diff --git a/app.js b/app.js index c09e6eb..84259b6 100644 --- a/app.js +++ b/app.js @@ -1,105 +1,127 @@ // LinuxServer Guacamole Client +const crypto = require('crypto'); +const path = require('path'); +const express = require('express'); +const http = require('http'); +const cloudcmd = require('cloudcmd'); +const bodyParser = require('body-parser'); +const { pamAuthenticate } = require('node-linux-pam'); +const GuacamoleLite = require('guacamole-lite'); -//// Application Variables //// -var baseurl = process.env.SUBFOLDER || '/'; -var crypto = require('crypto'); -var ejs = require('ejs'); -var express = require('express'); -var app = require('express')(); -var http = require('http').Server(app); -var cloudcmd = require('cloudcmd'); -var bodyParser = require('body-parser'); -var { pamAuthenticate, pamErrors } = require('node-linux-pam'); -var CUSTOM_PORT = process.env.CUSTOM_PORT || 3000; -var baserouter = express.Router(); +// Application Variables +const baseurl = process.env.SUBFOLDER || '/'; +const CUSTOM_PORT = process.env.CUSTOM_PORT || 3000; -///// Guac Websocket Tunnel //// -var GuacamoleLite = require('guacamole-lite'); -var clientOptions = { +const app = express(); +app.set('view engine', 'ejs'); +app.set('x-powered-by', false); + +const server = http.Server(app); +const baserouter = express.Router(); + +// Guac Websocket Tunnel +const clientOptions = { crypt: { cypher: 'AES-256-CBC', - key: 'LSIOGCKYLSIOGCKYLSIOGCKYLSIOGCKY' + key: 'LSIOGCKYLSIOGCKYLSIOGCKYLSIOGCKY', }, log: { - verbose: false - } -}; -// Spinup the Guac websocket proxy on port 3000 if guacd is running -var guacServer = new GuacamoleLite({server: http,path:baseurl +'guaclite'},{host:'127.0.0.1',port:4822},clientOptions); -// Function needed to encrypt the token string for guacamole connections -var encrypt = (value) => { - var iv = crypto.randomBytes(16); - var cipher = crypto.createCipheriv(clientOptions.crypt.cypher, clientOptions.crypt.key, iv); - let crypted = cipher.update(JSON.stringify(value), 'utf8', 'base64'); - crypted += cipher.final('base64'); - var data = { - iv: iv.toString('base64'), - value: crypted - }; - return new Buffer(JSON.stringify(data)).toString('base64'); + verbose: false, + }, }; -//// Public JS and CSS //// -baserouter.use('/public', express.static(__dirname + '/public')); -//// Embedded guac //// -baserouter.get("/", function (req, res) { - if (req.query.login){ - var connectionstring = encrypt( - { - "connection":{ - "type":"rdp", - "settings":{ - "hostname":"127.0.0.1", - "port":"3389", - "security": "any", - "ignore-cert": true - } - } - }); +// Spinup the Guac websocket proxy on port 3000 if guacd is running +// eslint-disable-next-line no-unused-vars +const guacServer = new GuacamoleLite({ + server, + path: `${baseurl}guaclite`, +}, { + host: '127.0.0.1', + port: 4822, +}, clientOptions); + +// Function needed to encrypt the token string for guacamole connections +const encrypt = (value) => { + const iv = crypto.randomBytes(16); + const cipher = crypto.createCipheriv(clientOptions.crypt.cypher, clientOptions.crypt.key, iv); + let crypted = cipher.update(JSON.stringify(value), 'utf8', 'base64'); + crypted += cipher.final('base64'); + const data = { + iv: iv.toString('base64'), + value: crypted, + }; + return Buffer.from(JSON.stringify(data)).toString('base64'); +}; + +// Public JS and CSS +baserouter.use('/public', express.static(path.join(__dirname, '/public'))); + +// Embedded guac +baserouter.get('/', (req, res) => { + let connectionstring = ''; + + if (req.query.login) { + connectionstring = encrypt({ + connection: { + type: 'rdp', + settings: { + hostname: '127.0.0.1', + port: '3389', + security: 'any', + 'ignore-cert': true, + }, + }, + }); + } else { + connectionstring = encrypt({ + connection: { + type: 'rdp', + settings: { + hostname: '127.0.0.1', + port: '3389', + username: 'abc', + password: 'abc', + security: 'any', + 'ignore-cert': true, + }, + }, + }); } - else{ - var connectionstring = encrypt( - { - "connection":{ - "type":"rdp", - "settings":{ - "hostname":"127.0.0.1", - "port":"3389", - "username":"abc", - "password":"abc", - "security": "any", - "ignore-cert": true - } - } - }); - } - res.render(__dirname + '/rdp.ejs', {token : connectionstring, baseurl: baseurl}); + + res.render(path.join(__dirname, '/rdp.ejs'), { + token: connectionstring, + baseurl, + }); }); -//// Web File Browser //// + +// Web File Browser baserouter.use(bodyParser.urlencoded({ extended: true })); -baserouter.get('/files', function (req, res) { + +baserouter.get('/files', (req, res) => { res.send('Unauthorized'); res.end(); }); -baserouter.post('/files', function(req, res, next){ - var password = req.body.password; - var options = { + +baserouter.post('/files', (req, res, next) => { + const options = { username: 'abc', - password: password, + password: req.body.password, }; - pamAuthenticate(options, function(err, code) { + + pamAuthenticate(options, (err) => { if (!err) { - next(); + next(); } else { res.send('Unauthorized'); res.end(); } }); }); + baserouter.use('/files', cloudcmd({ config: { root: '/', - prefix: baseurl + 'files', + prefix: `${baseurl}files`, terminal: false, console: false, configDialog: false, @@ -109,11 +131,11 @@ baserouter.use('/files', cloudcmd({ log: false, keysPanel: false, oneFilePanel: true, - } -})) + }, +})); // Spin up application on CUSTOM_PORT with fallback to port 3000 app.use(baseurl, baserouter); -http.listen(CUSTOM_PORT, function(){ - console.log('listening on *:' + CUSTOM_PORT); +server.listen(CUSTOM_PORT, () => { + console.log(`listening on *: ${CUSTOM_PORT}`); }); diff --git a/maketoken.js b/maketoken.js index 4f87ad8..4a67645 100644 --- a/maketoken.js +++ b/maketoken.js @@ -1,44 +1,44 @@ -//// Application Variables //// -var crypto = require('crypto'); -var PASSWORD = process.env.PASSWORD || 'abc'; +// Application Variables +const crypto = require('crypto'); -///// Guac Websocket Tunnel //// -var clientOptions = { +const PASSWORD = process.env.PASSWORD || 'abc'; + +// Guac Websocket Tunnel +const clientOptions = { crypt: { cypher: 'AES-256-CBC', - key: 'LSIOGCKYLSIOGCKYLSIOGCKYLSIOGCKY' + key: 'LSIOGCKYLSIOGCKYLSIOGCKYLSIOGCKY', }, log: { - verbose: false - } + verbose: false, + }, }; + // Function needed to encrypt the token string for guacamole connections -var encrypt = (value) => { - var iv = crypto.randomBytes(16); - var cipher = crypto.createCipheriv(clientOptions.crypt.cypher, clientOptions.crypt.key, iv); +const encrypt = (value) => { + const iv = crypto.randomBytes(16); + const cipher = crypto.createCipheriv(clientOptions.crypt.cypher, clientOptions.crypt.key, iv); let crypted = cipher.update(JSON.stringify(value), 'utf8', 'base64'); crypted += cipher.final('base64'); - var data = { + const data = { iv: iv.toString('base64'), - value: crypted + value: crypted, }; - return new Buffer.from(JSON.stringify(data)).toString('base64'); + return Buffer.from(JSON.stringify(data)).toString('base64'); }; - -var connectionstring = encrypt( -{ - "connection":{ - "type":"rdp", - "settings":{ - "hostname":"127.0.0.1", - "port":"3389", - "username":"abc", - "password":PASSWORD, - "security": "any", - "ignore-cert": true - } - } +const connectionstring = encrypt({ + connection: { + type: 'rdp', + settings: { + hostname: '127.0.0.1', + port: '3389', + username: 'abc', + password: PASSWORD, + security: 'any', + 'ignore-cert': true, + }, + }, }); console.log(connectionstring);