zefie/minisrv
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

throw error instead of infinitely redirecting bad challenge clients

Browse Source
This commit is contained in:
zefie
2025-08-12 22:49:49 -04:00
parent df7766ccd5
commit 11cf003549
1 changed files with 38 additions and 36 deletions
Download Patch File Download Diff File Expand all files Collapse all files

74
zefie_wtvp_minisrv/includes/ServiceVault/wtv-head-waiter/ValidateLogin.js
View File

@@ -56,7 +56,7 @@ wtv-visit: client:hangupphone`
} else { } else {
wtvsec_login = session_data.get("wtvsec_login"); wtvsec_login = session_data.get("wtvsec_login");
} }
let errpage;
if (socket.ssid !== null) { if (socket.ssid !== null) {
if (wtvsec_login.ticket_b64 == null) { if (wtvsec_login.ticket_b64 == null) {
challenge_response = wtvsec_login.challenge_response; challenge_response = wtvsec_login.challenge_response;
@@ -70,58 +70,60 @@ wtv-visit: client:hangupphone`
console.log(" * wtv-challenge-response FAILED for " + wtvshared.filterSSID(socket.ssid)); console.log(" * wtv-challenge-response FAILED for " + wtvshared.filterSSID(socket.ssid));
if (minisrv_config.config.debug_flags.debug) console.log("Response Expected:", challenge_response.toString(CryptoJS.enc.Base64)); if (minisrv_config.config.debug_flags.debug) console.log("Response Expected:", challenge_response.toString(CryptoJS.enc.Base64));
if (minisrv_config.config.debug_flags.debug) console.log("Response Received:", client_challenge_response) if (minisrv_config.config.debug_flags.debug) console.log("Response Received:", client_challenge_response)
gourl = "wtv-head-waiter:/login?reissue_challenge=true"; errpage = wtvshared.doErrorPage(500, "Invalid challenge response received");
headers = errpage[0];
data = errpage[1];
} }
} else { } else {
gourl = "wtv-head-waiter:/login?no_response=true"; errpage = wtvshared.doErrorPage(500, "No challenge response received");
headers = errpage[0];
data = errpage[1];
} }
} else { } else {
gourl = "wtv-head-waiter:/login-stage-two?"; gourl = "wtv-head-waiter:/login-stage-two?";
} }
} }
if (!errpage) {
if (user_id != null && !request_headers.query.initial_login && !request_headers.query.user_login && !request_headers.query.relogin && !request_headers.query.reconnect) { if (user_id != null && !request_headers.query.initial_login && !request_headers.query.user_login && !request_headers.query.relogin && !request_headers.query.reconnect) {
if (request_headers.query.password == "") { if (request_headers.query.password == "") {
headers = `403 Please enter your password and try again headers = `403 Please enter your password and try again
minisrv-no-mail-count: true minisrv-no-mail-count: true`;
`; } else if (session_data.validateUserPassword(request_headers.query.password)) {
} else if (session_data.validateUserPassword(request_headers.query.password)) { session_data.setUserLoggedIn(true);
session_data.setUserLoggedIn(true); headers = `200 OK
headers = `200 OK
minisrv-no-mail-count: true minisrv-no-mail-count: true
Content-Type: text/html Content-Type: text/html
wtv-visit: ${gourl} wtv-visit: ${gourl}`;
`; } else {
headers = `403 The password you entered was incorrect. Please retype it and try again.
minisrv-no-mail-count: true`;
}
} else { } else {
headers = `403 The password you entered was incorrect. Please retype it and try again. if (session_data.baddisk === true && !ssid_sessions[socket.ssid].get("bad_disk_shown")) {
minisrv-no-mail-count: true gourl = "wtv-head-waiter:/bad-disk?"
`; }
} else if (session_data.getNumberOfUserAccounts() > 1 && user_id === 0 && (!session_data.isUserLoggedIn() || request_headers.query.initial_login || request_headers.query.relogin)) {
} else { gourl = "wtv-head-waiter:/choose-user?"
if (session_data.baddisk === true && !ssid_sessions[socket.ssid].get("bad_disk_shown")) { } else {
gourl = "wtv-head-waiter:/bad-disk?" if (!session_data.getUserPasswordEnabled() && request_headers.query.user_login) session_data.setUserLoggedIn(true);
} const limitedLogin = (!session_data.lockdown && (!session_data.get('password_valid') && session_data.getUserPasswordEnabled()));
else if (session_data.getNumberOfUserAccounts() > 1 && user_id === 0 && (!session_data.isUserLoggedIn() || request_headers.query.initial_login || request_headers.query.relogin)) { limitedLoginRegistered = (limitedLogin && session_data.isRegistered());
gourl = "wtv-head-waiter:/choose-user?" }
} else { headers = `200 OK
if (!session_data.getUserPasswordEnabled() && request_headers.query.user_login) session_data.setUserLoggedIn(true);
const limitedLogin = (!session_data.lockdown && (!session_data.get('password_valid') && session_data.getUserPasswordEnabled()));
limitedLoginRegistered = (limitedLogin && session_data.isRegistered());
}
headers = `200 OK
wtv-connection-close: true wtv-connection-close: true
Connection: close Connection: close
minisrv-no-mail-count: true minisrv-no-mail-count: true
Content-Type: text/html`; Content-Type: text/html`;
if (client_challenge_response) { if (client_challenge_response) {
headers += ` headers += `
wtv-encrypted: ${(request_headers['wtv-encrypted']) ? wtvshared.parseBool(request_headers['wtv-encrypted']) : true}`; wtv-encrypted: ${(request_headers['wtv-encrypted']) ? wtvshared.parseBool(request_headers['wtv-encrypted']) : true}`;
if (wtvsec_login) session_data.data_store.wtvsec_login.update_ticket = true; if (wtvsec_login) session_data.data_store.wtvsec_login.update_ticket = true;
} }
if (limitedLoginRegistered && session_data.getUserPasswordEnabled()) gourl = "wtv-head-waiter:/password?"; if (limitedLoginRegistered && session_data.getUserPasswordEnabled()) gourl = "wtv-head-waiter:/password?";
headers += ` headers += `
wtv-visit: ${gourl}`; wtv-visit: ${gourl}`;
}
} }
} }
} }