streamline authentication checking,

start on instance creation

Signed-off-by: Arthur Lu <learthurgo@gmail.com>
This commit is contained in:
Arthur Lu 2023-02-24 00:17:28 +00:00
parent 57668384cc
commit 295d096ed8

View File

@ -36,45 +36,45 @@ app.post("/api/disk/detach", async (req, res) => {
let vmpath = `/nodes/${req.body.node}/${req.body.type}/${req.body.vmid}`; let vmpath = `/nodes/${req.body.node}/${req.body.type}/${req.body.vmid}`;
let auth = await checkAuth(req.cookies, vmpath); let auth = await checkAuth(req.cookies, vmpath);
if (auth) { if (!auth) {
res.send({auth: auth});
return;
}
let method = req.body.type === "qemu" ? "POST" : "PUT"; let method = req.body.type === "qemu" ? "POST" : "PUT";
let result = await requestPVE(`${vmpath}/config`, method, req.cookies, req.body.action, pveAPIToken); let result = await requestPVE(`${vmpath}/config`, method, req.cookies, req.body.action, pveAPIToken);
result = await handleResponse(req.body.node, result); result = await handleResponse(req.body.node, result);
res.send({auth: auth, status: result.status, data: result.data.data}); res.send({auth: auth, status: result.status, data: result.data.data});
}
else {
res.send({auth: auth});
}
}); });
app.post("/api/disk/attach", async (req, res) => { app.post("/api/disk/attach", async (req, res) => {
let vmpath = `/nodes/${req.body.node}/${req.body.type}/${req.body.vmid}`; let vmpath = `/nodes/${req.body.node}/${req.body.type}/${req.body.vmid}`;
let auth = await checkAuth(req.cookies, vmpath); let auth = await checkAuth(req.cookies, vmpath);
if (auth) { if (!auth) {
res.send({auth: auth});
return;
}
let method = req.body.type === "qemu" ? "POST" : "PUT"; let method = req.body.type === "qemu" ? "POST" : "PUT";
let result = await requestPVE(`${vmpath}/config`, method, req.cookies, req.body.action, pveAPIToken); let result = await requestPVE(`${vmpath}/config`, method, req.cookies, req.body.action, pveAPIToken);
result = await handleResponse(req.body.node, result); result = await handleResponse(req.body.node, result);
res.send({auth: auth, status: result.status, data: result.data.data}); res.send({auth: auth, status: result.status, data: result.data.data});
}
else {
res.send({auth: auth});
}
}); });
app.post("/api/disk/resize", async (req, res) => { app.post("/api/disk/resize", async (req, res) => {
let vmpath = `/nodes/${req.body.node}/${req.body.type}/${req.body.vmid}`; let vmpath = `/nodes/${req.body.node}/${req.body.type}/${req.body.vmid}`;
let auth = await checkAuth(req.cookies, vmpath); let auth = await checkAuth(req.cookies, vmpath);
if (auth) { if (!auth) {
res.send({auth: auth});
return;
}
let method = "PUT"; let method = "PUT";
let result = await requestPVE(`${vmpath}/resize`, method, req.cookies, req.body.action, pveAPIToken); let result = await requestPVE(`${vmpath}/resize`, method, req.cookies, req.body.action, pveAPIToken);
result = await handleResponse(req.body.node, result); result = await handleResponse(req.body.node, result);
res.send({auth: auth, status: result.status, data: result.data.data}); res.send({auth: auth, status: result.status, data: result.data.data});
}
else {
res.send({auth: auth});
}
}); });
app.post("/api/disk/move", async (req, res) => { app.post("/api/disk/move", async (req, res) => {
@ -82,89 +82,92 @@ app.post("/api/disk/move", async (req, res) => {
let route = req.body.type === "qemu" ? "move_disk" : "move_volume"; let route = req.body.type === "qemu" ? "move_disk" : "move_volume";
let auth = await checkAuth(req.cookies, vmpath); let auth = await checkAuth(req.cookies, vmpath);
if (auth) { if (!auth) {
res.send({auth: auth});
return;
}
let method = "POST"; let method = "POST";
let result = await requestPVE(`${vmpath}/${route}`, method, req.cookies, req.body.action, pveAPIToken); let result = await requestPVE(`${vmpath}/${route}`, method, req.cookies, req.body.action, pveAPIToken);
result = await handleResponse(req.body.node, result); result = await handleResponse(req.body.node, result);
res.send({auth: auth, status: result.status, data: result.data.data}); res.send({auth: auth, status: result.status, data: result.data.data});
}
else {
res.send({auth: auth});
}
}); });
app.post("/api/disk/delete", async (req, res) => { app.post("/api/disk/delete", async (req, res) => {
let vmpath = `/nodes/${req.body.node}/${req.body.type}/${req.body.vmid}`; let vmpath = `/nodes/${req.body.node}/${req.body.type}/${req.body.vmid}`;
let auth = await checkAuth(req.cookies, vmpath); let auth = await checkAuth(req.cookies, vmpath);
if (auth) { if (!auth) {
res.send({auth: auth});
return;
}
let method = req.body.type === "qemu" ? "POST" : "PUT"; let method = req.body.type === "qemu" ? "POST" : "PUT";
let result = await requestPVE(`${vmpath}/config`, method, req.cookies, req.body.action, pveAPIToken); let result = await requestPVE(`${vmpath}/config`, method, req.cookies, req.body.action, pveAPIToken);
result = await handleResponse(req.body.node, result); result = await handleResponse(req.body.node, result);
res.send({auth: auth, status: result.status, data: result.data.data}); res.send({auth: auth, status: result.status, data: result.data.data});
}
else {
res.send({auth: auth});
}
}); });
app.post("/api/disk/create", async (req, res) => { app.post("/api/disk/create", async (req, res) => {
let vmpath = `/nodes/${req.body.node}/${req.body.type}/${req.body.vmid}`; let vmpath = `/nodes/${req.body.node}/${req.body.type}/${req.body.vmid}`;
let auth = await checkAuth(req.cookies, vmpath); let auth = await checkAuth(req.cookies, vmpath);
if (auth) { if (!auth) {
res.send({auth: auth});
return;
}
let method = req.body.type === "qemu" ? "POST" : "PUT"; let method = req.body.type === "qemu" ? "POST" : "PUT";
let result = await requestPVE(`${vmpath}/config`, method, req.cookies, req.body.action, pveAPIToken); let result = await requestPVE(`${vmpath}/config`, method, req.cookies, req.body.action, pveAPIToken);
result = await handleResponse(req.body.node, result); result = await handleResponse(req.body.node, result);
res.send({auth: auth, status: result.status, data: result.data.data}); res.send({auth: auth, status: result.status, data: result.data.data});
}
else {
res.send({auth: auth});
}
}); });
app.post("/api/resources", async (req, res) => { app.post("/api/resources", async (req, res) => {
let vmpath = `/nodes/${req.body.node}/${req.body.type}/${req.body.vmid}`; let vmpath = `/nodes/${req.body.node}/${req.body.type}/${req.body.vmid}`;
let auth = await checkAuth(req.cookies, vmpath); let auth = await checkAuth(req.cookies, vmpath);
if (auth) { if (!auth) {
res.send({auth: auth});
return;
}
let method = req.body.type === "qemu" ? "POST" : "PUT"; let method = req.body.type === "qemu" ? "POST" : "PUT";
action = JSON.stringify({cores: req.body.cores, memory: req.body.memory}); action = JSON.stringify({cores: req.body.cores, memory: req.body.memory});
let result = await requestPVE(`${vmpath}/config`, method, req.cookies, action, pveAPIToken); let result = await requestPVE(`${vmpath}/config`, method, req.cookies, action, pveAPIToken);
result = await handleResponse(req.body.node, result); result = await handleResponse(req.body.node, result);
res.send({auth: auth, status: result.status, data: result.data.data}); res.send({auth: auth, status: result.status, data: result.data.data});
}
else {
res.send({auth: auth});
}
}); });
//app.post("/api/instance", async (req, res) => {}); app.post("/api/instance", async (req, res) => {
let auth = await checkAuth(req.cookies);
if (!auth) {
res.send({auth: auth});
return;
}
// do stuff
});
app.delete("/api/instance", async (req, res) => { app.delete("/api/instance", async (req, res) => {
let vmpath = `/nodes/${req.body.node}/${req.body.type}/${req.body.vmid}`; let vmpath = `/nodes/${req.body.node}/${req.body.type}/${req.body.vmid}`;
let auth = await checkAuth(req.cookies, vmpath); let auth = await checkAuth(req.cookies, vmpath);
if (auth) { if (!auth) {
res.send({auth: auth});
return;
}
let result = await requestPVE(`${vmpath}`, "DELETE", req.cookies, null, pveAPIToken); let result = await requestPVE(`${vmpath}`, "DELETE", req.cookies, null, pveAPIToken);
result = await handleResponse(req.body.node, result); result = await handleResponse(req.body.node, result);
res.send({auth: auth, status: result.status, data: result.data.data}); res.send({auth: auth, status: result.status, data: result.data.data});
}
else {
res.send({auth: auth});
}
}); });
async function checkAuth (cookies, vmpath = null) { async function checkAuth (cookies, vmpath = null) {
if (vmpath) { if (vmpath) {
let result = await requestPVE(`/${vmpath}/config`, "GET", cookies); let result = await requestPVE(`/${vmpath}/config`, "GET", cookies);
if (result) {
return result.status === 200; return result.status === 200;
} }
else {
return false;
}
}
else { // if no path is specified, then do a simple authentication else { // if no path is specified, then do a simple authentication
let result = await requestPVE("/version", "GET", cookies); let result = await requestPVE("/version", "GET", cookies);
return result.status === 200; return result.status === 200;