Add button for downloading private keys

Allows users to access tunnels using standard SSH clients.
2025-02-25 18:55:29 -06:00 · 2020-10-24 14:12:18 -06:00 · 2020-10-24 14:12:18 -06:00 · 1607d41e5c
commit 1607d41e5c
parent 2ca14901fc
3 changed files with 42 additions and 3 deletions
--- a/api.go
+++ b/api.go
@ -34,6 +34,25 @@ func (a *Api) ServeHTTP(w http.ResponseWriter, r *http.Request) {
 	a.mux.ServeHTTP(w, r)
 }

+func (a *Api) GetTunnel(tokenData TokenData, params url.Values) (Tunnel, error) {
+	domain := params.Get("domain")
+	if domain == "" {
+		return Tunnel{}, errors.New("Invalid domain parameter")
+	}
+
+	tun, exists := a.db.GetTunnel(domain)
+	if !exists {
+		return Tunnel{}, errors.New("Tunnel doesn't exist for domain")
+	}
+
+	user, _ := a.db.GetUser(tokenData.Owner)
+	if user.IsAdmin || tun.Owner == tokenData.Owner {
+		return tun, nil
+	} else {
+		return Tunnel{}, errors.New("Unauthorized")
+	}
+}
+
 func (a *Api) GetTunnels(tokenData TokenData) map[string]Tunnel {

 	user, _ := a.db.GetUser(tokenData.Owner)
@ -64,9 +83,13 @@ func (a *Api) CreateTunnel(tokenData TokenData, params url.Values) (*Tunnel, err

 	sshKeyId := params.Get("ssh-key-id")

-	sshKey, exists := a.db.GetSshKey(sshKeyId)
-	if !exists {
-		return nil, errors.New("SSH key does not exist")
+	var sshKey SshKey
+	if sshKeyId != "" {
+		var exists bool
+		sshKey, exists = a.db.GetSshKey(sshKeyId)
+		if !exists {
+			return nil, errors.New("SSH key does not exist")
+		}
 	}

 	clientName := params.Get("client-name")
--- a/ui_handler.go
+++ b/ui_handler.go
@ -314,6 +314,20 @@ func (h *WebUiHandler) handleWebUiRequest(w http.ResponseWriter, r *http.Request
 			return
 		}

+	case "/tunnel-private-key":
+
+		r.ParseForm()
+
+		tun, err := h.api.GetTunnel(tokenData, r.Form)
+		if err != nil {
+			w.WriteHeader(400)
+			h.alertDialog(w, r, err.Error(), "/#/tunnels")
+			return
+		}
+
+		w.Header().Set("Content-Disposition", "attachment; filename=id_rsa")
+		io.WriteString(w, tun.TunnelPrivateKey)
+
 	case "/tokens":
 		h.handleTokens(w, r, user, tokenData)
 	case "/confirm-delete-token":
--- a/webui/index.tmpl
+++ b/webui/index.tmpl
@ -30,6 +30,8 @@
                <a href="https://{{$domain}}">{{$domain}}</a>:{{$tunnel.TunnelPort}} -> {{$tunnel.ClientName}} -> {{$tunnel.ClientAddress}}:{{$tunnel.ClientPort}}
              </div>

+              <a class='button' href="/tunnel-private-key?domain={{$domain}}">Download Private Key</a>
+
              <label class='button' for='toggle-tunnel-delete-dialog-{{$tunnel.CssId}}'>
                Delete
              </label>