added SECRET field to register

CHANGELOG.md

@@ -1,5 +1,5 @@
 ## v0.08 (dev)
-* ???
+* Added SECRET to register page as a simple security measure.
 
 ## v0.07 (Dec 8th 2023)
 * View container logs.

README.md

@@ -36,7 +36,7 @@ Pre-Pre-Pre-Pre-Pre Alpha v0.08 ( :fire: Experimental. Don't install on any serv
 
 ## Setup
 
-* Docker Compose: 
+Docker Compose: 
 ```
 version: "3.9"
 services:
@@ -44,10 +44,13 @@ services:
   dweebui:
     container_name: dweebui
     image: lllllllillllllillll/dweebui:v0.08-dev
+    # build:
+    #   context: .
     environment:
       NODE_ENV: production
       PORT: 8000
-      # Proxy_Manager: enabled
+      SECRET: MrWiskers
+      #Proxy_Manager: enabled
     restart: unless-stopped
     ports:
       - 8000:8000
@@ -55,6 +58,8 @@ services:
       - dweebui:/app
       - caddyfiles:/app/caddyfiles
       - /var/run/docker.sock:/var/run/docker.sock
+      #- ./custom-templates.json:/app/custom-templates.json
+      #- ./composefiles:/app/composefiles
     networks:
       - dweeb_network
 
@@ -69,14 +74,14 @@ networks:
     driver: bridge
 ```
 
-* Compose setup:
+Compose setup:
 
-Paste the above content into a file named ```docker-compose.yml``` then place it in a folder named ```dweebui```.
-Open a terminal in the ```dweebui``` folder, then enter ```docker compose up -d```.
-You may need to use ```docker-compose up -d``` or execute the command as root with  either ```sudo docker compose up -d``` or ```sudo docker-compose up -d```.
+* Paste the above content into a file named ```docker-compose.yml``` then place it in a folder named ```dweebui```.
+* Open a terminal in the ```dweebui``` folder, then enter ```docker compose up -d```.
+* You may need to use ```docker-compose up -d``` or execute the command as root with either ```sudo docker compose up -d``` or ```sudo docker-compose up -d```.
 
 
-* Using setup.sh: 
+Using setup.sh: 
 ```
 Extract DweebUI.zip and navigate to /DweebUI
 cd DweebUI

controllers/auth.js

@@ -86,11 +86,11 @@ exports.Register = function(req,res){
 exports.processRegister = async function(req,res){
 
     // Get the data.
-    let { first_name, last_name, username, email, password, avatar, tos } = req.body;
+    let { first_name, last_name, username, email, password, avatar, tos, secret } = req.body;
     let role = "user";
 
     // Check the data.
-    if(first_name && last_name && email && password && username && tos){
+    if((first_name && last_name && email && password && username && tos) && (secret == process.env.SECRET)){
 
         // Check if there is an existing user with that username.
         let existingUser = await User.findOne({ where: {username:username}});

docker-compose.yaml

@@ -4,10 +4,13 @@ services:
   dweebui:
     container_name: dweebui
     image: lllllllillllllillll/dweebui:v0.08-dev
+    # build:
+    #   context: .
     environment:
       NODE_ENV: production
       PORT: 8000
-      # Proxy_Manager: enabled
+      SECRET: MrWiskers
+      #Proxy_Manager: enabled
     restart: unless-stopped
     ports:
       - 8000:8000
@@ -15,6 +18,8 @@ services:
       - dweebui:/app
       - caddyfiles:/app/caddyfiles
       - /var/run/docker.sock:/var/run/docker.sock
+      #- ./custom-templates.json:/app/custom-templates.json
+      #- ./composefiles:/app/composefiles
     networks:
       - dweeb_network
 

views/pages/apps.ejs

@@ -51,7 +51,7 @@
                         <a href="#" class="btn-action dropdown-toggle" data-bs-toggle="dropdown" aria-haspopup="true" aria-expanded="false" title="Change Templates">
                           <svg xmlns="http://www.w3.org/2000/svg" class="icon-tabler icon-tabler-settings" width="24" height="24" viewBox="0 0 24 24" stroke-width="1.5" stroke="currentColor" fill="none" stroke-linecap="round" stroke-linejoin="round"><path stroke="none" d="M0 0h24v24H0z" fill="none"/><path d="M10.325 4.317c.426 -1.756 2.924 -1.756 3.35 0a1.724 1.724 0 0 0 2.573 1.066c1.543 -.94 3.31 .826 2.37 2.37a1.724 1.724 0 0 0 1.065 2.572c1.756 .426 1.756 2.924 0 3.35a1.724 1.724 0 0 0 -1.066 2.573c.94 1.543 -.826 3.31 -2.37 2.37a1.724 1.724 0 0 0 -2.572 1.065c-.426 1.756 -2.924 1.756 -3.35 0a1.724 1.724 0 0 0 -2.573 -1.066c-1.543 .94 -3.31 -.826 -2.37 -2.37a1.724 1.724 0 0 0 -1.065 -2.572c-1.756 -.426 -1.756 -2.924 0 -3.35a1.724 1.724 0 0 0 1.066 -2.573c-.94 -1.543 .826 -3.31 2.37 -2.37c1 .608 2.296 .07 2.572 -1.065z" /><path d="M9 12a3 3 0 1 0 6 0a3 3 0 0 0 -6 0" /></svg>
                         </a>
-                        <div class="dropdown-menu dropdown-menu-end" style="">
+                        <div class="dropdown-menu dropdown-menu-end">
                           <a class="dropdown-item" href="#">Default Template</a>
                           <a class="dropdown-item" href="#">Compose Files</a>
                           <a class="dropdown-item" href="#">Custom Template</a>

views/pages/register.ejs

@@ -79,6 +79,11 @@
               </div>
             </div>
 
+            <div class="mb-2">
+              <label class="form-label">SECRET</label>
+              <input type="text" class="form-control" id="secret" name="secret" title="Enter the value of 'SECRET' from the DweebUI docker-compose.yaml">
+            </div>
+
             <label class="form-label">Avatar</label>
             <div class="mb-2">
               <div class="row g-2">

views/partials/footer.ejs

@@ -24,7 +24,7 @@
           </li>
           <li class="list-inline-item">
             <a href="#" class="link-secondary" rel="noopener">
-              v0.07
+              v0.08
             </a>
           </li>
         </ul>