diff --git a/meshcentral.js b/meshcentral.js index 6122a7ec..f6d12fb1 100644 --- a/meshcentral.js +++ b/meshcentral.js @@ -1555,7 +1555,7 @@ function CreateMeshCentralServer(config, args) { if ((o.dtime > (timeout * 60000)) || (o.dtime < -30000)) { obj.debug(1, 'ERR: Bad cookie due to timeout'); return null; } // The cookie is only valid 120 seconds, or 30 seconds back in time (in case other server's clock is not quite right) } else { // An expire time is included in the cookie (in minutes), use this. - if ((o.dtime > (o.expire * 60000)) || (o.dtime < -30000)) { obj.debug(1, 'ERR: Bad cookie due to timeout'); return null; } // The cookie is only valid 120 seconds, or 30 seconds back in time (in case other server's clock is not quite right) + if ((o.expire !== 0) && ((o.dtime > (o.expire * 60000)) || (o.dtime < -30000))) { obj.debug(1, 'ERR: Bad cookie due to timeout'); return null; } // The cookie is only valid 120 seconds, or 30 seconds back in time (in case other server's clock is not quite right) } return o; } catch (ex) { obj.debug(1, 'ERR: Bad AESGCM cookie due to exception: ' + ex); return null; } @@ -1583,7 +1583,7 @@ function CreateMeshCentralServer(config, args) { if ((o.dtime > (timeout * 60000)) || (o.dtime < -30000)) { obj.debug(1, 'ERR: Bad cookie due to timeout'); return null; } // The cookie is only valid 120 seconds, or 30 seconds back in time (in case other server's clock is not quite right) } else { // An expire time is included in the cookie (in minutes), use this. - if ((o.dtime > (o.expire * 60000)) || (o.dtime < -30000)) { obj.debug(1, 'ERR: Bad cookie due to timeout'); return null; } // The cookie is only valid 120 seconds, or 30 seconds back in time (in case other server's clock is not quite right) + if ((o.expire !== 0) && ((o.dtime > (o.expire * 60000)) || (o.dtime < -30000))) { obj.debug(1, 'ERR: Bad cookie due to timeout'); return null; } // The cookie is only valid 120 seconds, or 30 seconds back in time (in case other server's clock is not quite right) } return o; } catch (ex) { obj.debug(1, 'ERR: Bad AESSHA cookie due to exception: ' + ex); return null; } diff --git a/meshuser.js b/meshuser.js index 75cefc72..4ce979a3 100644 --- a/meshuser.js +++ b/meshuser.js @@ -2501,7 +2501,7 @@ module.exports.CreateMeshUser = function (parent, db, ws, req, args, domain, use } case 'createInviteLink': { if (common.validateString(command.meshid, 8, 128) == false) break; // Check the meshid - if (common.validateInt(command.expire, 1, 99999) == false) break; // Check the expire time in hours + if (common.validateInt(command.expire, 0, 99999) == false) break; // Check the expire time in hours if (common.validateInt(command.flags, 0, 256) == false) break; // Check the flags var mesh = parent.meshes[command.meshid]; if (mesh == null) break; diff --git a/package.json b/package.json index d8e5db2f..025f51c6 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "meshcentral", - "version": "0.3.6-d", + "version": "0.3.6-e", "keywords": [ "Remote Management", "Intel AMT", diff --git a/sample-config.json b/sample-config.json index ce551563..eb613044 100644 --- a/sample-config.json +++ b/sample-config.json @@ -46,6 +46,9 @@ "keepLastDaysBackup": 10, "zipPassword": "MyReallySecretPassword3", "_backupPath": "C:\\backups" + }, + "_Redirects": { + "meshcommander": "https://www.meshcommander.com/" } }, "_domains": { diff --git a/views/default.handlebars b/views/default.handlebars index 3fd156e6..d0acb3cd 100644 --- a/views/default.handlebars +++ b/views/default.handlebars @@ -1998,6 +1998,7 @@ if (message.expire == 24) { t = '1 day'; } if (message.expire == 168) { t = '1 week'; } if (message.expire == 5040) { t = '1 month'; } + if (message.expire == 0) { t = 'Unlimited'; } QH('agentInvitationLink', 'Invitation Link (' + t + ')'); QV('agentInvitationLinkDiv', true); break; @@ -2708,7 +2709,7 @@ x += ''; } x += '
Invite someone to install the mesh agent by sharing a invitation link. This link points the user to installation instructions for the \"' + EscapeHtml(mesh.name) + '\" device group. The link is public and no account this server is needed.

'; - x += addHtmlValue('Link Expiration', ''); + x += addHtmlValue('Link Expiration', ''); x += '
'; setDialogMode(2, "Invite", 3, performAgentInvite, x, meshid); validateAgentInvite(); diff --git a/webserver.js b/webserver.js index bcba5579..df22741e 100644 --- a/webserver.js +++ b/webserver.js @@ -1699,6 +1699,17 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) { } } + // Handle domain redirection + function handleDomainRedirect(req, res) { + const domain = checkUserIpAddress(req, res); + if ((domain == null) || (domain.redirects == null)) { res.sendStatus(404); return; } + var urlArgs = '', urlName = null, splitUrl = req.originalUrl.split("?"); + if (splitUrl.length > 1) { urlArgs = '?' + splitUrl[1]; } + if ((splitUrl.length > 0) && (splitUrl[0].length > 1)) { urlName = splitUrl[0].substring(1).toLowerCase(); } + if ((urlName == null) || (domain.redirects[urlName] == null)) { res.sendStatus(404); return; } + res.redirect(domain.redirects[urlName] + urlArgs); + } + // Take a "user/domain/userid/path/file" format and return the actual server disk file path if access is allowed obj.getServerFilePath = function (user, domain, path) { var splitpath = path.split('/'), serverpath = obj.path.join(obj.filespath, 'domain'), filename = ''; @@ -2716,6 +2727,9 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) { obj.app.get(url + 'logo.png', handleLogoRequest); obj.app.get(url + 'welcome.jpg', handleWelcomeImageRequest); + // Server redirects + if (parent.config.domains[i].redirects) { for (var j in parent.config.domains[i].redirects) { obj.app.get(url + j, handleDomainRedirect); } } + // Server picture obj.app.get(url + 'serverpic.ashx', function (req, res) { // Check if we have "server.jpg" in the data folder, if so, use that.