From 69469215c7f681ec218d610ed9edf0a135edd0e5 Mon Sep 17 00:00:00 2001 From: jimmy201602 Date: Tue, 8 May 2018 21:14:57 +0800 Subject: [PATCH] websocket authenticate bug fixed --- guacamole/consumers.py | 86 ++++++++++++++++++++++------------------ webterminal/consumers.py | 32 ++++++++++++--- 2 files changed, 74 insertions(+), 44 deletions(-) diff --git a/guacamole/consumers.py b/guacamole/consumers.py index c927cbd8..b3f29a3e 100644 --- a/guacamole/consumers.py +++ b/guacamole/consumers.py @@ -29,50 +29,60 @@ class GuacamoleWebsocket(WebsocketConsumer): channel_session = True channel_session_user = True - + @property + def authenticate(self): + if self.message.user.is_authenticated(): + return True + else: + return False + def connect(self, message,id): self.message.reply_channel.send({"accept": True}) - client = GuacamoleClient(settings.GUACD_HOST, settings.GUACD_PORT) - try: - data = ServerInfor.objects.get(id=id) - if data.credential.protocol in ['vnc','rdp','telnet']: - pass - else: - self.message.reply_channel.send({"accept":False}) - except ObjectDoesNotExist: - #server info not exist + if not self.authenticate: + self.message.reply_channel.send({"text":json.dumps({'status':False,'message':'You must login to the system!'})},immediately=True) self.message.reply_channel.send({"accept":False}) - cache_key = str(uuid.uuid4()) + else: + client = GuacamoleClient(settings.GUACD_HOST, settings.GUACD_PORT) + try: + data = ServerInfor.objects.get(id=id) + if data.credential.protocol in ['vnc','rdp','telnet']: + pass + else: + self.message.reply_channel.send({"accept":False}) + except ObjectDoesNotExist: + #server info not exist + self.message.reply_channel.send({"accept":False}) + cache_key = str(uuid.uuid4()) - directory_date_time = now() - recording_path = os.path.join(MEDIA_ROOT,'{0}-{1}-{2}'.format(directory_date_time.year,directory_date_time.month,directory_date_time.day)) + directory_date_time = now() + recording_path = os.path.join(MEDIA_ROOT,'{0}-{1}-{2}'.format(directory_date_time.year,directory_date_time.month,directory_date_time.day)) - client.handshake(width=data.credential.width, - height=data.credential.height, - protocol=data.credential.protocol, - hostname=data.ip, - port=data.credential.port, - username=data.credential.username, - password=data.credential.password, - recording_path=recording_path, - recording_name=cache_key, - create_recording_path='true', - enable_wallpaper='true', - ignore_cert='true',) - #security='tls',) - self.message.reply_channel.send({"text":'0.,{0}.{1};'.format(len(cache_key),cache_key)},immediately=True) - #'0.,36.83940151-b2f9-4743-b5e4-b6eb85a97743;' - - audit_log = Log.objects.create(user=User.objects.get(username=self.message.user),server=data,channel=self.message.reply_channel.name,width=data.credential.width,height=data.credential.height,log=cache_key) - audit_log.save() - guacamolethread=GuacamoleThread(self.message,client) - guacamolethread.setDaemon = True - guacamolethread.start() + client.handshake(width=data.credential.width, + height=data.credential.height, + protocol=data.credential.protocol, + hostname=data.ip, + port=data.credential.port, + username=data.credential.username, + password=data.credential.password, + recording_path=recording_path, + recording_name=cache_key, + create_recording_path='true', + enable_wallpaper='true', + ignore_cert='true',) + #security='tls',) + self.message.reply_channel.send({"text":'0.,{0}.{1};'.format(len(cache_key),cache_key)},immediately=True) + #'0.,36.83940151-b2f9-4743-b5e4-b6eb85a97743;' + + audit_log = Log.objects.create(user=User.objects.get(username=self.message.user),server=data,channel=self.message.reply_channel.name,width=data.credential.width,height=data.credential.height,log=cache_key) + audit_log.save() + guacamolethread=GuacamoleThread(self.message,client) + guacamolethread.setDaemon = True + guacamolethread.start() + + guacamolethreadwrite=GuacamoleThreadWrite(self.message,client) + guacamolethreadwrite.setDaemon = True + guacamolethreadwrite.start() - guacamolethreadwrite=GuacamoleThreadWrite(self.message,client) - guacamolethreadwrite.setDaemon = True - guacamolethreadwrite.start() - def disconnect(self, message,id): #close threading print 'disconnect' diff --git a/webterminal/consumers.py b/webterminal/consumers.py index f775d5cc..abca7984 100644 --- a/webterminal/consumers.py +++ b/webterminal/consumers.py @@ -27,11 +27,21 @@ class webterminal(WebsocketConsumer): channel_session = True channel_session_user = True - + @property + def authenticate(self): + if self.message.user.is_authenticated(): + return True + else: + return False + def connect(self, message): - self.message.reply_channel.send({"accept": True}) - #permission auth - self.message.reply_channel.send({"text":json.dumps(['channel_name',self.message.reply_channel.name])},immediately=True) + self.message.reply_channel.send({"accept": True}) + if not self.authenticate: + self.message.reply_channel.send({"text":json.dumps({'status':False,'message':'You must login to the system!'})},immediately=True) + self.message.reply_channel.send({"accept":False}) + else: + #permission auth + self.message.reply_channel.send({"text":json.dumps(['channel_name',self.message.reply_channel.name])},immediately=True) def disconnect(self, message): #close threading @@ -135,9 +145,19 @@ class CommandExecute(WebsocketConsumer): channel_session = True channel_session_user = True + + @property + def authenticate(self): + if self.message.user.is_authenticated(): + return True + else: + return False + def connect(self, message): - self.message.reply_channel.send({"accept": True}) - #permission auth + self.message.reply_channel.send({"accept": True}) + if not self.authenticate: + self.message.reply_channel.send({"text":json.dumps({'status':False,'message':'You must login to the system!'})},immediately=True) + self.message.reply_channel.send({"accept":False}) def disconnect(self, message): self.message.reply_channel.send({"accept":False})