From fb5cf90751d5813d69859cd12355cdfeeae98279 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bj=C3=B6rn=20Bohman?= Date: Fri, 20 Mar 2020 15:09:01 +0100 Subject: [PATCH] Add limit in how many configurations each user may have. (#47) * Add limit in how many configurations each user may have. If the option max-number-client-config is more than 0 this number is the maximum number of clients a user can create. The setting only limits creation. If a user had created more configurations before this setting is enforced or lowered the user may user the service as before, just cant create any more configurations. * Fix spelling and fmt as suggested by @luna-duclos * Alert user when limit is reached. When the user tries to create more configurations than are allow an alert will pop up. * Change http status as discussed with @freddd http 400 seems a better fit than 429 as a more generic error. --- server.go | 33 ++++++++++++++++++++++++++++----- ui/src/Clients.svelte | 16 +++++++++++++--- 2 files changed, 41 insertions(+), 8 deletions(-) diff --git a/server.go b/server.go index 0d81a93..2625e1d 100644 --- a/server.go +++ b/server.go @@ -33,11 +33,12 @@ import ( var ( dataDir = kingpin.Flag("data-dir", "Directory used for storage").Default("/var/lib/wireguard-ui").String() - listenAddr = kingpin.Flag("listen-address", "Address to listen to").Default(":8080").String() - natEnabled = kingpin.Flag("nat", "Whether NAT is enabled or not").Default("true").Bool() - natLink = kingpin.Flag("nat-device", "Network interface to masquerade").Default("wlp2s0").String() - clientIPRange = kingpin.Flag("client-ip-range", "Client IP CIDR").Default("172.31.255.0/24").String() - authUserHeader = kingpin.Flag("auth-user-header", "Header containing username").Default("X-Forwarded-User").String() + listenAddr = kingpin.Flag("listen-address", "Address to listen to").Default(":8080").String() + natEnabled = kingpin.Flag("nat", "Whether NAT is enabled or not").Default("true").Bool() + natLink = kingpin.Flag("nat-device", "Network interface to masquerade").Default("wlp2s0").String() + clientIPRange = kingpin.Flag("client-ip-range", "Client IP CIDR").Default("172.31.255.0/24").String() + authUserHeader = kingpin.Flag("auth-user-header", "Header containing username").Default("X-Forwarded-User").String() + maxNumberClientConfig = kingpin.Flag("max-number-client-config", "Max number of configs an client can use. 0 is unlimited").Default("0").Int() wgLinkName = kingpin.Flag("wg-device-name", "WireGuard network device name").Default("wg0").String() wgListenPort = kingpin.Flag("wg-listen-port", "WireGuard UDP port to listen to").Default("51820").Int() @@ -592,6 +593,28 @@ func (s *Server) CreateClient(w http.ResponseWriter, r *http.Request, ps httprou c := s.Config.GetUserConfig(user) log.Debugf("user config: %#v", c) + if *maxNumberClientConfig > 0 { + if len(c.Clients) >= *maxNumberClientConfig { + log.Error(fmt.Errorf("user %q have too many configs", c.Name)) + + e := struct { + Error string + }{ + Error: "Max number of configs: " + strconv.Itoa(*maxNumberClientConfig), + } + + j, err := json.Marshal(e) + if err != nil { + log.Error(err) + return + } + + w.WriteHeader(http.StatusBadRequest) + fmt.Fprintf(w, string(j)) + return + } + } + i := 0 for k := range c.Clients { n, err := strconv.Atoi(k) diff --git a/ui/src/Clients.svelte b/ui/src/Clients.svelte index d8d900a..f4dcc1a 100644 --- a/ui/src/Clients.svelte +++ b/ui/src/Clients.svelte @@ -17,12 +17,22 @@ async function handleNewClick(event) { const res = await fetch(clientsUrl, { method: "POST", - }); - let newClient = await res.json(); - console.log("New client added", newClient); + }) + .then(response => { + return response.json() + }) + .then(data => { + if (typeof data.Error != "undefined") { + console.log(data.Error); + alert(data.Error); + } else { + console.log("New client added", data); + } + }); await getClients(); } + onMount(getClients);