Superminaren
/
kvm
mirror of https://github.com/jetkvm/kvm.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge 760dc494d4 into f3b4dbce49

This commit is contained in:
Srujan S 2025-02-17 10:38:55 +00:00 committed by GitHub
parent f3b4dbce49 760dc494d4
commit 0ed3963c9f
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 34 additions and 29 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

63
web.go
View File

@ -232,45 +232,50 @@ func handleDevice(c *gin.Context) {
} }
func handleCreatePassword(c *gin.Context) { func handleCreatePassword(c *gin.Context) {
LoadConfig() LoadConfig()
if config.HashedPassword != "" { if config.HashedPassword != "" {
c.JSON(http.StatusBadRequest, gin.H{"error": "Password already set"}) c.JSON(http.StatusBadRequest, gin.H{"error": "Password already set"})
return return
} }
// We only allow users with noPassword mode to set a new password // We only allow users with noPassword mode to set a new password
// Users with password mode are not allowed to set a new password without providing the old password // Users with password mode are not allowed to set a new password without providing the old password
// We have a PUT endpoint for changing the password, use that instead // We have a PUT endpoint for changing the password, use that instead
if config.LocalAuthMode != "noPassword" {
c.JSON(http.StatusBadRequest, gin.H{"error": "Password mode is not enabled"})
return
}
var req SetPasswordRequest if config.LocalAuthMode != "noPassword" {
if err := c.ShouldBindJSON(&req); err != nil || req.Password == "" { c.JSON(http.StatusBadRequest, gin.H{"error": "Password mode is not enabled"})
c.JSON(http.StatusBadRequest, gin.H{"error": "Invalid request"}) return
return }
}
hashedPassword, err := bcrypt.GenerateFromPassword([]byte(req.Password), bcrypt.DefaultCost) var req SetPasswordRequest
if err != nil { if err := c.ShouldBindJSON(&req); err != nil || req.Password == "" {
c.JSON(http.StatusInternalServerError, gin.H{"error": "Failed to hash password"}) c.JSON(http.StatusBadRequest, gin.H{"error": "Invalid request"})
return return
} }
config.HashedPassword = string(hashedPassword) truncatedPassword := req.Password
config.LocalAuthToken = uuid.New().String() if len(truncatedPassword) > 70 {
config.LocalAuthMode = "password" truncatedPassword = truncatedPassword[:70]
if err := SaveConfig(); err != nil { }
c.JSON(http.StatusInternalServerError, gin.H{"error": "Failed to save configuration"})
return
}
// Set the cookie hashedPassword, err := bcrypt.GenerateFromPassword([]byte(truncatedPassword), bcrypt.DefaultCost)
c.SetCookie("authToken", config.LocalAuthToken, 7*24*60*60, "/", "", false, true) if err != nil {
c.JSON(http.StatusInternalServerError, gin.H{"error": "Failed to hash password"})
return
}
c.JSON(http.StatusCreated, gin.H{"message": "Password set successfully"}) config.HashedPassword = string(hashedPassword)
config.LocalAuthToken = uuid.New().String()
config.LocalAuthMode = "password"
if err := SaveConfig(); err != nil {
c.JSON(http.StatusInternalServerError, gin.H{"error": "Failed to save configuration"})
return
}
c.SetCookie("authToken", config.LocalAuthToken, 7*24*60*60, "/", "", false, true)
c.JSON(http.StatusCreated, gin.H{"message": "Password set successfully"})
} }
func handleUpdatePassword(c *gin.Context) { func handleUpdatePassword(c *gin.Context) {