Use authentication for websockets

2022-08-12 15:17:52 -04:00 · 2022-08-12 15:17:52 -04:00 · 0170c43916
parent ec3c2c9d5c
commit 0170c43916
9 changed files with 9 additions and 7 deletions
--- a/scripts/deploy_armagetron_advanced.sh
+++ b/scripts/deploy_armagetron_advanced.sh
@ -12,7 +12,7 @@ mkdir -p /etc/systemd/system/armagetronad-dedicated.service.d
 cat > /etc/systemd/system/armagetronad-dedicated.service.d/override.conf <<EOF
 [Service]
 ExecStart=
-ExecStart=/usr/bin/console2web -p 62551 /usr/games/armagetronad-dedicated.real --datadir /usr/share/games/armagetronad --configdir /etc/armagetronad --userdatadir /var/games/armagetronad
+ExecStart=/usr/bin/console2web -a "${systempassword}" -p 62551 /usr/games/armagetronad-dedicated.real --datadir /usr/share/games/armagetronad --configdir /etc/armagetronad --userdatadir /var/games/armagetronad
 EOF
 systemctl daemon-reload

--- a/scripts/deploy_bzflag.sh
+++ b/scripts/deploy_bzflag.sh
@ -50,7 +50,7 @@ After=bzflag.service
 Requires=bzflag.service

 [Service]
-ExecStart=/usr/bin/console2web -p 62553 /usr/games/bzadmin admin@localhost -ui stdboth "/password ${systempassword}"
+ExecStart=/usr/bin/console2web -a "${systempassword}" -p 62553 /usr/games/bzadmin admin@localhost -ui stdboth "/password ${systempassword}"
 Restart=on-failure
 User=${systemuser}

--- a/scripts/deploy_mindustry.sh
+++ b/scripts/deploy_mindustry.sh
@ -22,7 +22,7 @@ After=network.target

 [Service]
 WorkingDirectory=/var/lib/mindustry
-ExecStart=/usr/bin/console2web -p 62548 /usr/lib/jvm/java-11-openjdk-amd64/bin/java -jar /opt/mindustry-${mindustry_version}/mindustry.jar "config autosave true","config autosaveSpacing 120","host"
+ExecStart=/usr/bin/console2web -a "${systempassword}" -p 62548 /usr/lib/jvm/java-11-openjdk-amd64/bin/java -jar /opt/mindustry-${mindustry_version}/mindustry.jar "config autosave true","config autosaveSpacing 120","host"
 Restart=on-failure
 User=${systemuser}

--- a/scripts/deploy_teeworlds.sh
+++ b/scripts/deploy_teeworlds.sh
@ -76,7 +76,7 @@ Requires=teeworlds.service
 Conflicts=teeworlds-ddrace-rcon.service

 [Service]
-ExecStart=/usr/bin/console2web -p 62552 -b "${systempassword}" telnet localhost 8123
+ExecStart=/usr/bin/console2web -a "${systempassword}" -p 62552 -b "${systempassword}" telnet localhost 8123
 Restart=on-failure
 User=${systemuser}

--- a/scripts/deploy_unvanquished.sh
+++ b/scripts/deploy_unvanquished.sh
@ -46,7 +46,7 @@ Description=Unvanquished server
 After=network.target

 [Service]
-ExecStart=/usr/bin/console2web -p 62549 ${unvanquished_directory}/bin/daemonded -pakpath ${unvanquished_directory}/share/pkg/ -libpath ${unvanquished_directory}/bin/ -homepath \${HOME}/unvanquished_home/ +exec unvanquished.cfg
+ExecStart=/usr/bin/console2web -a "${systempassword}" -p 62549 ${unvanquished_directory}/bin/daemonded -pakpath ${unvanquished_directory}/share/pkg/ -libpath ${unvanquished_directory}/bin/ -homepath \${HOME}/unvanquished_home/ +exec unvanquished.cfg
 Restart=on-failure
 User=${systemuser}

--- a/scripts/deploy_webserver.sh
+++ b/scripts/deploy_webserver.sh
@ -32,6 +32,7 @@ if [ x"$NOSSL" != "x" ] && [ $NOSSL -eq 1 ]; then
    sed -i $file -e s/"https:"/"http:"/g
  done
 fi
+sed -i /var/www/html/js/consoles.js -e s/"MD5GAMEPASSWORD"/"$(echo -n "${systempassword}" | md5sum | cut -d' ' -f1)"/g

 # Patch the NGINX configuration for the web sockets
 cp /etc/nginx/sites-available/default /etc/nginx/sites-available/default.bak
--- a/scripts/deploy_xonotic-br.sh
+++ b/scripts/deploy_xonotic-br.sh
@ -48,7 +48,7 @@ Conflicts=xonotic.service

 [Service]
 WorkingDirectory=${xonotic_directory}
-ExecStart=/usr/bin/console2web -p 62550 ${xonotic_directory}/all run dedicated +serverconfig server.cfg -userdir ${systemuserhome}/xonotic-br
+ExecStart=/usr/bin/console2web -a "${systempassword}" -p 62550 ${xonotic_directory}/all run dedicated +serverconfig server.cfg -userdir ${systemuserhome}/xonotic-br
 Restart=on-failure
 User=${systemuser}

--- a/scripts/deploy_xonotic.sh
+++ b/scripts/deploy_xonotic.sh
@ -45,7 +45,7 @@ Conflicts=xonotic-br.service

 [Service]
 WorkingDirectory=${xonotic_directory}/Xonotic
-ExecStart=/usr/bin/console2web -p 62550 ${xonotic_directory}/Xonotic/xonotic-linux64-dedicated +serverconfig server.cfg -userdir ${systemuserhome}/xonotic
+ExecStart=/usr/bin/console2web -a "${systempassword}" -p 62550 ${xonotic_directory}/Xonotic/xonotic-linux64-dedicated +serverconfig server.cfg -userdir ${systemuserhome}/xonotic
 Restart=on-failure
 User=${systemuser}

--- a/website/js/consoles.js
+++ b/website/js/consoles.js
@ -93,6 +93,7 @@ function createConsole(root, game_name, text_colour_function, initial_command, h
 }

 function consoles_init() {
+  document.cookie = 'token=MD5GAMEPASSWORD; SameSite=Strict';
  const root = document.getElementById('console-div');
  createConsole(
    root,