DAProgs/portspoof_concentrator
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Added connections link to main page

Browse Source
This commit is contained in:
DAProgs
2026-03-11 11:03:30 -04:00
parent 3634f502a1
commit 0aabf321ef
3 changed files with 32 additions and 17 deletions
Download Patch File Download Diff File Expand all files Collapse all files

40
api/connections.php
View File

@@ -4,37 +4,47 @@
* *
* Returns connections from the last 10 minutes (or ?minutes=N) as JSON. * Returns connections from the last 10 minutes (or ?minutes=N) as JSON.
* *
* Authentication: same TRIGGER_TOKEN as trigger.php * Authentication (any one of):
* Authorization: Bearer <token> * - Active web session (logged-in browser)
* or ?token=<token> * - Authorization: Bearer <TRIGGER_TOKEN>
* - ?token=<TRIGGER_TOKEN>
* *
* Optional query parameters: * Optional query parameters:
* minutes int Lookback window in minutes (default 10, max 1440) * minutes int Lookback window in minutes (default 10, max 1440)
* node_id int Filter to a specific node * node_id int Filter to a specific node
*/ */
require_once __DIR__ . '/../includes/auth.php';
require_once __DIR__ . '/../includes/functions.php'; require_once __DIR__ . '/../includes/functions.php';
header('Content-Type: application/json'); header('Content-Type: application/json');
// ── Auth ────────────────────────────────────────────────────────────────────── // ── Auth ──────────────────────────────────────────────────────────────────────
if (TRIGGER_TOKEN === '') { // Accept a valid session from a logged-in browser
http_response_code(503); $session_ok = false;
echo json_encode(['error' => 'API is disabled. Set TRIGGER_TOKEN in config.php.']); if (auth_enabled()) {
exit; if (session_status() === PHP_SESSION_NONE) {
session_start();
}
$session_ok = !empty($_SESSION['authenticated']);
} }
$provided = ''; // Accept a Bearer token or ?token= for programmatic access
$auth_header = $_SERVER['HTTP_AUTHORIZATION'] ?? ''; $token_ok = false;
if (str_starts_with($auth_header, 'Bearer ')) { if (TRIGGER_TOKEN !== '') {
$provided = substr($auth_header, 7); $provided = '';
} $auth_header = $_SERVER['HTTP_AUTHORIZATION'] ?? '';
if ($provided === '' && isset($_REQUEST['token'])) { if (str_starts_with($auth_header, 'Bearer ')) {
$provided = $_REQUEST['token']; $provided = substr($auth_header, 7);
}
if ($provided === '' && isset($_REQUEST['token'])) {
$provided = $_REQUEST['token'];
}
$token_ok = $provided !== '' && hash_equals(TRIGGER_TOKEN, $provided);
} }
if (!hash_equals(TRIGGER_TOKEN, $provided)) { if (!$session_ok && !$token_ok) {
http_response_code(401); http_response_code(401);
echo json_encode(['error' => 'Unauthorized']); echo json_encode(['error' => 'Unauthorized']);
exit; exit;

7
index.php
View File

@@ -133,7 +133,12 @@ $max_port_cnt = $t_ports ? max(array_column($t_ports, 'cnt')) : 1;
<!-- Recent connections --> <!-- Recent connections -->
<div class="card"> <div class="card">
<h2>Recent connections <?= $filter_node ? '(filtered)' : '' ?></h2> <h2>
Recent connections <?= $filter_node ? '(filtered)' : '' ?>
<a href="api/connections.php<?= $filter_node ? '?node_id=' . $filter_node : '' ?>"
style="float:right;font-size:.75rem;font-weight:400;color:var(--accent);text-decoration:none"
target="_blank">JSON API ↗</a>
</h2>
<?php if (empty($recent)): ?> <?php if (empty($recent)): ?>
<p class="muted">No connections ingested yet. Make sure at least one node is configured and the fetch cron is running.</p> <p class="muted">No connections ingested yet. Make sure at least one node is configured and the fetch cron is running.</p>
<?php else: ?> <?php else: ?>

2
version.php
View File

@@ -1,2 +1,2 @@
<?php <?php
define('APP_VERSION', '2603.2'); define('APP_VERSION', '2603.3');