mirror/api
1
0
Fork 0
mirror of https://github.com/unraid/api.git synced 2025-12-31 13:39:52 -06:00
Code Issues Packages Projects Releases Wiki Activity

feat: add patch for auth-request.php

Browse Source
This commit is contained in:
Eli Bosley
2025-02-03 12:39:38 -05:00
parent 36d8399045
commit b1a1779a8b
6 changed files with 132 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

52
api/src/unraid-api/unraid-file-modifier/modifications/__fixtures__/local/auth-request.php Normal file
View File

@@ -0,0 +1,52 @@
<?php
// only start the session if a session cookie exists
if (isset($_COOKIE[session_name()])) {
session_start();
// authorized?
if (isset($_SESSION["unraid_login"])) {
if (time() - $_SESSION['unraid_login'] > 300) {
$_SESSION['unraid_login'] = time();
}
session_write_close();
http_response_code(200);
exit;
}
session_write_close();
}
$arrWhitelist = [
'/webGui/styles/clear-sans-bold-italic.eot',
'/webGui/styles/clear-sans-bold-italic.woff',
'/webGui/styles/clear-sans-bold-italic.ttf',
'/webGui/styles/clear-sans-bold-italic.svg',
'/webGui/styles/clear-sans-bold.eot',
'/webGui/styles/clear-sans-bold.woff',
'/webGui/styles/clear-sans-bold.ttf',
'/webGui/styles/clear-sans-bold.svg',
'/webGui/styles/clear-sans-italic.eot',
'/webGui/styles/clear-sans-italic.woff',
'/webGui/styles/clear-sans-italic.ttf',
'/webGui/styles/clear-sans-italic.svg',
'/webGui/styles/clear-sans.eot',
'/webGui/styles/clear-sans.woff',
'/webGui/styles/clear-sans.ttf',
'/webGui/styles/clear-sans.svg',
'/webGui/styles/default-cases.css',
'/webGui/styles/font-cases.eot',
'/webGui/styles/font-cases.woff',
'/webGui/styles/font-cases.ttf',
'/webGui/styles/font-cases.svg',
'/webGui/images/case-model.png',
'/webGui/images/green-on.png',
'/webGui/images/red-on.png',
'/webGui/images/yellow-on.png'
];
if (in_array(preg_replace(['/\?v=\d+$/','/\?\d+$/'],'',$_SERVER['REQUEST_URI']),$arrWhitelist)) {
// authorized
http_response_code(200);
} else {
// non-authorized
//error_log(print_r($_SERVER, true));
http_response_code(401);
}
exit;

9
api/src/unraid-api/unraid-file-modifier/modifications/__test__/generic-modification.spec.ts
View File

@@ -9,6 +9,7 @@ import { FileModification } from '@app/unraid-api/unraid-file-modifier/file-modi
import DefaultPageLayoutModification from '@app/unraid-api/unraid-file-modifier/modifications/default-page-layout.modification';
import NotificationsPageModification from '@app/unraid-api/unraid-file-modifier/modifications/notifications-page.modification';
import SSOFileModification from '@app/unraid-api/unraid-file-modifier/modifications/sso.modification';
import AuthRequestModification from '@app/unraid-api/unraid-file-modifier/modifications/auth-request.modification';
interface ModificationTestCase {
ModificationClass: new (...args: ConstructorParameters<typeof FileModification>) => FileModification;
@@ -35,6 +36,12 @@ const testCases: ModificationTestCase[] = [
ModificationClass: SSOFileModification,
fileName: '.login.php',
},
{
ModificationClass: AuthRequestModification,
fileUrl:
'https://github.com/unraid/webgui/raw/refs/heads/master/emhttp/auth-request.php',
fileName: 'auth-request.php',
},
];
async function testModification(testCase: ModificationTestCase) {
@@ -42,12 +49,14 @@ async function testModification(testCase: ModificationTestCase) {
const fileName = basename(testCase.fileUrl);
const path = resolve(__dirname, `../__fixtures__/downloaded/${fileName}`);
const pathLocal = resolve(__dirname, `../__fixtures__/local/${fileName}`);
let originalContent = '';
if (!existsSync(path)) {
try {
console.log('Downloading file', testCase.fileUrl);
originalContent = await fetch(testCase.fileUrl).then((response) => response.text());
await writeFile(path, originalContent);
await writeFile(pathLocal, originalContent);
} catch (error) {
console.error('Failed to download file - using local fixture', error);
await cp(resolve(__dirname, `../__fixtures__/local/${fileName}`), path);

53
api/src/unraid-api/unraid-file-modifier/modifications/__test__/snapshots/auth-request.php.modified.snapshot.php Normal file
View File

@@ -0,0 +1,53 @@
<?php
// only start the session if a session cookie exists
if (isset($_COOKIE[session_name()])) {
session_start();
// authorized?
if (isset($_SESSION["unraid_login"])) {
if (time() - $_SESSION['unraid_login'] > 300) {
$_SESSION['unraid_login'] = time();
}
session_write_close();
http_response_code(200);
exit;
}
session_write_close();
}
$arrWhitelist = [
'/webGui/images/partner-logo.svg',
'/webGui/styles/clear-sans-bold-italic.eot',
'/webGui/styles/clear-sans-bold-italic.woff',
'/webGui/styles/clear-sans-bold-italic.ttf',
'/webGui/styles/clear-sans-bold-italic.svg',
'/webGui/styles/clear-sans-bold.eot',
'/webGui/styles/clear-sans-bold.woff',
'/webGui/styles/clear-sans-bold.ttf',
'/webGui/styles/clear-sans-bold.svg',
'/webGui/styles/clear-sans-italic.eot',
'/webGui/styles/clear-sans-italic.woff',
'/webGui/styles/clear-sans-italic.ttf',
'/webGui/styles/clear-sans-italic.svg',
'/webGui/styles/clear-sans.eot',
'/webGui/styles/clear-sans.woff',
'/webGui/styles/clear-sans.ttf',
'/webGui/styles/clear-sans.svg',
'/webGui/styles/default-cases.css',
'/webGui/styles/font-cases.eot',
'/webGui/styles/font-cases.woff',
'/webGui/styles/font-cases.ttf',
'/webGui/styles/font-cases.svg',
'/webGui/images/case-model.png',
'/webGui/images/green-on.png',
'/webGui/images/red-on.png',
'/webGui/images/yellow-on.png'
];
if (in_array(preg_replace(['/\?v=\d+$/','/\?\d+$/'],'',$_SERVER['REQUEST_URI']),$arrWhitelist)) {
// authorized
http_response_code(200);
} else {
// non-authorized
//error_log(print_r($_SERVER, true));
http_response_code(401);
}
exit;

12
api/src/unraid-api/unraid-file-modifier/modifications/auth-request.modification.ts
View File

@@ -9,7 +9,6 @@ import {
ShouldApplyWithReason,
} from '@app/unraid-api/unraid-file-modifier/file-modification';
const AUTH_REQUEST_FILE = '/usr/local/emhttp/auth-request.php' as const;
const WEB_COMPS_DIR = '/usr/local/emhttp/plugins/dynamix.my.servers/unraid-components/_nuxt/' as const;
const getJsFiles = async (dir: string) => {
@@ -19,6 +18,7 @@ const getJsFiles = async (dir: string) => {
};
export default class AuthRequestModification extends FileModification {
public filePath: string = '/usr/local/emhttp/auth-request.php';
id: string = 'auth-request';
constructor(logger: Logger) {
@@ -31,25 +31,23 @@ export default class AuthRequestModification extends FileModification {
const FILES_TO_ADD = ['/webGui/images/partner-logo.svg', ...JS_FILES];
if (!existsSync(AUTH_REQUEST_FILE)) {
throw new Error(`File ${AUTH_REQUEST_FILE} not found.`);
if (!existsSync(this.filePath)) {
throw new Error(`File ${this.filePath} not found.`);
}
const fileContent = await readFile(AUTH_REQUEST_FILE, 'utf8');
const fileContent = await readFile(this.filePath, 'utf8');
if (!fileContent.includes('$arrWhitelist')) {
throw new Error(`$arrWhitelist array not found in the file.`);
}
this.logger.debug(`Backup of ${AUTH_REQUEST_FILE} created.`);
const filesToAddString = FILES_TO_ADD.map((file) => ` '${file}',`).join('\n');
// Create new content by finding the array declaration and adding our files after it
const newContent = fileContent.replace(/(\$arrWhitelist\s*=\s*\[)/, `$1\n${filesToAddString}`);
// Generate and return patch
const patch = createPatch(AUTH_REQUEST_FILE, fileContent, newContent, undefined, undefined, {
const patch = createPatch(this.filePath, fileContent, newContent, undefined, undefined, {
context: 3,
});

12
api/src/unraid-api/unraid-file-modifier/modifications/patches/auth-request.patch Normal file
View File

@@ -0,0 +1,12 @@
Index: /app/src/unraid-api/unraid-file-modifier/modifications/__fixtures__/downloaded/auth-request.php
===================================================================
--- /app/src/unraid-api/unraid-file-modifier/modifications/__fixtures__/downloaded/auth-request.php
+++ /app/src/unraid-api/unraid-file-modifier/modifications/__fixtures__/downloaded/auth-request.php
@@ -15,6 +15,7 @@
}
$arrWhitelist = [
+ '/webGui/images/partner-logo.svg',
'/webGui/styles/clear-sans-bold-italic.eot',
'/webGui/styles/clear-sans-bold-italic.woff',
'/webGui/styles/clear-sans-bold-italic.ttf',

2
api/src/unraid-api/unraid-file-modifier/unraid-file-modifier.spec.ts
View File

@@ -136,7 +136,7 @@ describe.sequential('FileModificationService', () => {
try {
await fs.unlink(FIXTURE_PATH);
} catch (error) {
// Ignore errors if file doesn't exist
console.error('Failed to clean up fixture file', error);
}
vi.clearAllMocks();
});