Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
myhjmzy
code-server
提交
e7945bea
C
code-server
项目概览
myhjmzy
/
code-server
与 Fork 源项目一致
从无法访问的项目Fork
通知
3
Star
0
Fork
0
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
C
code-server
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
提交
Issue看板
前往新版Gitcode,体验更适合开发者的 AI 搜索 >>
未验证
提交
e7945bea
编写于
10月 24, 2019
作者:
A
Asher
浏览文件
操作
浏览文件
下载
电子邮件补丁
差异文件
Enable password authentication by default
Fixes #1062.
上级
91f49e1e
变更
4
隐藏空白更改
内联
并排
Showing
4 changed file
with
19 addition
and
15 deletion
+19
-15
README.md
README.md
+3
-3
src/node/cli.ts
src/node/cli.ts
+9
-6
src/node/server.ts
src/node/server.ts
+5
-5
src/node/util.ts
src/node/util.ts
+2
-1
未找到文件。
README.md
浏览文件 @
e7945bea
...
@@ -73,9 +73,9 @@ yarn binary ${vscodeVersion} ${codeServerVersion} # Or you can package it into a
...
@@ -73,9 +73,9 @@ yarn binary ${vscodeVersion} ${codeServerVersion} # Or you can package it into a
## Security
## Security
### Authentication
### Authentication
To enable built-in password authentication use
`code-server --auth password`
. B
y
By default
`code-server`
enables password authentication using a randoml
y
default it will use a randomly generated password but you can set the
generated password. You can set the
`PASSWORD`
environment variable to use your
`$PASSWORD`
environment variable to use your ow
n.
own instead or use
`--auth none`
to disable password authenticatio
n.
Do not expose
`code-server`
to the open internet without some form of
Do not expose
`code-server`
to the open internet without some form of
authentication.
authentication.
...
...
src/node/cli.ts
浏览文件 @
e7945bea
...
@@ -86,7 +86,7 @@ const startVscode = async (): Promise<void | void[]> => {
...
@@ -86,7 +86,7 @@ const startVscode = async (): Promise<void | void[]> => {
const
args
=
getArgs
();
const
args
=
getArgs
();
const
extra
=
args
[
"
_
"
]
||
[];
const
extra
=
args
[
"
_
"
]
||
[];
const
options
=
{
const
options
=
{
auth
:
args
.
auth
,
auth
:
args
.
auth
||
AuthType
.
Password
,
basePath
:
args
[
"
base-path
"
],
basePath
:
args
[
"
base-path
"
],
cert
:
args
.
cert
,
cert
:
args
.
cert
,
certKey
:
args
[
"
cert-key
"
],
certKey
:
args
[
"
cert-key
"
],
...
@@ -95,9 +95,9 @@ const startVscode = async (): Promise<void | void[]> => {
...
@@ -95,9 +95,9 @@ const startVscode = async (): Promise<void | void[]> => {
password
:
process
.
env
.
PASSWORD
,
password
:
process
.
env
.
PASSWORD
,
};
};
if
(
options
.
auth
&&
enumToArray
(
AuthType
).
filter
((
t
)
=>
t
===
options
.
auth
).
length
===
0
)
{
if
(
enumToArray
(
AuthType
).
filter
((
t
)
=>
t
===
options
.
auth
).
length
===
0
)
{
throw
new
Error
(
`'
${
options
.
auth
}
' is not a valid authentication type.`
);
throw
new
Error
(
`'
${
options
.
auth
}
' is not a valid authentication type.`
);
}
else
if
(
options
.
auth
&&
!
options
.
password
)
{
}
else
if
(
options
.
auth
===
"
password
"
&&
!
options
.
password
)
{
options
.
password
=
await
generatePassword
();
options
.
password
=
await
generatePassword
();
}
}
...
@@ -125,10 +125,13 @@ const startVscode = async (): Promise<void | void[]> => {
...
@@ -125,10 +125,13 @@ const startVscode = async (): Promise<void | void[]> => {
]);
]);
logger
.
info
(
`Server listening on
${
serverAddress
}
`
);
logger
.
info
(
`Server listening on
${
serverAddress
}
`
);
if
(
options
.
auth
&&
!
process
.
env
.
PASSWORD
)
{
if
(
options
.
auth
===
"
password
"
&&
!
process
.
env
.
PASSWORD
)
{
logger
.
info
(
` - Password is
${
options
.
password
}
`
);
logger
.
info
(
` - Password is
${
options
.
password
}
`
);
logger
.
info
(
"
- To use your own password, set the PASSWORD environment variable
"
);
logger
.
info
(
"
- To use your own password, set the PASSWORD environment variable
"
);
}
else
if
(
options
.
auth
)
{
if
(
!
args
.
auth
)
{
logger
.
info
(
"
- To disable use `--auth none`
"
);
}
}
else
if
(
options
.
auth
===
"
password
"
)
{
logger
.
info
(
"
- Using custom password for authentication
"
);
logger
.
info
(
"
- Using custom password for authentication
"
);
}
else
{
}
else
{
logger
.
info
(
"
- No authentication
"
);
logger
.
info
(
"
- No authentication
"
);
...
...
src/node/server.ts
浏览文件 @
e7945bea
...
@@ -110,7 +110,7 @@ export class HttpError extends Error {
...
@@ -110,7 +110,7 @@ export class HttpError extends Error {
}
}
export
interface
ServerOptions
{
export
interface
ServerOptions
{
readonly
auth
?
:
AuthType
;
readonly
auth
:
AuthType
;
readonly
basePath
?:
string
;
readonly
basePath
?:
string
;
readonly
connectionToken
?:
string
;
readonly
connectionToken
?:
string
;
readonly
cert
?:
string
;
readonly
cert
?:
string
;
...
@@ -133,7 +133,7 @@ export abstract class Server {
...
@@ -133,7 +133,7 @@ export abstract class Server {
public
constructor
(
options
:
ServerOptions
)
{
public
constructor
(
options
:
ServerOptions
)
{
this
.
options
=
{
this
.
options
=
{
host
:
options
.
auth
&&
options
.
cert
?
"
0.0.0.0
"
:
"
localhost
"
,
host
:
options
.
auth
===
"
password
"
&&
options
.
cert
?
"
0.0.0.0
"
:
"
localhost
"
,
...
options
,
...
options
,
basePath
:
options
.
basePath
?
options
.
basePath
.
replace
(
/
\/
+$/
,
""
)
:
""
,
basePath
:
options
.
basePath
?
options
.
basePath
.
replace
(
/
\/
+$/
,
""
)
:
""
,
};
};
...
@@ -269,7 +269,7 @@ export abstract class Server {
...
@@ -269,7 +269,7 @@ export abstract class Server {
base
=
path
.
normalize
(
base
);
base
=
path
.
normalize
(
base
);
requestPath
=
path
.
normalize
(
requestPath
||
"
/index.html
"
);
requestPath
=
path
.
normalize
(
requestPath
||
"
/index.html
"
);
if
(
base
!==
"
/login
"
||
!
this
.
options
.
auth
||
requestPath
!==
"
/index.html
"
)
{
if
(
base
!==
"
/login
"
||
this
.
options
.
auth
!==
"
password
"
||
requestPath
!==
"
/index.html
"
)
{
this
.
ensureGet
(
request
);
this
.
ensureGet
(
request
);
}
}
...
@@ -300,7 +300,7 @@ export abstract class Server {
...
@@ -300,7 +300,7 @@ export abstract class Server {
response
.
cache
=
true
;
response
.
cache
=
true
;
return
response
;
return
response
;
case
"
/login
"
:
case
"
/login
"
:
if
(
!
this
.
options
.
auth
||
requestPath
!==
"
/index.html
"
)
{
if
(
this
.
options
.
auth
!==
"
password
"
||
requestPath
!==
"
/index.html
"
)
{
throw
new
HttpError
(
"
Not found
"
,
HttpCode
.
NotFound
);
throw
new
HttpError
(
"
Not found
"
,
HttpCode
.
NotFound
);
}
}
return
this
.
tryLogin
(
request
);
return
this
.
tryLogin
(
request
);
...
@@ -421,7 +421,7 @@ export abstract class Server {
...
@@ -421,7 +421,7 @@ export abstract class Server {
}
}
private
authenticate
(
request
:
http
.
IncomingMessage
,
payload
?:
LoginPayload
):
boolean
{
private
authenticate
(
request
:
http
.
IncomingMessage
,
payload
?:
LoginPayload
):
boolean
{
if
(
!
this
.
options
.
auth
)
{
if
(
this
.
options
.
auth
!==
"
password
"
)
{
return
true
;
return
true
;
}
}
const
safeCompare
=
localRequire
<
typeof
import
(
"
safe-compare
"
)
>
(
"
safe-compare/index
"
);
const
safeCompare
=
localRequire
<
typeof
import
(
"
safe-compare
"
)
>
(
"
safe-compare/index
"
);
...
...
src/node/util.ts
浏览文件 @
e7945bea
...
@@ -14,6 +14,7 @@ import { mkdirp } from "vs/base/node/pfs";
...
@@ -14,6 +14,7 @@ import { mkdirp } from "vs/base/node/pfs";
export
enum
AuthType
{
export
enum
AuthType
{
Password
=
"
password
"
,
Password
=
"
password
"
,
None
=
"
none
"
,
}
}
export
enum
FormatType
{
export
enum
FormatType
{
...
@@ -127,7 +128,7 @@ export const enumToArray = (t: any): string[] => {
...
@@ -127,7 +128,7 @@ export const enumToArray = (t: any): string[] => {
export
const
buildAllowedMessage
=
(
t
:
any
):
string
=>
{
export
const
buildAllowedMessage
=
(
t
:
any
):
string
=>
{
const
values
=
enumToArray
(
t
);
const
values
=
enumToArray
(
t
);
return
`Allowed value
${
values
.
length
===
1
?
"
is
"
:
"
s are
"
}
${
values
.
map
((
t
)
=>
`'
${
t
}
'`
).
join
(
"
,
"
)}
`
;
return
`Allowed value
${
values
.
length
===
1
?
"
is
"
:
"
s are
"
}
${
values
.
map
((
t
)
=>
`'
${
t
}
'`
).
join
(
"
,
"
)}
`
;
};
};
/**
/**
...
...
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录