mirror of
https://github.com/SillyTavern/SillyTavern.git
synced 2025-02-03 20:57:43 +01:00
Add disable CSRF to config.yaml. Add basicAuthMode to console args.
This commit is contained in:
parent
d02f81974c
commit
790185f9e9
@ -26,7 +26,9 @@ enableUserAccounts: false
|
|||||||
enableDiscreetLogin: false
|
enableDiscreetLogin: false
|
||||||
# Used to sign session cookies. Will be auto-generated if not set
|
# Used to sign session cookies. Will be auto-generated if not set
|
||||||
cookieSecret: ''
|
cookieSecret: ''
|
||||||
# Disable security checks - NOT RECOMMENDED
|
# Disable CSRF protection - NOT RECOMMENDED
|
||||||
|
disableCsrfProtection: false
|
||||||
|
# Disable startup security checks - NOT RECOMMENDED
|
||||||
securityOverride: false
|
securityOverride: false
|
||||||
# -- ADVANCED CONFIGURATION --
|
# -- ADVANCED CONFIGURATION --
|
||||||
# Open the browser automatically
|
# Open the browser automatically
|
||||||
|
16
server.js
16
server.js
@ -63,6 +63,9 @@ const DEFAULT_AUTORUN = false;
|
|||||||
const DEFAULT_LISTEN = false;
|
const DEFAULT_LISTEN = false;
|
||||||
const DEFAULT_CORS_PROXY = false;
|
const DEFAULT_CORS_PROXY = false;
|
||||||
const DEFAULT_WHITELIST = true;
|
const DEFAULT_WHITELIST = true;
|
||||||
|
const DEFAULT_ACCOUNTS = false;
|
||||||
|
const DEFAULT_CSRF_DISABLED = false;
|
||||||
|
const DEFAULT_BASIC_AUTH = false;
|
||||||
|
|
||||||
const cliArguments = yargs(hideBin(process.argv))
|
const cliArguments = yargs(hideBin(process.argv))
|
||||||
.usage('Usage: <your-start-script> <command> [options]')
|
.usage('Usage: <your-start-script> <command> [options]')
|
||||||
@ -84,7 +87,7 @@ const cliArguments = yargs(hideBin(process.argv))
|
|||||||
describe: `Enables CORS proxy\nIf not provided falls back to yaml config 'enableCorsProxy'.\n[config default: ${DEFAULT_CORS_PROXY}]`,
|
describe: `Enables CORS proxy\nIf not provided falls back to yaml config 'enableCorsProxy'.\n[config default: ${DEFAULT_CORS_PROXY}]`,
|
||||||
}).option('disableCsrf', {
|
}).option('disableCsrf', {
|
||||||
type: 'boolean',
|
type: 'boolean',
|
||||||
default: false,
|
default: null,
|
||||||
describe: 'Disables CSRF protection',
|
describe: 'Disables CSRF protection',
|
||||||
}).option('ssl', {
|
}).option('ssl', {
|
||||||
type: 'boolean',
|
type: 'boolean',
|
||||||
@ -106,6 +109,10 @@ const cliArguments = yargs(hideBin(process.argv))
|
|||||||
type: 'string',
|
type: 'string',
|
||||||
default: null,
|
default: null,
|
||||||
describe: 'Root directory for data storage',
|
describe: 'Root directory for data storage',
|
||||||
|
}).option('basicAuthMode', {
|
||||||
|
type: 'boolean',
|
||||||
|
default: null,
|
||||||
|
describe: 'Enables basic authentication',
|
||||||
}).parseSync();
|
}).parseSync();
|
||||||
|
|
||||||
// change all relative paths
|
// change all relative paths
|
||||||
@ -126,8 +133,9 @@ const listen = cliArguments.listen ?? getConfigValue('listen', DEFAULT_LISTEN);
|
|||||||
const enableCorsProxy = cliArguments.corsProxy ?? getConfigValue('enableCorsProxy', DEFAULT_CORS_PROXY);
|
const enableCorsProxy = cliArguments.corsProxy ?? getConfigValue('enableCorsProxy', DEFAULT_CORS_PROXY);
|
||||||
const enableWhitelist = cliArguments.whitelist ?? getConfigValue('whitelistMode', DEFAULT_WHITELIST);
|
const enableWhitelist = cliArguments.whitelist ?? getConfigValue('whitelistMode', DEFAULT_WHITELIST);
|
||||||
const dataRoot = cliArguments.dataRoot ?? getConfigValue('dataRoot', './data');
|
const dataRoot = cliArguments.dataRoot ?? getConfigValue('dataRoot', './data');
|
||||||
const basicAuthMode = getConfigValue('basicAuthMode', false);
|
const disableCsrf = cliArguments.disableCsrf ?? getConfigValue('disableCsrfProtection', DEFAULT_CSRF_DISABLED);
|
||||||
const enableAccounts = getConfigValue('enableUserAccounts', false);
|
const basicAuthMode = cliArguments.basicAuthMode ?? getConfigValue('basicAuthMode', DEFAULT_BASIC_AUTH);
|
||||||
|
const enableAccounts = getConfigValue('enableUserAccounts', DEFAULT_ACCOUNTS);
|
||||||
|
|
||||||
const { UPLOADS_PATH } = require('./src/constants');
|
const { UPLOADS_PATH } = require('./src/constants');
|
||||||
|
|
||||||
@ -204,7 +212,7 @@ app.use(cookieSession({
|
|||||||
app.use(userModule.setUserDataMiddleware);
|
app.use(userModule.setUserDataMiddleware);
|
||||||
|
|
||||||
// CSRF Protection //
|
// CSRF Protection //
|
||||||
if (!cliArguments.disableCsrf) {
|
if (!disableCsrf) {
|
||||||
const COOKIES_SECRET = userModule.getCookieSecret();
|
const COOKIES_SECRET = userModule.getCookieSecret();
|
||||||
|
|
||||||
const { generateToken, doubleCsrfProtection } = doubleCsrf({
|
const { generateToken, doubleCsrfProtection } = doubleCsrf({
|
||||||
|
Loading…
x
Reference in New Issue
Block a user