From d17aeb5a4777910be9b643017bdcae0acb60e472 Mon Sep 17 00:00:00 2001 From: Yann Stepienik Date: Tue, 9 May 2023 17:03:16 +0100 Subject: [PATCH] [release] version 0.4.1 fix issue with UI and HTTP login --- changelog.md | 11 +++++++++++ client/src/pages/config/routes/routeSecurity.jsx | 8 ++++---- client/src/pages/servapps/exposeModal.jsx | 12 +++++++----- client/src/pages/servapps/servapps.jsx | 2 +- package.json | 2 +- src/newInstall.go | 2 +- src/user/token.go | 7 +++---- 7 files changed, 28 insertions(+), 16 deletions(-) diff --git a/changelog.md b/changelog.md index ba3eed2..c9b63fe 100644 --- a/changelog.md +++ b/changelog.md @@ -1,3 +1,7 @@ +## Version 0.4.1 + - Fix small UI issues + - Fix HTTP login + ## Version 0.4.0 - Protect server against direct IP access - Improvements to installer to make it more robust @@ -12,6 +16,13 @@ - (De)Attach networks to containers - (De)Attach volumes to containers +## Version 0.3.1 -> 0.3.5 + - Fix UI issue with long name in home + - Fix ARM docker image + - Add more validation for Let's Encrypt + - Prevent browser from auto-filling password in config page + - Revert to HTTP when Let's Encrypt fails to initialize + ## Version 0.3.0 - Implement 2 FA - Implement SMTP to Send Email (password reset / invites) diff --git a/client/src/pages/config/routes/routeSecurity.jsx b/client/src/pages/config/routes/routeSecurity.jsx index c0fa2ee..a6c8f52 100644 --- a/client/src/pages/config/routes/routeSecurity.jsx +++ b/client/src/pages/config/routes/routeSecurity.jsx @@ -167,12 +167,12 @@ const RouteSecurity = ({ routeConfig }) => { diff --git a/client/src/pages/servapps/exposeModal.jsx b/client/src/pages/servapps/exposeModal.jsx index 1bf6c7f..23df045 100644 --- a/client/src/pages/servapps/exposeModal.jsx +++ b/client/src/pages/servapps/exposeModal.jsx @@ -16,10 +16,7 @@ const ExposeModal = ({ openModal, setOpenModal, config, updateRoutes, container let containerName = openModal && (openModal.Names[0]); const hasCosmosNetwork = () => { - return container && container.NetworkSettings.Networks && Object.keys(container.NetworkSettings.Networks).some((network) => { - if(network.startsWith('cosmos-network')) - return true; - }) + return container && container.Labels["cosmos-force-network-secured"] === "true"; } return setOpenModal(false)}> @@ -32,7 +29,12 @@ const ExposeModal = ({ openModal, setOpenModal, config, updateRoutes, container Welcome to the URL Wizard. This interface will help you expose your ServApp securely to the internet by creating a new URL.
- {openModal && !hasCosmosNetwork(containerName) && This ServApp does not appear to be connected to a Cosmos Network, so the hostname might not be accessible. The easiest way to fix this is to check the box "Force Secure Network" or manually create a sub-network in Docker.} + {openModal && !hasCosmosNetwork(containerName) && + + This ServApp does not use the "Force Secure" option, + so the hostname might not be accessible. + The easiest way to fix this is to check the box "Force Secure Network" or manually create a hostname and sub-network in Docker. + }
{ openModal={openModal} setOpenModal={setOpenModal} container={serveApps.find((app) => { - return app.Names[0].replace('/', '') === openModal && openModal.Names[0].replace('/', ''); + return app.Names[0].replace('/', '') === (openModal && openModal.Names[0].replace('/', '')); })} config={config} updateRoutes={ diff --git a/package.json b/package.json index 1119f9d..ffa1980 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "cosmos-server", - "version": "0.4.0", + "version": "0.4.1", "description": "", "main": "test-server.js", "bugs": { diff --git a/src/newInstall.go b/src/newInstall.go index 5b85ac3..268ace2 100644 --- a/src/newInstall.go +++ b/src/newInstall.go @@ -80,7 +80,7 @@ func NewInstallRoute(w http.ResponseWriter, req *http.Request) { newConfig.MongoDB = request.MongoDB utils.SaveConfigTofile(newConfig) utils.LoadBaseMainConfig(newConfig) - } else if (request.MongoDBMode == "Create"){ + } else if (request.MongoDBMode == "Create") { utils.Log("NewInstall: Create DB") newConfig.DisableUserManagement = false strco, err := docker.NewDB() diff --git a/src/user/token.go b/src/user/token.go index 5d537c2..bbb6a27 100644 --- a/src/user/token.go +++ b/src/user/token.go @@ -158,13 +158,14 @@ func GetUserR(req *http.Request) (string, string) { return req.Header.Get("x-cosmos-user"), req.Header.Get("x-cosmos-role") } + func logOutUser(w http.ResponseWriter) { cookie := http.Cookie{ Name: "jwttoken", Value: "", Expires: time.Now().Add(-time.Hour * 24 * 365), Path: "/", - Secure: true, + Secure: utils.IsHTTPS, HttpOnly: true, Domain: utils.GetMainConfig().HTTPConfig.Hostname, } @@ -219,13 +220,12 @@ func SendUserToken(w http.ResponseWriter, user utils.User, mfaDone bool) { return } - cookie := http.Cookie{ Name: "jwttoken", Value: tokenString, Expires: expiration, Path: "/", - Secure: true, + Secure: utils.IsHTTPS, HttpOnly: true, Domain: utils.GetMainConfig().HTTPConfig.Hostname, } @@ -235,5 +235,4 @@ func SendUserToken(w http.ResponseWriter, user utils.User, mfaDone bool) { } http.SetCookie(w, &cookie) - // http.SetCookie(w, &cookie2) } \ No newline at end of file