mirror of
https://github.com/Ravinou/borgwarehouse
synced 2024-05-06 15:46:39 +02:00
commit
aa8ada68d9
|
@ -38,7 +38,7 @@ export default function Nav() {
|
|||
<div>
|
||||
<IconUser size={28} />
|
||||
</div>
|
||||
<div>
|
||||
<div className={classes.username}>
|
||||
{status === 'authenticated' && data.user.name}
|
||||
</div>
|
||||
</div>
|
||||
|
|
|
@ -10,6 +10,10 @@
|
|||
align-items: center;
|
||||
}
|
||||
|
||||
.username::first-letter {
|
||||
text-transform: capitalize;
|
||||
}
|
||||
|
||||
.account {
|
||||
background: none;
|
||||
border: none;
|
||||
|
|
|
@ -36,7 +36,7 @@ RUN apt-get update && apt-get install -y \
|
|||
|
||||
RUN groupadd -g ${GID} borgwarehouse && useradd -m -u ${UID} -g ${GID} borgwarehouse
|
||||
|
||||
RUN cp /etc/ssh/sshd_config /etc/ssh/moduli /home/borgwarehouse/
|
||||
RUN cp /etc/ssh/moduli /home/borgwarehouse/
|
||||
|
||||
WORKDIR /home/borgwarehouse/app
|
||||
|
||||
|
@ -47,6 +47,7 @@ COPY --from=builder --chown=borgwarehouse:borgwarehouse /app/public ./public
|
|||
COPY --from=builder --chown=borgwarehouse:borgwarehouse /app/.next/static ./.next/static
|
||||
COPY --from=builder --chown=borgwarehouse:borgwarehouse /app/docker/supervisord.conf ./
|
||||
COPY --from=builder --chown=borgwarehouse:borgwarehouse /app/docker/rsyslog.conf /etc/rsyslog.conf
|
||||
COPY --from=builder --chown=borgwarehouse:borgwarehouse /app/docker/sshd_config ./
|
||||
|
||||
USER borgwarehouse
|
||||
|
||||
|
|
|
@ -17,7 +17,11 @@ init_ssh_server() {
|
|||
if [ -z "$(ls -A /etc/ssh)" ]; then
|
||||
print_green "/etc/ssh is empty, generating SSH host keys..."
|
||||
ssh-keygen -A
|
||||
cp /home/borgwarehouse/sshd_config /home/borgwarehouse/moduli /etc/ssh/
|
||||
cp /home/borgwarehouse/moduli /etc/ssh/
|
||||
fi
|
||||
if [ ! -f "/etc/ssh/sshd_config" ]; then
|
||||
print_green "sshd_config not found in your volume, copying the default one..."
|
||||
cp /home/borgwarehouse/app/sshd_config /etc/ssh/
|
||||
fi
|
||||
}
|
||||
|
||||
|
|
32
docker/sshd_config
Normal file
32
docker/sshd_config
Normal file
|
@ -0,0 +1,32 @@
|
|||
Port 22
|
||||
PidFile /home/borgwarehouse/tmp/sshd.pid
|
||||
AllowUsers borgwarehouse
|
||||
LogLevel INFO
|
||||
SyslogFacility AUTH
|
||||
|
||||
# Security
|
||||
Protocol 2
|
||||
PermitRootLogin no
|
||||
PasswordAuthentication no
|
||||
ChallengeResponseAuthentication no
|
||||
AuthenticationMethods publickey
|
||||
MaxAuthTries 2
|
||||
MaxStartups 2:30:10
|
||||
LoginGraceTime 30
|
||||
UsePAM no
|
||||
|
||||
# Useless options for BorgWarehouse
|
||||
PrintMotd no
|
||||
UseDNS no
|
||||
AllowTcpForwarding no
|
||||
X11Forwarding no
|
||||
PermitTTY no
|
||||
|
||||
# Ciphers
|
||||
Ciphers aes256-ctr,aes192-ctr,aes128-ctr
|
||||
MACs hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com
|
||||
|
||||
# With low bandwidth or huge backup, uncomment the following lines to avoid SSH timeout (Broken pipe).
|
||||
#ClientAliveInterval 600
|
||||
#ClientAliveCountMax 0
|
||||
|
|
@ -7,7 +7,7 @@ logfile_maxbytes=10MB
|
|||
logfile_backups=5
|
||||
|
||||
[program:sshd]
|
||||
command=/usr/sbin/sshd -D -e -o PidFile=/home/borgwarehouse/tmp/sshd.pid -o SyslogFacility=AUTH -o LogLevel=INFO -o PasswordAuthentication=no -o ChallengeResponseAuthentication=no -o UsePAM=no -o PermitRootLogin=no
|
||||
command=/usr/sbin/sshd -D -e -f /etc/ssh/sshd_config
|
||||
stdout_logfile=/home/borgwarehouse/tmp/sshd.log
|
||||
stdout_logfile_maxbytes=10MB
|
||||
stdout_logfile_backups=5
|
||||
|
|
4
package-lock.json
generated
4
package-lock.json
generated
|
@ -1,12 +1,12 @@
|
|||
{
|
||||
"name": "borgwarehouse",
|
||||
"version": "2.1.0",
|
||||
"version": "2.2.0",
|
||||
"lockfileVersion": 3,
|
||||
"requires": true,
|
||||
"packages": {
|
||||
"": {
|
||||
"name": "borgwarehouse",
|
||||
"version": "2.1.0",
|
||||
"version": "2.2.0",
|
||||
"dependencies": {
|
||||
"@tabler/icons-react": "^2.47.0",
|
||||
"bcryptjs": "^2.4.3",
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
{
|
||||
"name": "borgwarehouse",
|
||||
"version": "2.1.0",
|
||||
"version": "2.2.0",
|
||||
"private": true,
|
||||
"scripts": {
|
||||
"dev": "next dev",
|
||||
|
|
|
@ -5,11 +5,20 @@ import { verifyPassword } from '../../../helpers/functions/auth';
|
|||
import fs from 'fs';
|
||||
import path from 'path';
|
||||
|
||||
const logLogin = async (message, req, success = false) => {
|
||||
const ipAddress = req.headers['x-forwarded-for'] || 'unknown';
|
||||
if (success) {
|
||||
console.log(`Login success from ${ipAddress} with user ${message}`);
|
||||
} else {
|
||||
console.log(`Login failed from ${ipAddress} : ${message}`);
|
||||
}
|
||||
};
|
||||
|
||||
////Use if need getServerSideProps and therefore getServerSession
|
||||
export const authOptions = {
|
||||
providers: [
|
||||
CredentialsProvider({
|
||||
async authorize(credentials) {
|
||||
async authorize(credentials, req) {
|
||||
const { username, password } = credentials;
|
||||
//Read the users file
|
||||
//Find the absolute path of the json directory
|
||||
|
@ -42,8 +51,9 @@ export const authOptions = {
|
|||
//Step 1 : does the user exist ?
|
||||
const userIndex = usersList
|
||||
.map((user) => user.username)
|
||||
.indexOf(username);
|
||||
.indexOf(username.toLowerCase());
|
||||
if (userIndex === -1) {
|
||||
await logLogin(`Bad username ${req.body.username}`, req);
|
||||
throw new Error('Incorrect credentials.');
|
||||
}
|
||||
const user = usersList[userIndex];
|
||||
|
@ -51,6 +61,10 @@ export const authOptions = {
|
|||
//Step 2 : Is the password correct ?
|
||||
const isValid = await verifyPassword(password, user.password);
|
||||
if (!isValid) {
|
||||
await logLogin(
|
||||
`Wrong password for ${req.body.username}`,
|
||||
req
|
||||
);
|
||||
throw new Error('Incorrect credentials.');
|
||||
}
|
||||
|
||||
|
@ -62,6 +76,7 @@ export const authOptions = {
|
|||
roles: user.roles,
|
||||
};
|
||||
|
||||
await logLogin(req.body.username, req, true);
|
||||
return account;
|
||||
},
|
||||
}),
|
||||
|
|
|
@ -99,33 +99,24 @@ export default function Login() {
|
|||
placeholder='Username'
|
||||
className='signInInput'
|
||||
{...register('username', {
|
||||
required: true,
|
||||
required: 'This field is required.',
|
||||
pattern: {
|
||||
value: /^[^\s]+$/g,
|
||||
message: 'No space allowed.',
|
||||
},
|
||||
})}
|
||||
/>
|
||||
{errors.email &&
|
||||
errors.email.type === 'required' && (
|
||||
<small
|
||||
style={{
|
||||
color: 'red',
|
||||
display: 'block',
|
||||
marginTop: '3px',
|
||||
}}
|
||||
>
|
||||
This field is required.
|
||||
</small>
|
||||
)}
|
||||
{errors.email &&
|
||||
errors.email.type === 'pattern' && (
|
||||
<small
|
||||
style={{
|
||||
color: 'red',
|
||||
display: 'block',
|
||||
marginTop: '3px',
|
||||
}}
|
||||
>
|
||||
Incorrect email address format.
|
||||
</small>
|
||||
)}
|
||||
{errors.username && (
|
||||
<small
|
||||
style={{
|
||||
color: 'red',
|
||||
display: 'block',
|
||||
marginTop: '3px',
|
||||
}}
|
||||
>
|
||||
{errors.username.message}
|
||||
</small>
|
||||
)}
|
||||
</p>
|
||||
<p>
|
||||
<input
|
||||
|
@ -133,7 +124,7 @@ export default function Login() {
|
|||
placeholder='Password'
|
||||
className='signInInput'
|
||||
{...register('password', {
|
||||
required: true,
|
||||
required: 'This field is required.',
|
||||
})}
|
||||
/>
|
||||
{errors.password && (
|
||||
|
@ -144,7 +135,7 @@ export default function Login() {
|
|||
marginTop: '3px',
|
||||
}}
|
||||
>
|
||||
This field is required.
|
||||
{errors.password.message}
|
||||
</small>
|
||||
)}
|
||||
</p>
|
||||
|
|
Loading…
Reference in a new issue