Notify about listen mode connections
This commit is contained in:
parent
11c7c81d1b
commit
4fd0a055e2
|
@ -6,3 +6,4 @@ Start.bat
|
||||||
/dist
|
/dist
|
||||||
/backups/
|
/backups/
|
||||||
cloudflared.exe
|
cloudflared.exe
|
||||||
|
access.log
|
||||||
|
|
|
@ -32,4 +32,5 @@ public/movingUI/
|
||||||
public/QuickReplies/
|
public/QuickReplies/
|
||||||
content.log
|
content.log
|
||||||
cloudflared.exe
|
cloudflared.exe
|
||||||
public/assets/
|
public/assets/
|
||||||
|
access.log
|
||||||
|
|
|
@ -5,3 +5,4 @@ node_modules/
|
||||||
secrets.json
|
secrets.json
|
||||||
/dist
|
/dist
|
||||||
/backups/
|
/backups/
|
||||||
|
access.log
|
||||||
|
|
76
server.js
76
server.js
|
@ -156,6 +156,21 @@ let response_getstatus;
|
||||||
let first_run = true;
|
let first_run = true;
|
||||||
|
|
||||||
|
|
||||||
|
let color = {
|
||||||
|
byNum: (mess, fgNum) => {
|
||||||
|
mess = mess || '';
|
||||||
|
fgNum = fgNum === undefined ? 31 : fgNum;
|
||||||
|
return '\u001b[' + fgNum + 'm' + mess + '\u001b[39m';
|
||||||
|
},
|
||||||
|
black: (mess) => color.byNum(mess, 30),
|
||||||
|
red: (mess) => color.byNum(mess, 31),
|
||||||
|
green: (mess) => color.byNum(mess, 32),
|
||||||
|
yellow: (mess) => color.byNum(mess, 33),
|
||||||
|
blue: (mess) => color.byNum(mess, 34),
|
||||||
|
magenta: (mess) => color.byNum(mess, 35),
|
||||||
|
cyan: (mess) => color.byNum(mess, 36),
|
||||||
|
white: (mess) => color.byNum(mess, 37)
|
||||||
|
};
|
||||||
|
|
||||||
function get_mancer_headers() {
|
function get_mancer_headers() {
|
||||||
const api_key_mancer = readSecret(SECRET_KEYS.MANCER);
|
const api_key_mancer = readSecret(SECRET_KEYS.MANCER);
|
||||||
|
@ -368,7 +383,10 @@ app.use(CORS);
|
||||||
|
|
||||||
if (listen && config.basicAuthMode) app.use(basicAuthMiddleware);
|
if (listen && config.basicAuthMode) app.use(basicAuthMiddleware);
|
||||||
|
|
||||||
app.use(function (req, res, next) { //Security
|
// IP Whitelist //
|
||||||
|
let knownIPs = new Set();
|
||||||
|
|
||||||
|
function getIpFromRequest(req) {
|
||||||
let clientIp = req.connection.remoteAddress;
|
let clientIp = req.connection.remoteAddress;
|
||||||
let ip = ipaddr.parse(clientIp);
|
let ip = ipaddr.parse(clientIp);
|
||||||
// Check if the IP address is IPv4-mapped IPv6 address
|
// Check if the IP address is IPv4-mapped IPv6 address
|
||||||
|
@ -379,33 +397,35 @@ app.use(function (req, res, next) { //Security
|
||||||
clientIp = ip;
|
clientIp = ip;
|
||||||
clientIp = clientIp.toString();
|
clientIp = clientIp.toString();
|
||||||
}
|
}
|
||||||
|
return clientIp;
|
||||||
|
}
|
||||||
|
|
||||||
|
app.use(function (req, res, next) {
|
||||||
|
const clientIp = getIpFromRequest(req);
|
||||||
|
|
||||||
|
if (listen && !knownIPs.has(clientIp)) {
|
||||||
|
const userAgent = req.headers['user-agent'];
|
||||||
|
console.log(color.yellow(`New connection from ${clientIp}; User Agent: ${userAgent}]\n`));
|
||||||
|
knownIPs.add(clientIp);
|
||||||
|
|
||||||
|
// Write access log
|
||||||
|
const timestamp = new Date().toISOString();
|
||||||
|
const log = `${timestamp} ${clientIp} ${userAgent}\n`;
|
||||||
|
fs.appendFile('access.log', log, (err) => {
|
||||||
|
if (err) {
|
||||||
|
console.error('Failed to write access log:', err);
|
||||||
|
}
|
||||||
|
});
|
||||||
|
}
|
||||||
|
|
||||||
//clientIp = req.connection.remoteAddress.split(':').pop();
|
//clientIp = req.connection.remoteAddress.split(':').pop();
|
||||||
if (whitelistMode === true && !whitelist.some(x => ipMatching.matches(clientIp, ipMatching.getMatch(x)))) {
|
if (whitelistMode === true && !whitelist.some(x => ipMatching.matches(clientIp, ipMatching.getMatch(x)))) {
|
||||||
console.log('Forbidden: Connection attempt from ' + clientIp + '. If you are attempting to connect, please add your IP address in whitelist or disable whitelist mode in config.conf in root of SillyTavern folder.\n');
|
console.log(color.red('Forbidden: Connection attempt from ' + clientIp + '. If you are attempting to connect, please add your IP address in whitelist or disable whitelist mode in config.conf in root of SillyTavern folder.\n'));
|
||||||
return res.status(403).send('<b>Forbidden</b>: Connection attempt from <b>' + clientIp + '</b>. If you are attempting to connect, please add your IP address in whitelist or disable whitelist mode in config.conf in root of SillyTavern folder.');
|
return res.status(403).send('<b>Forbidden</b>: Connection attempt from <b>' + clientIp + '</b>. If you are attempting to connect, please add your IP address in whitelist or disable whitelist mode in config.conf in root of SillyTavern folder.');
|
||||||
}
|
}
|
||||||
next();
|
next();
|
||||||
});
|
});
|
||||||
|
|
||||||
app.use((req, res, next) => {
|
|
||||||
if (req.url.startsWith('/characters/') && is_colab && process.env.googledrive == 2) {
|
|
||||||
|
|
||||||
const filePath = path.join(charactersPath, decodeURIComponent(req.url.substr('/characters'.length)));
|
|
||||||
console.log('req.url: ' + req.url);
|
|
||||||
console.log(filePath);
|
|
||||||
fs.access(filePath, fs.constants.R_OK, (err) => {
|
|
||||||
if (!err) {
|
|
||||||
res.sendFile(filePath, { root: process.cwd() });
|
|
||||||
} else {
|
|
||||||
res.send('Character not found: ' + filePath);
|
|
||||||
//next();
|
|
||||||
}
|
|
||||||
});
|
|
||||||
} else {
|
|
||||||
next();
|
|
||||||
}
|
|
||||||
});
|
|
||||||
|
|
||||||
app.use(express.static(process.cwd() + "/public", { refresh: true }));
|
app.use(express.static(process.cwd() + "/public", { refresh: true }));
|
||||||
|
|
||||||
|
@ -811,10 +831,6 @@ app.post("/getstatus", jsonParser, async function (request, response_getstatus =
|
||||||
});
|
});
|
||||||
});
|
});
|
||||||
|
|
||||||
const formatApiUrl = (url) => (url.indexOf('localhost') !== -1)
|
|
||||||
? url.replace('localhost', '127.0.0.1')
|
|
||||||
: url;
|
|
||||||
|
|
||||||
function getVersion() {
|
function getVersion() {
|
||||||
let pkgVersion = 'UNKNOWN';
|
let pkgVersion = 'UNKNOWN';
|
||||||
let gitRevision = null;
|
let gitRevision = null;
|
||||||
|
@ -3950,21 +3966,23 @@ const setupTasks = async function () {
|
||||||
|
|
||||||
if (autorun) open(autorunUrl.toString());
|
if (autorun) open(autorunUrl.toString());
|
||||||
|
|
||||||
console.log('\x1b[32mSillyTavern is listening on: ' + tavernUrl + '\x1b[0m');
|
console.log(color.green('SillyTavern is listening on: ' + tavernUrl));
|
||||||
|
|
||||||
if (listen) {
|
if (listen) {
|
||||||
console.log('\n0.0.0.0 means SillyTavern is listening on all network interfaces (Wi-Fi, LAN, localhost). If you want to limit it only to internal localhost (127.0.0.1), change the setting in config.conf to “listen=false”\n');
|
console.log('\n0.0.0.0 means SillyTavern is listening on all network interfaces (Wi-Fi, LAN, localhost). If you want to limit it only to internal localhost (127.0.0.1), change the setting in config.conf to "listen=false". Check "access.log" file in the SillyTavern directory if you want to inspect incoming connections.\n');
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
if (listen && !config.whitelistMode && !config.basicAuthMode) {
|
if (listen && !config.whitelistMode && !config.basicAuthMode) {
|
||||||
if (config.securityOverride)
|
if (config.securityOverride) {
|
||||||
console.warn("Security has been override. If it's not a trusted network, change the settings.");
|
console.warn(color.red("Security has been overridden. If it's not a trusted network, change the settings."));
|
||||||
|
}
|
||||||
else {
|
else {
|
||||||
console.error('Your SillyTavern is currently unsecurely open to the public. Enable whitelisting or basic authentication.');
|
console.error(color.red('Your SillyTavern is currently unsecurely open to the public. Enable whitelisting or basic authentication.'));
|
||||||
process.exit(1);
|
process.exit(1);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
if (true === cliArguments.ssl)
|
if (true === cliArguments.ssl)
|
||||||
https.createServer(
|
https.createServer(
|
||||||
{
|
{
|
||||||
|
|
Loading…
Reference in New Issue