yggdrasil-network/yggdrasil-go
1
0
Fork 0
mirror of https://github.com/yggdrasil-network/yggdrasil-go.git synced 2025-08-25 00:15:06 +03:00
Code Issues Projects Releases Packages Wiki Activity Actions
yggdrasil-go/src/webui
History
Andy Oknen 19710fbc19 Implement modal system for adding peers and logout confirmation in WebUI
2025-07-31 14:25:38 +00:00
..
static Implement modal system for adding peers and logout confirmation in WebUI 2025-07-31 14:25:38 +00:00
auth_test.go Add brute force protection to authentication system 2025-07-30 09:19:05 +00:00
config_test.go Add password authentication to WebUI and implement session management 2025-07-30 08:34:29 +00:00
endpoints_test.go Add password authentication to WebUI and implement session management 2025-07-30 08:34:29 +00:00
error_handling_test.go Add password authentication to WebUI and implement session management 2025-07-30 08:34:29 +00:00
example_config.hjson Add brute force protection to authentication system 2025-07-30 09:19:05 +00:00
README.md Add brute force protection to authentication system 2025-07-30 09:19:05 +00:00
server.go Improve error handling and fallback mechanisms in WebUI server 2025-07-31 04:31:33 +00:00
server_dev.go Refactor static file serving in WebUI to allow CSS and JS access without authentication, and implement theme toggle functionality in login and main pages 2025-07-30 13:21:30 +00:00
server_prod.go Refactor static file serving in WebUI to allow CSS and JS access without authentication, and implement theme toggle functionality in login and main pages 2025-07-30 13:21:30 +00:00
server_test.go Add password authentication to WebUI and implement session management 2025-07-30 08:34:29 +00:00
static_files_prod_test.go Add password authentication to WebUI and implement session management 2025-07-30 08:34:29 +00:00
static_files_test.go Add password authentication to WebUI and implement session management 2025-07-30 08:34:29 +00:00

README.md

WebUI Module

This module provides a web interface for managing Yggdrasil node through a browser.

Features

  • HTTP web server with static files
  • Health check endpoint (/health)
  • Development and production build modes
  • Custom session-based authentication
  • Beautiful login page (password-only)
  • Brute force protection with IP blocking
  • Session management with automatic cleanup
  • IPv4 and IPv6 support
  • Path traversal attack protection

Configuration

In the Yggdrasil configuration file:

{
  "WebUI": {
    "Enable": true,
    "Port": 9000,
    "Host": "",
    "Password": "your_secure_password"
  }
}

Configuration parameters:

  • Enable - enable/disable WebUI
  • Port - port for web interface (default 9000)
  • Host - IP address to bind to (empty means all interfaces)
  • Password - password for accessing the web interface (optional, if empty no authentication required)

Usage

Without password authentication

server := webui.Server("127.0.0.1:9000", "", logger)

With password authentication

server := webui.Server("127.0.0.1:9000", "your_password", logger)

Starting the server

go func() {
    if err := server.Start(); err != nil {
        logger.Errorf("WebUI server error: %v", err)
    }
}()

// To stop
server.Stop()

Endpoints

  • / - main page (index.html) - requires authentication if password is set
  • /login.html - custom login page (only password required)
  • /auth/login - POST endpoint for authentication
  • /auth/logout - logout endpoint (clears session)
  • /health - health check (returns "OK") - no authentication required
  • /static/* - static files (CSS, JS, images) - requires authentication if password is set

Build modes

Development mode (-tags debug)

  • Files loaded from disk from src/webui/static/
  • File changes available without rebuild

Production mode (default)

  • Files embedded in binary
  • Faster loading, smaller deployment size

Security

  • Path traversal attack protection
  • Configured HTTP timeouts
  • Header size limits
  • File MIME type validation
  • Custom session-based authentication (password protection)
  • HttpOnly and Secure cookies
  • Session expiration (24 hours)
  • Brute force protection: IP blocking after 3 failed attempts
  • Temporary lockout: 1-minute timeout for blocked IPs
  • Automatic cleanup of expired blocks and sessions
  • Real IP detection (supports X-Forwarded-For, X-Real-IP headers)
  • Health check endpoint always accessible without authentication

Testing

The module includes a comprehensive test suite:

cd src/webui
go test -v

Tests cover:

  • Server creation and management
  • HTTP endpoints
  • Static files (dev and prod modes)
  • Error handling
  • Configuration
  • Yggdrasil IPv6 binding