diff --git a/README.md b/README.md
index 62849ff..e096e6a 100644
--- a/README.md
+++ b/README.md
@@ -14,6 +14,7 @@ you can do with this application with web GUI and without any command:
Requirement:
* nodejs
+ * libpam0g-dev (for PAM authentication)
## how use:
@@ -32,6 +33,7 @@ you can change config in first lines of `pm2panel.js`:
```javascript
const PORT = 3001;
+const PAM_AUTH = true; // if set to true, USER and PASS won't be used
const USER = 'admin';
const PASS = 'admin';
const SESSTION_AGE = 10 * 60000; // 10 minutes
@@ -42,4 +44,3 @@ change port or user name and password
-
diff --git a/package.json b/package.json
index a12febf..9308573 100644
--- a/package.json
+++ b/package.json
@@ -30,6 +30,7 @@
"express": "^4.16.2",
"express-session": "^1.15.6",
"fs": "0.0.1-security",
+ "node-linux-pam": "0.0.1",
"path": "^0.12.7"
}
}
diff --git a/pm2panel.js b/pm2panel.js
index e64a068..91191ab 100644
--- a/pm2panel.js
+++ b/pm2panel.js
@@ -3,6 +3,7 @@
// config panel
//##############################################################################
const PORT = 3001;
+const PAM_AUTH = true; // if set to true, USER and PASS won't be used
const USER = 'admin';
const PASS = 'admin';
const SESSTION_AGE = 10 * 60000; // 10 minutes
@@ -16,6 +17,7 @@ const express = require('express');
const app = express();
const exec = require("child_process").exec;
const fs = require('fs');
+const { pamAuthenticate, pamErrors } = require('node-linux-pam');
var session = require('express-session');
@@ -55,22 +57,48 @@ app.get('/login', function (req, res) {
});
app.post('/loginCheck', function (req, res) {
- // check username and password
- if (req.body.username === USER && req.body.passwd == PASS) {
- // login process
- req.session.islogin = true;
- // redirect to panel
- res.writeHead(302, {
- 'Location': '/'
+ // check if local or pam authentication is requested
+ if (PAM_AUTH) {
+ pamAuthenticate({
+ username: req.body.username,
+ password: req.body.passwd
+ }, (err, code) => {
+ if (!err) {
+ // login process
+ req.session.islogin = true;
+ // redirect to panel
+ res.writeHead(302, {
+ 'Location': '/'
+ });
+ } else {
+ // user or password incorrect go back to login and logging PAM code if not 7 (invalid credentials)
+ if (code != 7) console.log('Unsuccessful PAM authentication, code: ' + code);
+ res.writeHead(302, {
+ 'Location': '/login?err=' + (code == 7 ? 'invalid_credentials' : 'system')
+
+ });
+ }
+
+ res.end();
});
} else {
- // user or password incrrect go back to login
- res.writeHead(302, {
- 'Location': '/login'
+ // check username and password by local authentication
+ if (req.body.username === USER && req.body.passwd == PASS) {
+ // login process
+ req.session.islogin = true;
+ // redirect to panel
+ res.writeHead(302, {
+ 'Location': '/'
+ });
+ } else {
+ // user or password incrrect go back to login
+ res.writeHead(302, {
+ 'Location': '/login?err=invalid_credentials'
- });
+ });
+ }
+ res.end();
}
- res.end();
});
@@ -154,7 +182,7 @@ app.get('/restart', function (req, res) {
res.end();
} else {
- // check id exits
+ // check id exits
if (req.query.id) {
// restart the process
exec("pm2 restart " + req.query.id, (error, stdout, stderr) => {
@@ -184,7 +212,7 @@ app.get('/start', function (req, res) {
res.end();
} else {
- // check id exits
+ // check id exits
if (req.query.id) {
// start the process
exec("pm2 start " + req.query.id, (error, stdout, stderr) => {
@@ -214,7 +242,7 @@ app.get('/stop', function (req, res) {
res.end();
} else {
- // check id exits
+ // check id exits
if (req.query.id) {
// stop the process
exec("pm2 stop " + req.query.id, (error, stdout, stderr) => {
@@ -244,7 +272,7 @@ app.get('/delete', function (req, res) {
res.end();
} else {
- // check id exits
+ // check id exits
if (req.query.id) {
// delete the process
exec("pm2 delete " + req.query.id, (error, stdout, stderr) => {
@@ -392,7 +420,7 @@ app.get('/log', function (req, res) {
res.end();
} else {
- // check id exits
+ // check id exits
if (req.query.id) {
// log of the process
var proc = require('child_process').spawn("pm2", ['log', req.query.id]);
@@ -422,4 +450,4 @@ app.get('/log', function (req, res) {
app.listen(PORT, function () {
console.log('pm2panel app listening on port ' + PORT + '! \n test: http://localhost:' + PORT);
-});
\ No newline at end of file
+});
diff --git a/www/login.html b/www/login.html
index 22f4331..e66a40c 100644
--- a/www/login.html
+++ b/www/login.html
@@ -16,6 +16,7 @@
Login to Pm2 panel
+
+