OpenSource/homepage
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add authentik Widget

Browse Source 
- disallow proxied client calls to set HTTP verbs for generic and credentiald proxies
This commit is contained in:
Jason Fischer 2022-09-18 11:02:44 -07:00
parent 8a226ca473
commit 3413347660
No known key found for this signature in database
7 changed files with 60 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
public/locales/en/common.json
View File

@ -168,5 +168,10 @@
"jackett": { "jackett": {
"configured": "Configured", "configured": "Configured",
"errored": "Errored" "errored": "Errored"
},
"authentik": {
"users": "Users",
"loginsLast24H": "Logins (24h)",
"failedLoginsLast24H": "Failed Logins (24h)"
} }
} }

2
src/components/services/widget.jsx
View File

@ -27,6 +27,7 @@ import Gotify from "./widgets/service/gotify";
import Prowlarr from "./widgets/service/prowlarr"; import Prowlarr from "./widgets/service/prowlarr";
import Jackett from "./widgets/service/jackett"; import Jackett from "./widgets/service/jackett";
import AdGuard from "./widgets/service/adguard"; import AdGuard from "./widgets/service/adguard";
import Authentik from "./widgets/service/authentik";
const widgetMappings = { const widgetMappings = {
docker: Docker, docker: Docker,
@ -56,6 +57,7 @@ const widgetMappings = {
prowlarr: Prowlarr, prowlarr: Prowlarr,
jackett: Jackett, jackett: Jackett,
adguard: AdGuard, adguard: AdGuard,
authentik: Authentik,
}; };
export default function Widget({ service }) { export default function Widget({ service }) {

47
src/components/services/widgets/service/authentik.jsx Normal file
View File

@ -0,0 +1,47 @@
import useSWR from "swr";
import { useTranslation } from "react-i18next";
import Widget from "../widget";
import Block from "../block";
import { formatApiUrl } from "utils/api-helpers";
export default function Authentik({ service }) {
const { t } = useTranslation();
const config = service.widget;
const { data: usersData, error: usersError } = useSWR(formatApiUrl(config, "core/users?page_size=1"));
const { data: loginsData, error: loginsError } = useSWR(formatApiUrl(config, "events/events/per_month/?action=login&query={}"));
const { data: failedLoginsData, error: failedLoginsError } = useSWR(formatApiUrl(config, "events/events/per_month/?action=login_failed&query={}"));
if (usersError || loginsError || failedLoginsError) {
return <Widget error={t("widget.api_error")} />;
}
if (!usersData || !loginsData || !failedLoginsData) {
return (
<Widget>
<Block label={t("authentik.users")} />
<Block label={t("authentik.loginsLast24H")} />
<Block label={t("authentik.failedLoginsLast24H")} />
</Widget>
);
}
const yesterday = new Date(Date.now()).setHours(-24);
const loginsLast24H = loginsData.reduce((total, current) => {
return current.x_cord >= yesterday ? total + current.y_cord : total;
}, 0);
const failedLoginsLast24H = failedLoginsData.reduce((total, current) => {
return current.x_cord >= yesterday ? total + current.y_cord : total;
}, 0);
return (
<Widget>
<Block label={t("authentik.users")} value={t("common.number", { value: usersData.pagination.count })} />
<Block label={t("authentik.loginsLast24H")} value={t("common.number", { value: loginsLast24H })} />
<Block label={t("authentik.failedLoginsLast24H")} value={t("common.number", { value: failedLoginsLast24H })} />
</Widget>
);
}

1
src/pages/api/services/proxy.js
View File

@ -89,6 +89,7 @@ const serviceProxyHandlers = {
ombi: credentialedProxyHandler, ombi: credentialedProxyHandler,
coinmarketcap: credentialedProxyHandler, coinmarketcap: credentialedProxyHandler,
prowlarr: credentialedProxyHandler, prowlarr: credentialedProxyHandler,
authentik: credentialedProxyHandler,
// super specific handlers // super specific handlers
rutorrent: rutorrentProxyHandler, rutorrent: rutorrentProxyHandler,
nzbget: nzbgetProxyHandler, nzbget: nzbgetProxyHandler,

1
src/utils/api-helpers.js
View File

@ -24,6 +24,7 @@ const formats = {
prowlarr: `{url}/api/v1/{endpoint}`, prowlarr: `{url}/api/v1/{endpoint}`,
jackett: `{url}/api/v2.0/{endpoint}?apikey={key}&configured=true`, jackett: `{url}/api/v2.0/{endpoint}?apikey={key}&configured=true`,
adguard: `{url}/control/{endpoint}`, adguard: `{url}/control/{endpoint}`,
authentik: `{url}/api/v3/{endpoint}`,
}; };
export function formatApiCall(api, args) { export function formatApiCall(api, args) {

4
src/utils/proxies/credentialed.js
View File

@ -19,12 +19,14 @@ export default async function credentialedProxyHandler(req, res) {
headers["X-CMC_PRO_API_KEY"] = `${widget.key}`; headers["X-CMC_PRO_API_KEY"] = `${widget.key}`;
} else if (widget.type === "gotify") { } else if (widget.type === "gotify") {
headers["X-gotify-Key"] = `${widget.key}`; headers["X-gotify-Key"] = `${widget.key}`;
} else if (widget.type === "authentik") {
headers["Authorization"] = `Bearer ${widget.key}`;
} else { } else {
headers["X-API-Key"] = `${widget.key}`; headers["X-API-Key"] = `${widget.key}`;
} }
const [status, contentType, data] = await httpProxy(url, { const [status, contentType, data] = await httpProxy(url, {
method: req.method, method: "GET", // disallow a client SWR call to set a destructive HTTP verb
withCredentials: true, withCredentials: true,
credentials: "include", credentials: "include",
headers, headers,

2
src/utils/proxies/generic.js
View File

@ -19,7 +19,7 @@ export default async function genericProxyHandler(req, res, maps) {
} }
const [status, contentType, data] = await httpProxy(url, { const [status, contentType, data] = await httpProxy(url, {
method: req.method, method: "GET", // disallow a client SWR call to set a destructive HTTP verb
headers, headers,
}); });