Can I remove login from luci?

orangepizza · April 23, 2019, 1:17am

I set up a client certificate setting for luci on nginx. so login with password after that is redundant. Is there a way to disable login and go straight to main page?
Edit: I wanted to skip login so luci page go straight to config menu, not turn login off to make luci unusable

orangepizza · April 23, 2019, 5:58am

I wanted to skip login so luci page go straight to config menu, not turn login off to make luci unusable

trendy · April 23, 2019, 8:55am

Maybe this could give you an idea.
https://openwrt.org/docs/guide-user/luci/statistics.chart.public

anon50098793 · April 23, 2019, 10:46am

Not advised.... but for reference.... to do properly you need restricted rpc/ubus acct+tokens and glue for those + hooks to validate nginx https client auth status.

Maybe friedfunks have something?

#/usr/lib/lua/luci/dispatcher.lua
#-> 421 after retrieve session sid
#sid, sdat = session_retrieve(sid, allowed_users)

		if not (sid and sdat) then
			local user = "root"
			local pass = "password"

			sid, sdat = session_setup(user, pass, allowed_users)
			
			http.header("Set-Cookie", 'sysauth=%s; path=%s; HttpOnly%s' %{
				sid, build_url(), http.getenv("HTTPS") == "on" and "; secure" or ""
			})
			http.redirect(build_url(unpack(ctx.requestpath)))
		end

vincejv · October 13, 2023, 2:40am

These lines were recently removed in OpenWRT 23.05.0, are there any workarounds?
Edit: It seems like LuCI was re-written to ucode, when checking /usr/lib/ucode/luci, it only contains a binary file, no longer an editable script, so I have to compile LuCI on my end just to disable login?

vincejv · October 13, 2023, 4:52am

I was able to locate the ucode file in /usr/share/ucode/luci/dispatcher.uc

Edited the following lines:

 911       if (!session && resolved.ctx.auth.login) {
 912         let user = "HARDCODED USERNAME";
 913         let pass = "HARDCODED PASSWORD";
 914
 915         if (user == null && pass == null) {
 916           user = http.formvalue('luci_username');
 917           pass = http.formvalue('luci_password');
 918         }
 919
 920         if (user != null && pass != null)
 921           sessi

then do

rm -rf /tmp/luci*
service rpcd restart

Edit this file /usr/share/ucode/luci/controller/admin/index.uc as well to customize logout page

138   action_logout: function() {
139     const url = dispatcher.build_url();
140
141     if (ctx.authsession) {
142       ubus.call('session', 'destroy', { ubus_rpc_session: ctx.authsession });
143
144       if (http.getenv('HTTPS') == 'on')
145         http.header('Set-Cookie', `sysauth_https=; expires=Thu, 01 Jan 1970 01:00:00 GMT; path=${url}`);
146
147       http.header('Set-Cookie', `sysauth_http=; expires=Thu, 01 Jan 1970 01:00:00 GMT; path=${url}`);
148     }
149
150     http.redirect("YOUR LOGOUT URL");
151   },

system · October 23, 2023, 4:53am

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.