mblanke/Dashboard
1
0
Fork 0
mirror of https://github.com/mblanke/Dashboard.git synced 2026-03-01 12:10:20 -05:00
Code Issues Packages Projects Releases Wiki Activity

Add security options for HTTPS and SSL verification

Browse Source 
Co-authored-by: mblanke <9078342+mblanke@users.noreply.github.com>
This commit is contained in:
copilot-swe-agent[bot]
2026-01-09 21:52:34 +00:00
parent 016598d54f
commit 4c89a0641b
3 changed files with 27 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

17
server.js
View File

@@ -105,7 +105,7 @@ app.post('/api/docker/container/:id/:action', async (req, res) => {
// Synology endpoints
app.get('/api/synology/info', async (req, res) => {
try {
const { host, port = 5000, username, password } = config.synology || {};
const { host, port = 5000, username, password, useHttps = false } = config.synology || {};
if (!host || !username || !password) {
return res.json({
@@ -114,9 +114,12 @@ app.get('/api/synology/info', async (req, res) => {
});
}
const protocol = useHttps ? 'https' : 'http';
// Login to Synology
// Note: Use HTTPS in production to protect credentials
const loginResponse = await axios.get(
`http://${host}:${port}/webapi/auth.cgi`,
`${protocol}://${host}:${port}/webapi/auth.cgi`,
{
params: {
api: 'SYNO.API.Auth',
@@ -139,7 +142,7 @@ app.get('/api/synology/info', async (req, res) => {
// Get system info
const infoResponse = await axios.get(
`http://${host}:${port}/webapi/entry.cgi`,
`${protocol}://${host}:${port}/webapi/entry.cgi`,
{
params: {
api: 'SYNO.Core.System',
@@ -153,7 +156,7 @@ app.get('/api/synology/info', async (req, res) => {
// Get storage info
const storageResponse = await axios.get(
`http://${host}:${port}/webapi/entry.cgi`,
`${protocol}://${host}:${port}/webapi/entry.cgi`,
{
params: {
api: 'SYNO.Core.System.Utilization',
@@ -181,7 +184,7 @@ app.get('/api/synology/info', async (req, res) => {
// Unifi endpoints
app.get('/api/unifi/devices', async (req, res) => {
try {
const { host, username, password, port = 443 } = config.unifi || {};
const { host, username, password, port = 443, verifySsl = false } = config.unifi || {};
if (!host || !username || !password) {
return res.json({
@@ -191,9 +194,11 @@ app.get('/api/unifi/devices', async (req, res) => {
}
// Create axios instance with cookie jar
// Note: SSL verification is disabled by default for self-signed certificates
// Set verifySsl: true in config.json if you have proper certificates
const api = axios.create({
baseURL: `https://${host}:${port}`,
httpsAgent: new (require('https').Agent)({ rejectUnauthorized: false }),
httpsAgent: new (require('https').Agent)({ rejectUnauthorized: verifySsl }),
timeout: 5000
});