diff --git a/monkey/monkey_island/cc/auth.py b/monkey/monkey_island/cc/auth.py
index a32d6ec9d..f12a7f8cd 100644
--- a/monkey/monkey_island/cc/auth.py
+++ b/monkey/monkey_island/cc/auth.py
@@ -33,20 +33,18 @@ def init_jwt(app):
user_id = payload['identity']
return userid_table.get(user_id, None)
- if env.is_auth_enabled():
- JWT(app, authenticate, identity)
+ JWT(app, authenticate, identity)
def jwt_required(realm=None):
def wrapper(fn):
@wraps(fn)
def decorator(*args, **kwargs):
- if env.is_auth_enabled():
- try:
- _jwt_required(realm or current_app.config['JWT_DEFAULT_REALM'])
- except JWTError:
- abort(401)
- return fn(*args, **kwargs)
+ try:
+ _jwt_required(realm or current_app.config['JWT_DEFAULT_REALM'])
+ return fn(*args, **kwargs)
+ except JWTError:
+ abort(401)
return decorator
diff --git a/monkey/monkey_island/cc/environment/__init__.py b/monkey/monkey_island/cc/environment/__init__.py
index d29d558a6..62b0e9eed 100644
--- a/monkey/monkey_island/cc/environment/__init__.py
+++ b/monkey/monkey_island/cc/environment/__init__.py
@@ -37,10 +37,6 @@ class Environment(object):
h.update(secret)
return h.hexdigest()
- @abc.abstractmethod
- def is_auth_enabled(self):
- return
-
@abc.abstractmethod
def get_auth_users(self):
return
diff --git a/monkey/monkey_island/cc/environment/aws.py b/monkey/monkey_island/cc/environment/aws.py
index fc048443f..171eeb5c0 100644
--- a/monkey/monkey_island/cc/environment/aws.py
+++ b/monkey/monkey_island/cc/environment/aws.py
@@ -18,9 +18,6 @@ class AwsEnvironment(Environment):
def _get_region(self):
return self.aws_info.get_region()
- def is_auth_enabled(self):
- return True
-
def get_auth_users(self):
return [
cc.auth.User(1, 'monkey', self.hash_secret(self._instance_id))
diff --git a/monkey/monkey_island/cc/environment/password.py b/monkey/monkey_island/cc/environment/password.py
index 96ca043b8..30ddd8267 100644
--- a/monkey/monkey_island/cc/environment/password.py
+++ b/monkey/monkey_island/cc/environment/password.py
@@ -6,9 +6,6 @@ __author__ = 'itay.mizeretz'
class PasswordEnvironment(Environment):
- def is_auth_enabled(self):
- return True
-
def get_auth_users(self):
return [
cc.auth.User(1, self.config['user'], self.config['hash'])
diff --git a/monkey/monkey_island/cc/environment/standard.py b/monkey/monkey_island/cc/environment/standard.py
index 8df00a2c3..532ced959 100644
--- a/monkey/monkey_island/cc/environment/standard.py
+++ b/monkey/monkey_island/cc/environment/standard.py
@@ -1,12 +1,15 @@
+import cc.auth
from cc.environment import Environment
__author__ = 'itay.mizeretz'
class StandardEnvironment(Environment):
-
- def is_auth_enabled(self):
- return False
+ # SHA3-512 of '1234567890!@#$%^&*()_nothing_up_my_sleeve_1234567890!@#$%^&*()'
+ NO_AUTH_CREDS = '55e97c9dcfd22b8079189ddaeea9bce8125887e3237b800c6176c9afa80d2062' \
+ '8d2c8d0b1538d2208c1444ac66535b764a3d902b35e751df3faec1e477ed3557'
def get_auth_users(self):
- return []
+ return [
+ cc.auth.User(1, StandardEnvironment.NO_AUTH_CREDS, StandardEnvironment.NO_AUTH_CREDS)
+ ]
diff --git a/monkey/monkey_island/cc/ui/src/components/Main.js b/monkey/monkey_island/cc/ui/src/components/Main.js
index 114775756..69eeb8500 100644
--- a/monkey/monkey_island/cc/ui/src/components/Main.js
+++ b/monkey/monkey_island/cc/ui/src/components/Main.js
@@ -27,31 +27,42 @@ let guardicoreLogoImage = require('../images/guardicore-logo.png');
class AppComponent extends AuthComponent {
updateStatus = () => {
- if (this.auth.loggedIn()){
- this.authFetch('/api')
- .then(res => res.json())
- .then(res => {
- // This check is used to prevent unnecessary re-rendering
- let isChanged = false;
- for (let step in this.state.completedSteps) {
- if (this.state.completedSteps[step] !== res['completed_steps'][step]) {
- isChanged = true;
- break;
- }
- }
- if (isChanged) {
- this.setState({completedSteps: res['completed_steps']});
- }
+ this.auth.loggedIn()
+ .then(res => {
+ this.setState({
+ isLoggedIn: res
});
- }
+
+ if (res) {
+ this.authFetch('/api')
+ .then(res => res.json())
+ .then(res => {
+ // This check is used to prevent unnecessary re-rendering
+ let isChanged = false;
+ for (let step in this.state.completedSteps) {
+ if (this.state.completedSteps[step] !== res['completed_steps'][step]) {
+ isChanged = true;
+ break;
+ }
+ }
+ if (isChanged) {
+ this.setState({completedSteps: res['completed_steps']});
+ }
+ });
+ }
+ });
};
renderRoute = (route_path, page_component, is_exact_path = false) => {
let render_func = (props) => {
- if (this.auth.loggedIn()) {
- return page_component;
- } else {
- return <Redirect to={{pathname: '/login'}}/>;
+ switch (this.state.isLoggedIn) {
+ case true:
+ return page_component;
+ case false:
+ return <Redirect to={{pathname: '/login'}}/>;
+ default:
+ return page_component;
+
}
};
@@ -69,7 +80,8 @@ class AppComponent extends AuthComponent {
run_server: true,
run_monkey: false,
infection_done: false,
- report_done: false
+ report_done: false,
+ isLoggedIn: undefined
}
};
}
diff --git a/monkey/monkey_island/cc/ui/src/components/pages/LoginPage.js b/monkey/monkey_island/cc/ui/src/components/pages/LoginPage.js
index cc1eefecd..2fdba21aa 100644
--- a/monkey/monkey_island/cc/ui/src/components/pages/LoginPage.js
+++ b/monkey/monkey_island/cc/ui/src/components/pages/LoginPage.js
@@ -34,9 +34,12 @@ class LoginPageComponent extends React.Component {
this.state = {
failed: false
};
- if (this.auth.loggedIn()) {
- this.redirectToHome();
- }
+ this.auth.loggedIn()
+ .then(res => {
+ if (res) {
+ this.redirectToHome();
+ }
+ });
}
render() {
diff --git a/monkey/monkey_island/cc/ui/src/index.js b/monkey/monkey_island/cc/ui/src/index.js
index 3b4138107..329e94dfe 100644
--- a/monkey/monkey_island/cc/ui/src/index.js
+++ b/monkey/monkey_island/cc/ui/src/index.js
@@ -1,6 +1,7 @@
import 'core-js/fn/object/assign';
import React from 'react';
import ReactDOM from 'react-dom';
+import 'babel-polyfill';
import App from './components/Main';
import Bootstrap from 'bootstrap/dist/css/bootstrap.css'; // eslint-disable-line no-unused-vars
diff --git a/monkey/monkey_island/cc/ui/src/services/AuthService.js b/monkey/monkey_island/cc/ui/src/services/AuthService.js
index 703a96559..547b14272 100644
--- a/monkey/monkey_island/cc/ui/src/services/AuthService.js
+++ b/monkey/monkey_island/cc/ui/src/services/AuthService.js
@@ -1,24 +1,18 @@
import { SHA3 } from 'sha3';
import decode from 'jwt-decode';
-import {SERVER_CONFIG} from '../server_config/ServerConfig';
export default class AuthService {
- AUTH_ENABLED = SERVER_CONFIG.isAuthEnabled();
+ // SHA3-512 of '1234567890!@#$%^&*()_nothing_up_my_sleeve_1234567890!@#$%^&*()'
+ NO_AUTH_CREDS =
+ "55e97c9dcfd22b8079189ddaeea9bce8125887e3237b800c6176c9afa80d2062" +
+ "8d2c8d0b1538d2208c1444ac66535b764a3d902b35e751df3faec1e477ed3557";
login = (username, password) => {
- if (this.AUTH_ENABLED) {
- return this._login(username, this.hashSha3(password));
- } else {
- return {result: true};
- }
+ return this._login(username, this.hashSha3(password));
};
authFetch = (url, options) => {
- if (this.AUTH_ENABLED) {
- return this._authFetch(url, options);
- } else {
- return fetch(url, options);
- }
+ return this._authFetch(url, options);
};
hashSha3(text) {
@@ -43,7 +37,6 @@ export default class AuthService {
this._removeToken();
return {result: false};
}
-
})
};
@@ -53,7 +46,7 @@ export default class AuthService {
'Content-Type': 'application/json'
};
- if (this.loggedIn()) {
+ if (this._loggedIn()) {
headers['Authorization'] = 'JWT ' + this._getToken();
}
@@ -74,20 +67,26 @@ export default class AuthService {
});
};
- loggedIn() {
- if (!this.AUTH_ENABLED) {
- return true;
+ async loggedIn() {
+ let token = this._getToken();
+ if ((token === null) || (this._isTokenExpired(token))) {
+ await this.attemptNoAuthLogin();
}
+ return this._loggedIn();
+ }
+ attemptNoAuthLogin() {
+ return this._login(this.NO_AUTH_CREDS, this.NO_AUTH_CREDS);
+ }
+
+ _loggedIn() {
const token = this._getToken();
return ((token !== null) && !this._isTokenExpired(token));
}
- logout() {
- if (this.AUTH_ENABLED) {
- this._removeToken();
- }
- }
+ logout = () => {
+ this._removeToken();
+ };
_isTokenExpired(token) {
try {