diff --git a/server/server.js b/server/server.js index 440ac8d127..511d92d1d3 100644 --- a/server/server.js +++ b/server/server.js @@ -435,7 +435,7 @@ let needSetup = false; return; } - checkLogin(socket); + await checkLogin(socket); await doubleCheckPassword(socket.userID, currentPassword); let user = await R.findOne("user", " id = ? AND active = 1 ", [ @@ -484,7 +484,7 @@ let needSetup = false; return; } - checkLogin(socket); + await checkLogin(socket); await doubleCheckPassword(socket.userID, currentPassword); await R.exec("UPDATE `user` SET twofa_status = 1 WHERE id = ? ", [ @@ -516,7 +516,7 @@ let needSetup = false; return; } - checkLogin(socket); + await checkLogin(socket); await doubleCheckPassword(socket.userID, currentPassword); await TwoFA.disable2FA(socket.userID); @@ -539,7 +539,7 @@ let needSetup = false; socket.on("verifyToken", async (token, currentPassword, callback) => { try { - checkLogin(socket); + await checkLogin(socket); await doubleCheckPassword(socket.userID, currentPassword); let user = await R.findOne("user", " id = ? AND active = 1 ", [ @@ -571,7 +571,7 @@ let needSetup = false; socket.on("twoFAStatus", async (callback) => { try { - checkLogin(socket); + await checkLogin(socket); let user = await R.findOne("user", " id = ? AND active = 1 ", [ socket.userID, @@ -632,7 +632,7 @@ let needSetup = false; socket.on("getUsers", async callback => { try { - checkLogin(socket); + await checkLogin(socket); const users = await sendUserList(socket); @@ -650,7 +650,7 @@ let needSetup = false; socket.on("getUser", async (userID, callback) => { try { - checkLogin(socket); + await checkLogin(socket); const user = await getUser(userID); @@ -668,7 +668,7 @@ let needSetup = false; socket.on("saveUser", async (user, callback) => { try { - checkLogin(socket); + await checkLogin(socket); await saveUser(socket, user); await sendUserList(socket); @@ -688,7 +688,7 @@ let needSetup = false; // Add a new monitor socket.on("add", async (monitor, callback) => { try { - checkLogin(socket); + await checkLogin(socket); let bean = R.dispense("monitor"); let notificationIDList = monitor.notificationIDList; @@ -742,7 +742,7 @@ let needSetup = false; socket.on("editMonitor", async (monitor, callback) => { try { let removeGroupChildren = false; - checkLogin(socket); + await checkLogin(socket); let bean = await R.findOne("monitor", " id = ? ", [ monitor.id ]); @@ -868,7 +868,7 @@ let needSetup = false; socket.on("getMonitorList", async (callback) => { try { - checkLogin(socket); + await checkLogin(socket); await server.sendMonitorList(socket); callback({ ok: true, @@ -884,7 +884,7 @@ let needSetup = false; socket.on("getMonitor", async (monitorID, callback) => { try { - checkLogin(socket); + await checkLogin(socket); log.info("monitor", `Get Monitor: ${monitorID} User ID: ${socket.userID}`); @@ -905,7 +905,7 @@ let needSetup = false; socket.on("getMonitorBeats", async (monitorID, period, callback) => { try { - checkLogin(socket); + await checkLogin(socket); log.info("monitor", `Get Monitor Beats: ${monitorID} User ID: ${socket.userID}`); @@ -938,7 +938,7 @@ let needSetup = false; // Start or Resume the monitor socket.on("resumeMonitor", async (monitorID, callback) => { try { - checkLogin(socket); + await checkLogin(socket); await startMonitor(socket.userID, monitorID); await server.sendMonitorList(socket); @@ -957,7 +957,7 @@ let needSetup = false; socket.on("pauseMonitor", async (monitorID, callback) => { try { - checkLogin(socket); + await checkLogin(socket); await pauseMonitor(socket.userID, monitorID); await server.sendMonitorList(socket); @@ -976,7 +976,7 @@ let needSetup = false; socket.on("deleteMonitor", async (monitorID, callback) => { try { - checkLogin(socket); + await checkLogin(socket); log.info("manage", `Delete Monitor: ${monitorID} User ID: ${socket.userID}`); @@ -1015,7 +1015,7 @@ let needSetup = false; socket.on("getTags", async (callback) => { try { - checkLogin(socket); + await checkLogin(socket); const list = await R.findAll("tag"); @@ -1034,7 +1034,7 @@ let needSetup = false; socket.on("addTag", async (tag, callback) => { try { - checkLogin(socket); + await checkLogin(socket); let bean = R.dispense("tag"); bean.name = tag.name; @@ -1056,7 +1056,7 @@ let needSetup = false; socket.on("editTag", async (tag, callback) => { try { - checkLogin(socket); + await checkLogin(socket); let bean = await R.findOne("tag", " id = ? ", [ tag.id ]); if (bean == null) { @@ -1086,7 +1086,7 @@ let needSetup = false; socket.on("deleteTag", async (tagID, callback) => { try { - checkLogin(socket); + await checkLogin(socket); await R.exec("DELETE FROM tag WHERE id = ? ", [ tagID ]); @@ -1105,7 +1105,7 @@ let needSetup = false; socket.on("addMonitorTag", async (tagID, monitorID, value, callback) => { try { - checkLogin(socket); + await checkLogin(socket); await R.exec("INSERT INTO monitor_tag (tag_id, monitor_id, value) VALUES (?, ?, ?)", [ tagID, @@ -1128,7 +1128,7 @@ let needSetup = false; socket.on("editMonitorTag", async (tagID, monitorID, value, callback) => { try { - checkLogin(socket); + await checkLogin(socket); await R.exec("UPDATE monitor_tag SET value = ? WHERE tag_id = ? AND monitor_id = ?", [ value, @@ -1151,7 +1151,7 @@ let needSetup = false; socket.on("deleteMonitorTag", async (tagID, monitorID, value, callback) => { try { - checkLogin(socket); + await checkLogin(socket); await R.exec("DELETE FROM monitor_tag WHERE tag_id = ? AND monitor_id = ? AND value = ?", [ tagID, @@ -1177,7 +1177,7 @@ let needSetup = false; socket.on("changePassword", async (userID, password, callback) => { try { - checkLogin(socket); + await checkLogin(socket); if (! password.newPassword) { throw new Error("Invalid new password"); @@ -1205,7 +1205,7 @@ let needSetup = false; socket.on("getSettings", async (callback) => { try { - checkLogin(socket); + await checkLogin(socket); const data = await getSettings("general"); if (!data.serverTimezone) { @@ -1227,7 +1227,7 @@ let needSetup = false; socket.on("setSettings", async (data, currentPassword, callback) => { try { - checkLogin(socket); + await checkLogin(socket); // If currently is disabled auth, don't need to check // Disabled Auth + Want to Disable Auth => No Check @@ -1276,7 +1276,7 @@ let needSetup = false; // Add or Edit socket.on("addNotification", async (notification, notificationID, callback) => { try { - checkLogin(socket); + await checkLogin(socket); let notificationBean = await Notification.save(notification, notificationID, socket.userID); await sendNotificationList(socket); @@ -1297,7 +1297,7 @@ let needSetup = false; socket.on("deleteNotification", async (notificationID, callback) => { try { - checkLogin(socket); + await checkLogin(socket); await Notification.delete(notificationID, socket.userID); await sendNotificationList(socket); @@ -1317,7 +1317,7 @@ let needSetup = false; socket.on("testNotification", async (notification, callback) => { try { - checkLogin(socket); + await checkLogin(socket); let msg = await Notification.send(notification, notification.name + " Testing"); @@ -1338,7 +1338,7 @@ let needSetup = false; socket.on("checkApprise", async (callback) => { try { - checkLogin(socket); + await checkLogin(socket); callback(Notification.checkApprise()); } catch (e) { callback(false); @@ -1347,7 +1347,7 @@ let needSetup = false; socket.on("uploadBackup", async (uploadedJSON, importHandle, callback) => { try { - checkLogin(socket); + await checkLogin(socket); let backupData = JSON.parse(uploadedJSON); @@ -1552,7 +1552,7 @@ let needSetup = false; socket.on("clearEvents", async (monitorID, callback) => { try { - checkLogin(socket); + await checkLogin(socket); log.info("manage", `Clear Events Monitor: ${monitorID} User ID: ${socket.userID}`); @@ -1578,7 +1578,7 @@ let needSetup = false; socket.on("clearHeartbeats", async (monitorID, callback) => { try { - checkLogin(socket); + await checkLogin(socket); log.info("manage", `Clear Heartbeats Monitor: ${monitorID} User ID: ${socket.userID}`); @@ -1602,7 +1602,7 @@ let needSetup = false; socket.on("clearStatistics", async (callback) => { try { - checkLogin(socket); + await checkLogin(socket); log.info("manage", `Clear Statistics User ID: ${socket.userID}`); diff --git a/server/socket-handlers/api-key-socket-handler.js b/server/socket-handlers/api-key-socket-handler.js index 8e07df79e4..1aaa63c935 100644 --- a/server/socket-handlers/api-key-socket-handler.js +++ b/server/socket-handlers/api-key-socket-handler.js @@ -16,7 +16,7 @@ module.exports.apiKeySocketHandler = (socket) => { // Add a new api key socket.on("addAPIKey", async (key, callback) => { try { - checkLogin(socket); + await checkLogin(socket); let clearKey = nanoid(40); let hashedKey = passwordHash.generate(clearKey); @@ -52,7 +52,7 @@ module.exports.apiKeySocketHandler = (socket) => { socket.on("getAPIKeyList", async (callback) => { try { - checkLogin(socket); + await checkLogin(socket); await sendAPIKeyList(socket); callback({ ok: true, @@ -68,7 +68,7 @@ module.exports.apiKeySocketHandler = (socket) => { socket.on("deleteAPIKey", async (keyID, callback) => { try { - checkLogin(socket); + await checkLogin(socket); log.debug("apikeys", `Deleted API Key: ${keyID} User ID: ${socket.userID}`); @@ -93,7 +93,7 @@ module.exports.apiKeySocketHandler = (socket) => { socket.on("disableAPIKey", async (keyID, callback) => { try { - checkLogin(socket); + await checkLogin(socket); log.debug("apikeys", `Disabled Key: ${keyID} User ID: ${socket.userID}`); @@ -120,7 +120,7 @@ module.exports.apiKeySocketHandler = (socket) => { socket.on("enableAPIKey", async (keyID, callback) => { try { - checkLogin(socket); + await checkLogin(socket); log.debug("apikeys", `Enabled Key: ${keyID} User ID: ${socket.userID}`); diff --git a/server/socket-handlers/cloudflared-socket-handler.js b/server/socket-handlers/cloudflared-socket-handler.js index ee58e1ad08..b025b09cec 100644 --- a/server/socket-handlers/cloudflared-socket-handler.js +++ b/server/socket-handlers/cloudflared-socket-handler.js @@ -33,7 +33,7 @@ module.exports.cloudflaredSocketHandler = (socket) => { socket.on(prefix + "join", async () => { try { - checkLogin(socket); + await checkLogin(socket); socket.join("cloudflared"); io.to(socket.userID).emit(prefix + "installed", cloudflared.checkInstalled()); io.to(socket.userID).emit(prefix + "running", cloudflared.running); @@ -43,14 +43,14 @@ module.exports.cloudflaredSocketHandler = (socket) => { socket.on(prefix + "leave", async () => { try { - checkLogin(socket); + await checkLogin(socket); socket.leave("cloudflared"); } catch (error) { } }); socket.on(prefix + "start", async (token) => { try { - checkLogin(socket); + await checkLogin(socket); if (token && typeof token === "string") { await setSetting("cloudflaredTunnelToken", token); cloudflared.token = token; @@ -63,7 +63,7 @@ module.exports.cloudflaredSocketHandler = (socket) => { socket.on(prefix + "stop", async (currentPassword, callback) => { try { - checkLogin(socket); + await checkLogin(socket); const disabledAuth = await setting("disableAuth"); if (!disabledAuth) { await doubleCheckPassword(socket, currentPassword); @@ -79,7 +79,7 @@ module.exports.cloudflaredSocketHandler = (socket) => { socket.on(prefix + "removeToken", async () => { try { - checkLogin(socket); + await checkLogin(socket); await setSetting("cloudflaredTunnelToken", ""); } catch (error) { } }); diff --git a/server/socket-handlers/database-socket-handler.js b/server/socket-handlers/database-socket-handler.js index 041cbba069..044735aa4a 100644 --- a/server/socket-handlers/database-socket-handler.js +++ b/server/socket-handlers/database-socket-handler.js @@ -10,7 +10,7 @@ module.exports = (socket) => { // Post or edit incident socket.on("getDatabaseSize", async (callback) => { try { - checkLogin(socket); + await checkLogin(socket); callback({ ok: true, size: Database.getSize(), @@ -25,7 +25,7 @@ module.exports = (socket) => { socket.on("shrinkDatabase", async (callback) => { try { - checkLogin(socket); + await checkLogin(socket); Database.shrink(); callback({ ok: true, diff --git a/server/socket-handlers/docker-socket-handler.js b/server/socket-handlers/docker-socket-handler.js index 542f18cef6..16533b80c4 100644 --- a/server/socket-handlers/docker-socket-handler.js +++ b/server/socket-handlers/docker-socket-handler.js @@ -10,7 +10,7 @@ const { log } = require("../../src/util"); module.exports.dockerSocketHandler = (socket) => { socket.on("addDockerHost", async (dockerHost, dockerHostID, callback) => { try { - checkLogin(socket); + await checkLogin(socket); let dockerHostBean = await DockerHost.save(dockerHost, dockerHostID, socket.userID); await sendDockerHostList(socket); @@ -31,7 +31,7 @@ module.exports.dockerSocketHandler = (socket) => { socket.on("deleteDockerHost", async (dockerHostID, callback) => { try { - checkLogin(socket); + await checkLogin(socket); await DockerHost.delete(dockerHostID, socket.userID); await sendDockerHostList(socket); @@ -51,7 +51,7 @@ module.exports.dockerSocketHandler = (socket) => { socket.on("testDockerHost", async (dockerHost, callback) => { try { - checkLogin(socket); + await checkLogin(socket); let amount = await DockerHost.testDockerHost(dockerHost); let msg; diff --git a/server/socket-handlers/general-socket-handler.js b/server/socket-handlers/general-socket-handler.js index 2f0c63b412..8250baa00a 100644 --- a/server/socket-handlers/general-socket-handler.js +++ b/server/socket-handlers/general-socket-handler.js @@ -31,7 +31,7 @@ module.exports.generalSocketHandler = (socket, server) => { socket.on("initServerTimezone", async (timezone) => { try { - checkLogin(socket); + await checkLogin(socket); log.debug("generalSocketHandler", "Timezone: " + timezone); await Settings.set("initServerTimezone", true); await server.setTimezone(timezone); diff --git a/server/socket-handlers/maintenance-socket-handler.js b/server/socket-handlers/maintenance-socket-handler.js index f5c7fa83b4..cca7abaaa7 100644 --- a/server/socket-handlers/maintenance-socket-handler.js +++ b/server/socket-handlers/maintenance-socket-handler.js @@ -14,7 +14,7 @@ module.exports.maintenanceSocketHandler = (socket) => { // Add a new maintenance socket.on("addMaintenance", async (maintenance, callback) => { try { - checkLogin(socket); + await checkLogin(socket); log.debug("maintenance", maintenance); @@ -44,7 +44,7 @@ module.exports.maintenanceSocketHandler = (socket) => { // Edit a maintenance socket.on("editMaintenance", async (maintenance, callback) => { try { - checkLogin(socket); + await checkLogin(socket); let bean = server.getMaintenance(maintenance.id); @@ -71,7 +71,7 @@ module.exports.maintenanceSocketHandler = (socket) => { // Add a new monitor_maintenance socket.on("addMonitorMaintenance", async (maintenanceID, monitors, callback) => { try { - checkLogin(socket); + await checkLogin(socket); await R.exec("DELETE FROM monitor_maintenance WHERE maintenance_id = ?", [ maintenanceID @@ -105,7 +105,7 @@ module.exports.maintenanceSocketHandler = (socket) => { // Add a new monitor_maintenance socket.on("addMaintenanceStatusPage", async (maintenanceID, statusPages, callback) => { try { - checkLogin(socket); + await checkLogin(socket); await R.exec("DELETE FROM maintenance_status_page WHERE maintenance_id = ?", [ maintenanceID @@ -138,7 +138,7 @@ module.exports.maintenanceSocketHandler = (socket) => { socket.on("getMaintenance", async (maintenanceID, callback) => { try { - checkLogin(socket); + await checkLogin(socket); log.debug("maintenance", `Get Maintenance: ${maintenanceID} User ID: ${socket.userID}`); @@ -159,7 +159,7 @@ module.exports.maintenanceSocketHandler = (socket) => { socket.on("getMaintenanceList", async (callback) => { try { - checkLogin(socket); + await checkLogin(socket); await server.sendMaintenanceList(socket); callback({ ok: true, @@ -175,7 +175,7 @@ module.exports.maintenanceSocketHandler = (socket) => { socket.on("getMonitorMaintenance", async (maintenanceID, callback) => { try { - checkLogin(socket); + await checkLogin(socket); log.debug("maintenance", `Get Monitors for Maintenance: ${maintenanceID} User ID: ${socket.userID}`); @@ -199,7 +199,7 @@ module.exports.maintenanceSocketHandler = (socket) => { socket.on("getMaintenanceStatusPage", async (maintenanceID, callback) => { try { - checkLogin(socket); + await checkLogin(socket); log.debug("maintenance", `Get Status Pages for Maintenance: ${maintenanceID} User ID: ${socket.userID}`); @@ -223,7 +223,7 @@ module.exports.maintenanceSocketHandler = (socket) => { socket.on("deleteMaintenance", async (maintenanceID, callback) => { try { - checkLogin(socket); + await checkLogin(socket); log.debug("maintenance", `Delete Maintenance: ${maintenanceID} User ID: ${socket.userID}`); @@ -253,7 +253,7 @@ module.exports.maintenanceSocketHandler = (socket) => { socket.on("pauseMaintenance", async (maintenanceID, callback) => { try { - checkLogin(socket); + await checkLogin(socket); log.debug("maintenance", `Pause Maintenance: ${maintenanceID} User ID: ${socket.userID}`); @@ -286,7 +286,7 @@ module.exports.maintenanceSocketHandler = (socket) => { socket.on("resumeMaintenance", async (maintenanceID, callback) => { try { - checkLogin(socket); + await checkLogin(socket); log.debug("maintenance", `Resume Maintenance: ${maintenanceID} User ID: ${socket.userID}`); diff --git a/server/socket-handlers/proxy-socket-handler.js b/server/socket-handlers/proxy-socket-handler.js index e67a829ff9..b04565dc2b 100644 --- a/server/socket-handlers/proxy-socket-handler.js +++ b/server/socket-handlers/proxy-socket-handler.js @@ -11,7 +11,7 @@ const server = UptimeKumaServer.getInstance(); module.exports.proxySocketHandler = (socket) => { socket.on("addProxy", async (proxy, proxyID, callback) => { try { - checkLogin(socket); + await checkLogin(socket); const proxyBean = await Proxy.save(proxy, proxyID, socket.userID); await sendProxyList(socket); @@ -37,7 +37,7 @@ module.exports.proxySocketHandler = (socket) => { socket.on("deleteProxy", async (proxyID, callback) => { try { - checkLogin(socket); + await checkLogin(socket); await Proxy.delete(proxyID, socket.userID); await sendProxyList(socket); diff --git a/server/socket-handlers/status-page-socket-handler.js b/server/socket-handlers/status-page-socket-handler.js index eba40daecd..c14d511340 100644 --- a/server/socket-handlers/status-page-socket-handler.js +++ b/server/socket-handlers/status-page-socket-handler.js @@ -17,7 +17,7 @@ module.exports.statusPageSocketHandler = (socket) => { // Post or edit incident socket.on("postIncident", async (slug, incident, callback) => { try { - checkLogin(socket); + await checkLogin(socket); let statusPageID = await StatusPage.slugToID(slug); @@ -70,7 +70,7 @@ module.exports.statusPageSocketHandler = (socket) => { socket.on("unpinIncident", async (slug, callback) => { try { - checkLogin(socket); + await checkLogin(socket); let statusPageID = await StatusPage.slugToID(slug); @@ -91,7 +91,7 @@ module.exports.statusPageSocketHandler = (socket) => { socket.on("getStatusPage", async (slug, callback) => { try { - checkLogin(socket); + await checkLogin(socket); let statusPage = await R.findOne("status_page", " slug = ? ", [ slug @@ -117,7 +117,7 @@ module.exports.statusPageSocketHandler = (socket) => { // imgDataUrl Only Accept PNG! socket.on("saveStatusPage", async (slug, config, imgDataUrl, publicGroupList, callback) => { try { - checkLogin(socket); + await checkLogin(socket); // Save Config let statusPage = await R.findOne("status_page", " slug = ? ", [ @@ -254,7 +254,7 @@ module.exports.statusPageSocketHandler = (socket) => { // Add a new status page socket.on("addStatusPage", async (title, slug, callback) => { try { - checkLogin(socket); + await checkLogin(socket); title = title?.trim(); slug = slug?.trim(); @@ -300,7 +300,7 @@ module.exports.statusPageSocketHandler = (socket) => { const server = UptimeKumaServer.getInstance(); try { - checkLogin(socket); + await checkLogin(socket); let statusPageID = await StatusPage.slugToID(slug); diff --git a/server/util-server.js b/server/util-server.js index d6366a379c..e2d652232f 100644 --- a/server/util-server.js +++ b/server/util-server.js @@ -802,8 +802,10 @@ exports.allowAllOrigin = (res) => { * Check if a user is logged in * @param {Socket} socket Socket instance */ -exports.checkLogin = (socket) => { - if (!socket.userID) { +exports.checkLogin = async (socket) => { + const user = await R.findOne("user", " id = ? AND active = 1 ", [ socket.userID ]); + + if (!user) { throw new Error("You are not logged in."); } };