From fdbb49de33a37d6bbfebbdee372a68198c4938af Mon Sep 17 00:00:00 2001 From: wh1te909 Date: Fri, 13 Dec 2019 23:31:54 +0000 Subject: [PATCH] switch to login token auth for meshcentral --- api/djangormm/agents/views.py | 25 +++++++++++++++---- .../djangormm/local_settings.py.example | 1 - api/djangormm/djangormm/settings.py | 1 - install.sh | 3 --- 4 files changed, 20 insertions(+), 10 deletions(-) diff --git a/api/djangormm/agents/views.py b/api/djangormm/agents/views.py index 3b932358..120d2465 100644 --- a/api/djangormm/agents/views.py +++ b/api/djangormm/agents/views.py @@ -1,4 +1,5 @@ from loguru import logger +import subprocess from django.conf import settings from django.shortcuts import get_object_or_404 @@ -110,9 +111,16 @@ def edit_agent(request): @api_view() def meshcentral_tabs(request, pk): agent = get_object_or_404(Agent, pk=pk) - node = agent.mesh_node_id - terminalurl = f"{settings.MESH_SITE}/?user={settings.MESH_USERNAME}&pass={settings.MESH_PASSWORD}&node={node}&viewmode=12&hide=31" - fileurl = f"{settings.MESH_SITE}/?user={settings.MESH_USERNAME}&pass={settings.MESH_PASSWORD}&node={node}&viewmode=13&hide=31" + r = subprocess.run([ + "node", + "/meshcentral/node_modules/meshcentral/meshcentral", + "--logintoken", + f"user//{settings.MESH_USERNAME}"], + capture_output=True + ) + token = r.stdout.decode().splitlines()[0] + terminalurl = f"{settings.MESH_SITE}/?viewmode=12&hide=31&login={token}&node={agent.mesh_node_id}" + fileurl = f"{settings.MESH_SITE}/?viewmode=13&hide=31&login={token}&node={agent.mesh_node_id}" return Response({ "hostname": agent.hostname, "terminalurl": terminalurl, @@ -123,8 +131,15 @@ def meshcentral_tabs(request, pk): @api_view() def take_control(request, pk): agent = get_object_or_404(Agent, pk=pk) - node = agent.mesh_node_id - url = f"{settings.MESH_SITE}/?user={settings.MESH_USERNAME}&pass={settings.MESH_PASSWORD}&node={node}&viewmode=11&hide=31" + r = subprocess.run([ + "node", + "/meshcentral/node_modules/meshcentral/meshcentral", + "--logintoken", + f"user//{settings.MESH_USERNAME}"], + capture_output=True + ) + token = r.stdout.decode().splitlines()[0] + url = f"{settings.MESH_SITE}/?viewmode=11&hide=31&login={token}&node={agent.mesh_node_id}" return Response(url) diff --git a/api/djangormm/djangormm/local_settings.py.example b/api/djangormm/djangormm/local_settings.py.example index 88268c65..1619f3d9 100644 --- a/api/djangormm/djangormm/local_settings.py.example +++ b/api/djangormm/djangormm/local_settings.py.example @@ -45,6 +45,5 @@ EMAIL_ALERT_RECIPIENTS = ["example@gmail.com",] SALT_USERNAME = "changeme" SALT_PASSWORD = "changeme" MESH_USERNAME = "changeme" -MESH_PASSWORD = "changeme" MESH_SITE = "https://mesh.example.com" TWO_FACTOR_OTP = "changeme" \ No newline at end of file diff --git a/api/djangormm/djangormm/settings.py b/api/djangormm/djangormm/settings.py index f6bbabae..9f32d551 100644 --- a/api/djangormm/djangormm/settings.py +++ b/api/djangormm/djangormm/settings.py @@ -149,6 +149,5 @@ if 'TRAVIS' in os.environ: SALT_USERNAME = "travis" SALT_PASSWORD = "travis" MESH_USERNAME = "travis" - MESH_PASSWORD = "travis" MESH_SITE = "https://example.com" TWO_FACTOR_OTP = "TRAVIS" \ No newline at end of file diff --git a/install.sh b/install.sh index c6e02986..bf7e5563 100755 --- a/install.sh +++ b/install.sh @@ -42,8 +42,6 @@ echo -ne "${YELLOW}Enter the domain for meshcentral${NC}: " read meshdomain echo -ne "${YELLOW}Enter your username for meshcentral${NC}: " read meshusername -echo -ne "${YELLOW}Enter your password for meshcentral${NC}: " -read meshpassword echo -ne "${YELLOW}Enter your email address for let's encrypt renewal notifications${NC}: " read letsemail echo -ne "${YELLOW}Please use google authenticator and enter TOTP code${NC}: " @@ -311,7 +309,6 @@ EMAIL_ALERT_RECIPIENTS = ["jsmith@example.com",] SALT_USERNAME = "${USER}" SALT_PASSWORD = "${linuxpw}" MESH_USERNAME = "${meshusername}" -MESH_PASSWORD = "${meshpassword}" MESH_SITE = "https://${meshdomain}" TWO_FACTOR_OTP = "${twofactor}" EOF