I set up a client certificate setting for luci on nginx. so login with password after that is redundant. Is there a way to disable login and go straight to main page?
Edit: I wanted to skip login so luci page go straight to config menu, not turn login off to make luci unusable
I wanted to skip login so luci page go straight to config menu, not turn login off to make luci unusable
Not advised.... but for reference.... to do properly you need restricted rpc/ubus acct+tokens and glue for those + hooks to validate nginx https client auth status.
Maybe friedfunks have something?
#/usr/lib/lua/luci/dispatcher.lua
#-> 421 after retrieve session sid
#sid, sdat = session_retrieve(sid, allowed_users)
if not (sid and sdat) then
local user = "root"
local pass = "password"
sid, sdat = session_setup(user, pass, allowed_users)
http.header("Set-Cookie", 'sysauth=%s; path=%s; HttpOnly%s' %{
sid, build_url(), http.getenv("HTTPS") == "on" and "; secure" or ""
})
http.redirect(build_url(unpack(ctx.requestpath)))
end
These lines were recently removed in OpenWRT 23.05.0, are there any workarounds?
Edit: It seems like LuCI was re-written to ucode, when checking /usr/lib/ucode/luci
, it only contains a binary file, no longer an editable script, so I have to compile LuCI on my end just to disable login?
I was able to locate the ucode file in /usr/share/ucode/luci/dispatcher.uc
Edited the following lines:
911 if (!session && resolved.ctx.auth.login) {
912 let user = "HARDCODED USERNAME";
913 let pass = "HARDCODED PASSWORD";
914
915 if (user == null && pass == null) {
916 user = http.formvalue('luci_username');
917 pass = http.formvalue('luci_password');
918 }
919
920 if (user != null && pass != null)
921 sessi
then do
rm -rf /tmp/luci*
service rpcd restart
Edit this file /usr/share/ucode/luci/controller/admin/index.uc
as well to customize logout page
138 action_logout: function() {
139 const url = dispatcher.build_url();
140
141 if (ctx.authsession) {
142 ubus.call('session', 'destroy', { ubus_rpc_session: ctx.authsession });
143
144 if (http.getenv('HTTPS') == 'on')
145 http.header('Set-Cookie', `sysauth_https=; expires=Thu, 01 Jan 1970 01:00:00 GMT; path=${url}`);
146
147 http.header('Set-Cookie', `sysauth_http=; expires=Thu, 01 Jan 1970 01:00:00 GMT; path=${url}`);
148 }
149
150 http.redirect("YOUR LOGOUT URL");
151 },
This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.