From a61eade929c32cc6de7166bf68a04524db09eb59 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Miroslav=20=C5=A0ediv=C3=BD?= Date: Sat, 20 Apr 2024 14:27:15 +0200 Subject: [PATCH] add LockedLogins to settings. --- internal/api/session.go | 2 ++ internal/config/session.go | 7 +++++++ internal/member/manager.go | 4 ++++ internal/session/manager.go | 1 + pkg/types/session.go | 2 ++ 5 files changed, 16 insertions(+) diff --git a/internal/api/session.go b/internal/api/session.go index e1991ad6..8c631e62 100644 --- a/internal/api/session.go +++ b/internal/api/session.go @@ -33,6 +33,8 @@ func (api *ApiManagerCtx) Login(w http.ResponseWriter, r *http.Request) error { return utils.HttpUnprocessableEntity("session already connected") } else if errors.Is(err, types.ErrMemberDoesNotExist) || errors.Is(err, types.ErrMemberInvalidPassword) { return utils.HttpUnauthorized().WithInternalErr(err) + } else if errors.Is(err, types.ErrSessionLoginsLocked) { + return utils.HttpForbidden("logins are locked").WithInternalErr(err) } else { return utils.HttpInternalServerError().WithInternalErr(err) } diff --git a/internal/config/session.go b/internal/config/session.go index 6ab4776f..5feae6f5 100644 --- a/internal/config/session.go +++ b/internal/config/session.go @@ -11,6 +11,7 @@ type Session struct { File string PrivateMode bool + LockedLogins bool LockedControls bool ImplicitHosting bool InactiveCursors bool @@ -34,6 +35,11 @@ func (Session) Init(cmd *cobra.Command) error { return err } + cmd.PersistentFlags().Bool("session.locked_logins", false, "whether logins should be locked for users initially") + if err := viper.BindPFlag("session.locked_logins", cmd.PersistentFlags().Lookup("session.locked_logins")); err != nil { + return err + } + cmd.PersistentFlags().Bool("session.locked_controls", false, "whether controls should be locked for users initially") if err := viper.BindPFlag("session.locked_controls", cmd.PersistentFlags().Lookup("session.locked_controls")); err != nil { return err @@ -87,6 +93,7 @@ func (s *Session) Set() { s.File = viper.GetString("session.file") s.PrivateMode = viper.GetBool("session.private_mode") + s.LockedLogins = viper.GetBool("session.locked_logins") s.LockedControls = viper.GetBool("session.locked_controls") s.ImplicitHosting = viper.GetBool("session.implicit_hosting") s.InactiveCursors = viper.GetBool("session.inactive_cursors") diff --git a/internal/member/manager.go b/internal/member/manager.go index 35386570..ccf32b22 100644 --- a/internal/member/manager.go +++ b/internal/member/manager.go @@ -141,6 +141,10 @@ func (manager *MemberManagerCtx) Login(username string, password string) (types. return nil, "", err } + if !profile.IsAdmin && manager.sessions.Settings().LockedLogins { + return nil, "", types.ErrSessionLoginsLocked + } + session, ok := manager.sessions.Get(id) if ok { if session.State().IsConnected { diff --git a/internal/session/manager.go b/internal/session/manager.go index df853456..3fa90029 100644 --- a/internal/session/manager.go +++ b/internal/session/manager.go @@ -20,6 +20,7 @@ func New(config *config.Session) *SessionManagerCtx { config: config, settings: types.Settings{ PrivateMode: config.PrivateMode, + LockedLogins: config.LockedLogins, LockedControls: config.LockedControls, ImplicitHosting: config.ImplicitHosting, InactiveCursors: config.InactiveCursors, diff --git a/pkg/types/session.go b/pkg/types/session.go index e901ad7a..9496eb73 100644 --- a/pkg/types/session.go +++ b/pkg/types/session.go @@ -11,6 +11,7 @@ var ( ErrSessionAlreadyExists = errors.New("session already exists") ErrSessionAlreadyConnected = errors.New("session is already connected") ErrSessionLoginDisabled = errors.New("session login disabled") + ErrSessionLoginsLocked = errors.New("session logins locked") ) type Cursor struct { @@ -40,6 +41,7 @@ type SessionState struct { type Settings struct { PrivateMode bool `json:"private_mode"` + LockedLogins bool `json:"locked_logins"` LockedControls bool `json:"locked_controls"` ImplicitHosting bool `json:"implicit_hosting"` InactiveCursors bool `json:"inactive_cursors"`