From ddd7696c15fa26b99650dd09a2738885063f7f61 Mon Sep 17 00:00:00 2001 From: Sam Wilkins Date: Tue, 11 Feb 2020 16:52:28 -0500 Subject: added secure backdoor delete route --- src/server/ApiManagers/SessionManager.ts | 9 +++++++++ src/server/DashSession/DashSessionAgent.ts | 1 + 2 files changed, 10 insertions(+) (limited to 'src/server') diff --git a/src/server/ApiManagers/SessionManager.ts b/src/server/ApiManagers/SessionManager.ts index f1629b8f0..cd8d19778 100644 --- a/src/server/ApiManagers/SessionManager.ts +++ b/src/server/ApiManagers/SessionManager.ts @@ -53,6 +53,15 @@ export default class SessionManager extends ApiManager { }) }); + register({ + method: Method.GET, + subscription: this.secureSubscriber("delete"), + secureHandler: this.authorizedAction(({ res }) => { + sessionAgent.serverWorker.emit("delete"); + res.redirect("/home"); + }) + }); + } } \ No newline at end of file diff --git a/src/server/DashSession/DashSessionAgent.ts b/src/server/DashSession/DashSessionAgent.ts index 85bfe14de..1ed98cdbe 100644 --- a/src/server/DashSession/DashSessionAgent.ts +++ b/src/server/DashSession/DashSessionAgent.ts @@ -37,6 +37,7 @@ export class DashSessionAgent extends AppliedSessionAgent { monitor.addReplCommand("debug", [/\S+\@\S+/], async ([to]) => this.dispatchZippedDebugBackup(to)); monitor.on("backup", this.backup); monitor.on("debug", async ({ to }) => this.dispatchZippedDebugBackup(to)); + monitor.on("delete", WebSocket.deleteFields); monitor.coreHooks.onCrashDetected(this.dispatchCrashReport); return sessionKey; } -- cgit v1.2.3-70-g09d2 From 84fd5c047fa33bf529c19a1bda03eaeab47b6489 Mon Sep 17 00:00:00 2001 From: Sam Wilkins Date: Tue, 11 Feb 2020 16:55:23 -0500 Subject: backdoor async --- src/server/ApiManagers/SessionManager.ts | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'src/server') diff --git a/src/server/ApiManagers/SessionManager.ts b/src/server/ApiManagers/SessionManager.ts index cd8d19778..bcaa6598f 100644 --- a/src/server/ApiManagers/SessionManager.ts +++ b/src/server/ApiManagers/SessionManager.ts @@ -56,9 +56,9 @@ export default class SessionManager extends ApiManager { register({ method: Method.GET, subscription: this.secureSubscriber("delete"), - secureHandler: this.authorizedAction(({ res }) => { - sessionAgent.serverWorker.emit("delete"); - res.redirect("/home"); + secureHandler: this.authorizedAction(async ({ res }) => { + const { error } = await sessionAgent.serverWorker.emit("delete"); + res.send(error ? error.message : "Your request was successful: the server successfully deleted the database. Return to /home."); }) }); -- cgit v1.2.3-70-g09d2