mirrors/Remotely
3
0
Fork 0
mirror of https://github.com/immense/Remotely.git synced 2025-10-26 11:27:15 +00:00
Code Issues Packages Projects Releases Wiki Activity
367d6b6445
Remotely/Server/API/RemoteControlController.cs
Jared eea84a79b4 Code cleanup.
2021-07-29 07:56:44 -07:00

130 lines
5.5 KiB
C#
Raw Blame History

using Microsoft.AspNetCore.Identity;
using Microsoft.AspNetCore.Mvc;
using Microsoft.AspNetCore.SignalR;
using Remotely.Server.Attributes;
using Remotely.Server.Hubs;
using Remotely.Server.Models;
using Remotely.Server.Services;
using Remotely.Shared.Helpers;
using Remotely.Shared.Models;
using System;
using System.Linq;
using System.Threading.Tasks;
// For more information on enabling Web API for empty projects, visit https://go.microsoft.com/fwlink/?LinkID=397860
namespace Remotely.Server.API
{
[Route("api/[controller]")]
[ApiController]
public class RemoteControlController : ControllerBase
{
public RemoteControlController(DataService dataService,
IHubContext<AgentHub> agentHub,
ApplicationConfig appConfig,
SignInManager<RemotelyUser> signInManager)
{
DataService = dataService;
AgentHubContext = agentHub;
AppConfig = appConfig;
SignInManager = signInManager;
}
public DataService DataService { get; }
public IHubContext<AgentHub> AgentHubContext { get; }
public ApplicationConfig AppConfig { get; }
public SignInManager<RemotelyUser> SignInManager { get; }
[HttpGet("{deviceID}")]
[ServiceFilter(typeof(ApiAuthorizationFilter))]
public async Task<IActionResult> Get(string deviceID)
{
Request.Headers.TryGetValue("OrganizationID", out var orgID);
return await InitiateRemoteControl(deviceID, orgID);
}
[HttpPost]
public async Task<IActionResult> Post([FromBody] RemoteControlRequest rcRequest)
{
if (!AppConfig.AllowApiLogin)
{
return NotFound();
}
var orgId = DataService.GetUserByName(rcRequest.Email)?.OrganizationID;
var result = await SignInManager.PasswordSignInAsync(rcRequest.Email, rcRequest.Password, false, true);
if (result.Succeeded &&
DataService.DoesUserHaveAccessToDevice(rcRequest.DeviceID, DataService.GetUserByName(rcRequest.Email)))
{
DataService.WriteEvent($"API login successful for {rcRequest.Email}.", orgId);
return await InitiateRemoteControl(rcRequest.DeviceID, orgId);
}
else if (result.IsLockedOut)
{
DataService.WriteEvent($"API login unsuccessful due to lockout for {rcRequest.Email}.", orgId);
return Unauthorized("Account is locked.");
}
else if (result.RequiresTwoFactor)
{
DataService.WriteEvent($"API login unsuccessful due to 2FA for {rcRequest.Email}.", orgId);
return Unauthorized("Account requires two-factor authentication.");
}
DataService.WriteEvent($"API login unsuccessful due to bad attempt for {rcRequest.Email}.", orgId);
return BadRequest();
}
private async Task<IActionResult> InitiateRemoteControl(string deviceID, string orgID)
{
var targetDevice = Hubs.AgentHub.ServiceConnections.FirstOrDefault(x =>
x.Value.OrganizationID == orgID &&
x.Value.ID.ToLower() == deviceID.ToLower());
if (targetDevice.Value != null)
{
if (User.Identity.IsAuthenticated &&
!DataService.DoesUserHaveAccessToDevice(targetDevice.Value.ID, DataService.GetUserByName(User.Identity.Name)))
{
return Unauthorized();
}
var currentUsers = CasterHub.SessionInfoList.Count(x => x.Value.OrganizationID == orgID);
if (currentUsers >= AppConfig.RemoteControlSessionLimit)
{
return BadRequest("There are already the maximum amount of active remote control sessions for your organization.");
}
var existingSessions = CasterHub.SessionInfoList
.Where(x => x.Value.DeviceID == targetDevice.Value.ID)
.Select(x => x.Key)
.ToList();
await AgentHubContext.Clients.Client(targetDevice.Key).SendAsync("RemoteControl", Request.HttpContext.Connection.Id, targetDevice.Key);
bool remoteControlStarted()
{
return !CasterHub.SessionInfoList.Values
.Where(x => x.DeviceID == targetDevice.Value.ID)
.All(x => existingSessions.Contains(x.CasterSocketID));
};
if (!await TaskHelper.DelayUntilAsync(remoteControlStarted, TimeSpan.FromSeconds(30)))
{
return StatusCode(408, "The remote control process failed to start in time on the remote device.");
}
else
{
var rcSession = CasterHub.SessionInfoList.Values.LastOrDefault(x => x.DeviceID == targetDevice.Value.ID && !existingSessions.Contains(x.CasterSocketID));
var otp = RemoteControlFilterAttribute.GetOtp(targetDevice.Value.ID);
return Ok($"{HttpContext.Request.Scheme}://{Request.Host}/RemoteControl?clientID={rcSession.CasterSocketID}&serviceID={targetDevice.Key}&fromApi=true&otp={Uri.EscapeDataString(otp)}");
}
}
else
{
return BadRequest("The target device couldn't be found.");
}
}
}
}
Reference in New Issue View Git Blame Copy Permalink