
||||
@ -191,8 +198,12 @@ export class Entry extends Command {
|
||||
logger.warn("Documentation on securing your setup: https://coder.com/docs");
|
||||
}
|
||||
|
||||
if (!flags["no-auth"]) {
|
||||
logger.info(" ");
|
||||
logger.info(`Password:\u001B[1m ${password}`);
|
||||
} else {
|
||||
logger.warn("Launched without authentication.");
|
||||
}
|
||||
logger.info(" ");
|
||||
logger.info("Started (click the link below to open):");
|
||||
logger.info(`http://localhost:${flags.port}/`);
|
||||
|
@ -20,7 +20,15 @@ import { handle as handleTunnel } from "@coder/tunnel/src/server";
|
||||
import { createPortScanner } from "./portScanner";
|
||||
import { buildDir, isCli } from "./constants";
|
||||
|
||||
export const createApp = async (registerMiddleware?: (app: express.Application) => void, options?: ServerOptions, password?: string, httpsOptions?: https.ServerOptions): Promise<{
|
||||
interface CreateAppOptions {
|
||||
registerMiddleware?: (app: express.Application) => void;
|
||||
serverOptions?: ServerOptions;
|
||||
password?: string;
|
||||
httpsOptions?: https.ServerOptions;
|
||||
bypassAuth?: boolean;
|
||||
}
|
||||
|
||||
export const createApp = async (options: CreateAppOptions): Promise<{
|
||||
readonly express: express.Application;
|
||||
readonly server: http.Server;
|
||||
readonly wss: ws.Server;
|
||||
@ -38,15 +46,26 @@ export const createApp = async (registerMiddleware?: (app: express.Application)
|
||||
return cookies;
|
||||
};
|
||||
|
||||
const ensureAuthed = (req: http.IncomingMessage, res: express.Response): boolean => {
|
||||
if (!isAuthed(req)) {
|
||||
res.status(401);
|
||||
res.end();
|
||||
|
||||
return false;
|
||||
}
|
||||
|
||||
return true;
|
||||
};
|
||||
|
||||
const isAuthed = (req: http.IncomingMessage): boolean => {
|
||||
try {
|
||||
if (!password || !isCli) {
|
||||
if (!options.password || options.bypassAuth) {
|
||||
return true;
|
||||
}
|
||||
|
||||
// Try/catch placed here just in case
|
||||
const cookies = parseCookies(req);
|
||||
if (cookies.password && cookies.password === password) {
|
||||
if (cookies.password && cookies.password === options.password) {
|
||||
return true;
|
||||
}
|
||||
} catch (ex) {
|
||||
@ -62,8 +81,8 @@ export const createApp = async (registerMiddleware?: (app: express.Application)
|
||||
};
|
||||
|
||||
const app = express();
|
||||
if (registerMiddleware) {
|
||||
registerMiddleware(app);
|
||||
if (options.registerMiddleware) {
|
||||
options.registerMiddleware(app);
|
||||
}
|
||||
|
||||
const certs = await new Promise<pem.CertificateCreationResult>((res, rej): void => {
|
||||
@ -134,7 +153,7 @@ export const createApp = async (registerMiddleware?: (app: express.Application)
|
||||
onClose: (cb): void => ws.addEventListener("close", () => cb()),
|
||||
};
|
||||
|
||||
const server = new Server(connection, options);
|
||||
const server = new Server(connection, options.serverOptions);
|
||||
});
|
||||
|
||||
const baseDir = buildDir || path.join(__dirname, "..");
|
||||
@ -150,6 +169,10 @@ export const createApp = async (registerMiddleware?: (app: express.Application)
|
||||
}
|
||||
});
|
||||
app.get("/resource/:url(*)", async (req, res) => {
|
||||
if (!ensureAuthed(req, res)) {
|
||||
return;
|
||||
}
|
||||
|
||||
try {
|
||||
const fullPath = `/${req.params.url}`;
|
||||
// const relative = path.relative(options!.dataDirectory, fullPath);
|
||||
@ -184,6 +207,10 @@ export const createApp = async (registerMiddleware?: (app: express.Application)
|
||||
}
|
||||
});
|
||||
app.post("/resource/:url(*)", async (req, res) => {
|
||||
if (!ensureAuthed(req, res)) {
|
||||
return;
|
||||
}
|
||||
|
||||
try {
|
||||
const fullPath = `/${req.params.url}`;
|
||||
|
||||
|
@ -40,3 +40,4 @@ const handlePackages = (dir: string): void => {
|
||||
};
|
||||
|
||||
handlePackages(resolve(__dirname, "..", "packages"));
|
||||
handlePackages(resolve(__dirname, "..", "packages", "app"));
|
||||
|
Reference in New Issue
Block a user