Add limit in how many configurations each user may have. (#47)

* Add limit in how many configurations each user may have. If the option max-number-client-config is more than 0 this number is the maximum number of clients a user can create. The setting only limits creation. If a user had created more configurations before this setting is enforced or lowered the user may user the service as before, just cant create any more configurations. * Fix spelling and fmt as suggested by @luna-duclos * Alert user when limit is reached. When the user tries to create more configurations than are allow an alert will pop up. * Change http status as discussed with @freddd http 400 seems a better fit than 429 as a more generic error.
EmbarkStudios · Mar 20, 2020 · fb5cf90 · fb5cf90
1 parent 005b241
commit fb5cf90
Show file tree

Hide file tree

Showing 2 changed files with 41 additions and 8 deletions.
diff --git a/server.go b/server.go
@@ -33,11 +33,12 @@ import (
 var (
 	dataDir = kingpin.Flag("data-dir", "Directory used for storage").Default("/var/lib/wireguard-ui").String()
 
-	listenAddr     = kingpin.Flag("listen-address", "Address to listen to").Default(":8080").String()
-	natEnabled     = kingpin.Flag("nat", "Whether NAT is enabled or not").Default("true").Bool()
-	natLink        = kingpin.Flag("nat-device", "Network interface to masquerade").Default("wlp2s0").String()
-	clientIPRange  = kingpin.Flag("client-ip-range", "Client IP CIDR").Default("172.31.255.0/24").String()
-	authUserHeader = kingpin.Flag("auth-user-header", "Header containing username").Default("X-Forwarded-User").String()
+	listenAddr            = kingpin.Flag("listen-address", "Address to listen to").Default(":8080").String()
+	natEnabled            = kingpin.Flag("nat", "Whether NAT is enabled or not").Default("true").Bool()
+	natLink               = kingpin.Flag("nat-device", "Network interface to masquerade").Default("wlp2s0").String()
+	clientIPRange         = kingpin.Flag("client-ip-range", "Client IP CIDR").Default("172.31.255.0/24").String()
+	authUserHeader        = kingpin.Flag("auth-user-header", "Header containing username").Default("X-Forwarded-User").String()
+	maxNumberClientConfig = kingpin.Flag("max-number-client-config", "Max number of configs an client can use. 0 is unlimited").Default("0").Int()
 
 	wgLinkName   = kingpin.Flag("wg-device-name", "WireGuard network device name").Default("wg0").String()
 	wgListenPort = kingpin.Flag("wg-listen-port", "WireGuard UDP port to listen to").Default("51820").Int()
@@ -592,6 +593,28 @@ func (s *Server) CreateClient(w http.ResponseWriter, r *http.Request, ps httprou
 	c := s.Config.GetUserConfig(user)
 	log.Debugf("user config: %#v", c)
 
+	if *maxNumberClientConfig > 0 {
+		if len(c.Clients) >= *maxNumberClientConfig {
+			log.Error(fmt.Errorf("user %q have too many configs", c.Name))
+
+			e := struct {
+				Error string
+			}{
+				Error: "Max number of configs: " + strconv.Itoa(*maxNumberClientConfig),
+			}
+
+			j, err := json.Marshal(e)
+			if err != nil {
+				log.Error(err)
+				return
+			}
+
+			w.WriteHeader(http.StatusBadRequest)
+			fmt.Fprintf(w, string(j))
+			return
+		}
+	}
+
 	i := 0
 	for k := range c.Clients {
 		n, err := strconv.Atoi(k)

diff --git a/ui/src/Clients.svelte b/ui/src/Clients.svelte
@@ -17,12 +17,22 @@
   async function handleNewClick(event) {
     const res = await fetch(clientsUrl, {
       method: "POST",
-    });
-    let newClient = await res.json();
-    console.log("New client added", newClient);
+    })
+      .then(response => {
+        return response.json()
+    })
+    .then(data => {
+      if (typeof data.Error != "undefined") {
+          console.log(data.Error);
+          alert(data.Error);
+    } else {
+        console.log("New client added", data);
+    }
+  });
     await getClients();
   }
 
+
 	onMount(getClients);
 </script>