Added NO_AUTH env variable for localhost

compose.yaml

@@ -6,6 +6,8 @@ services:
     environment:
       PORT: 8000
       SECRET: MrWiskers
+      HTTPS: false
+      NO_AUTH: false
     restart: unless-stopped
     ports:
       - 8000:8000

router/index.js

@@ -1,6 +1,7 @@
 import express from "express";
 import { Permission } from '../database/models.js';
 export const router = express.Router();
+const no_auth = process.env.NO_AUTH || false;
 
 // Controllers
 import { Login, submitLogin, Logout } from "../controllers/login.js";
@@ -21,17 +22,20 @@ import { Uninstall } from "../utils/uninstall.js"
 
 // Permission Middleware
 const adminOnly = async (req, res, next) => {
-    if (req.session.role == 'admin') { next(); } 
+    if (req.session.role == 'admin') { next(); }
+    else if (no_auth && req.connection.remoteAddress == '::ffff:127.0.0.1') { next(); }
     else { res.redirect('/dashboard'); }
 }
 
 const sessionCheck = async (req, res, next) => {
     if (req.session.user) { next(); }
+    else if (no_auth && req.connection.remoteAddress == '::ffff:127.0.0.1') { next(); }
     else { res.redirect('/login'); }
 }
 
 const permissionCheck = async (req, res, next) => {
     if (req.session.role == 'admin') { next(); return; }
+    else if (no_auth && req.connection.remoteAddress == '::ffff:127.0.0.1') { next(); }
     let user = req.session.user;
     let action = req.path.split("/")[2];
     let trigger = req.header('hx-trigger-name');

server.js

@@ -8,6 +8,7 @@ import Docker from 'dockerode';
 export var docker = new Docker();
 
 // Session middleware
+const secure = process.env.HTTPS || false;
 const MemoryStore = memorystore(session);
 const sessionMiddleware = session({
     store: new MemoryStore({ checkPeriod: 86400000 }), // Prune expired entries every 24h
@@ -15,8 +16,8 @@ const sessionMiddleware = session({
     resave: false, 
     saveUninitialized: false, 
     cookie:{
-        secure: false, 
-        httpOnly: false,
+        secure: secure, 
+        httpOnly: secure,
         maxAge: 3600000 * 8 // Session max age in milliseconds. 3600000 = 1 hour.
     }
 });

views/partials/navbar.html

@@ -48,10 +48,17 @@
 
     <div class="navbar-nav flex-row order-md-last">
       <div class="nav-item d-none d-md-flex me-3">
-
-
-    
-        <!-- <div class="btn-list">
+        <!-- 
+        
+        <div class="btn-list">
+          <a href="#" class="btn text-blue">
+            <svg xmlns="http://www.w3.org/2000/svg" class="icon icon-tabler icon-tabler-screen-share" width="24" height="24" viewBox="0 0 24 24" stroke-width="2" stroke="currentColor" fill="none" stroke-linecap="round" stroke-linejoin="round"> <path stroke="none" d="M0 0h24v24H0z" fill="none"></path> <path d="M21 12v3a1 1 0 0 1 -1 1h-16a1 1 0 0 1 -1 -1v-10a1 1 0 0 1 1 -1h9"></path> <path d="M7 20l10 0"></path> <path d="M9 16l0 4"></path> <path d="M15 16l0 4"></path> <path d="M17 4h4v4"></path> <path d="M16 9l5 -5"></path> </svg>
+            Host 1
+          </a>
+          <a href="#" class="btn text-blue">
+            <svg xmlns="http://www.w3.org/2000/svg" class="icon icon-tabler icon-tabler-screen-share" width="24" height="24" viewBox="0 0 24 24" stroke-width="2" stroke="currentColor" fill="none" stroke-linecap="round" stroke-linejoin="round"> <path stroke="none" d="M0 0h24v24H0z" fill="none"></path> <path d="M21 12v3a1 1 0 0 1 -1 1h-16a1 1 0 0 1 -1 -1v-10a1 1 0 0 1 1 -1h9"></path> <path d="M7 20l10 0"></path> <path d="M9 16l0 4"></path> <path d="M15 16l0 4"></path> <path d="M17 4h4v4"></path> <path d="M16 9l5 -5"></path> </svg>
+            Host 2
+          </a>
           <a href="#" class="btn text-green">
             <svg xmlns="http://www.w3.org/2000/svg" class="icon icon-tabler icon-tabler-lock" width="24" height="24" viewBox="0 0 24 24" stroke-width="2" stroke="currentColor" fill="none" stroke-linecap="round" stroke-linejoin="round"> <path stroke="none" d="M0 0h24v24H0z" fill="none"></path> <path d="M5 13a2 2 0 0 1 2 -2h10a2 2 0 0 1 2 2v6a2 2 0 0 1 -2 2h-10a2 2 0 0 1 -2 -2v-6z"></path> <path d="M11 16a1 1 0 1 0 2 0a1 1 0 0 0 -2 0"></path> <path d="M8 11v-4a4 4 0 1 1 8 0v4"></path> </svg>
             VPN
@@ -64,18 +71,21 @@
             <svg xmlns="http://www.w3.org/2000/svg" class="icon icon-tabler icon-tabler-screen-share" width="24" height="24" viewBox="0 0 24 24" stroke-width="2" stroke="currentColor" fill="none" stroke-linecap="round" stroke-linejoin="round"> <path stroke="none" d="M0 0h24v24H0z" fill="none"></path> <path d="M21 12v3a1 1 0 0 1 -1 1h-16a1 1 0 0 1 -1 -1v-10a1 1 0 0 1 1 -1h9"></path> <path d="M7 20l10 0"></path> <path d="M9 16l0 4"></path> <path d="M15 16l0 4"></path> <path d="M17 4h4v4"></path> <path d="M16 9l5 -5"></path> </svg>
             VNC
           </a>
-        </div> -->
+        </div> 
+        
+        -->
 
-        <!-- <% if(role == 'admin') { %>
+        <!-- 
+        
+        <% if(role == 'admin') { %>
           <div class="btn-list">
             <a href="#" class="btn text-red">
               Admin
             </a>
           </div>
-        <% } %> -->
-
-
+        <% } %> 
         
+        -->
         
       </div>
       <div class="d-none d-md-flex">

views/partials/sidebar.html

@@ -2,7 +2,7 @@
 	<div class="card-body">
 		<h4 class="subheader">Menu</h4>
 		<div class="list-group list-group-transparent">
-			<a href="/account" class="list-group-item list-group-item-action d-flex align-items-center">Accounts</a>
+			<a href="/account" class="list-group-item list-group-item-action d-flex align-items-center">Account</a>
 			<a href="/settings" class="list-group-item list-group-item-action d-flex align-items-center">Settings</a>
 		</div>
 		<h4 class="subheader mt-4">Other</h4>