Add auth-managed proxy UI improvements
This commit is contained in:
39
README.md
39
README.md
@ -3,6 +3,7 @@
|
||||
`infinite-noodle` is a small Go service that combines:
|
||||
|
||||
- a web UI for viewing configured TCP proxies
|
||||
- a login-protected UI with user and admin account management
|
||||
- a Bitcask-backed data store for persisted proxy definitions
|
||||
- a TCP proxy runner built with Go's standard `net` package
|
||||
|
||||
@ -13,12 +14,13 @@ This README is written for working in a GitHub Codespace.
|
||||
Each "noodle" is a TCP forwarding rule with:
|
||||
|
||||
- a name
|
||||
- an allowed source (`All` or a specific source IP)
|
||||
- an allowed source list (`All`, one or more IPs, or CIDR ranges)
|
||||
- a listen port
|
||||
- a destination host
|
||||
- a destination port
|
||||
- an expiration duration
|
||||
- an up/down state
|
||||
- the user who created it
|
||||
|
||||
When the app starts, it loads saved noodles from the local database and starts any active proxy routes. It also serves a web UI for creating, pausing, resuming, and deleting them.
|
||||
|
||||
@ -27,14 +29,19 @@ When the app starts, it loads saved noodles from the local database and starts a
|
||||
The project is functional enough to:
|
||||
|
||||
- start the web app
|
||||
- create a default admin user on a new database
|
||||
- require login before the proxy management UI is available
|
||||
- support two user levels: `regular` and `admin`
|
||||
- let any signed-in user change their own password
|
||||
- let admin users create users, change roles, change any user's password, and delete user accounts
|
||||
- load stored proxy definitions from `./infinite.db`
|
||||
- create new noodles from the UI
|
||||
- run active TCP and UDP proxies
|
||||
- restrict a proxy to a specific source IP
|
||||
- restrict a proxy to comma-separated source IPs and CIDR ranges
|
||||
- update expiration values in the database every second while a proxy is active
|
||||
- close and delete expired noodles automatically
|
||||
- pause a noodle from the UI without decrementing its expiration
|
||||
- delete existing noodles from the UI
|
||||
- delete existing noodles from the UI with confirmation
|
||||
|
||||
Current limitations:
|
||||
|
||||
@ -59,6 +66,14 @@ Default runtime settings:
|
||||
|
||||
Open the app in the browser from the forwarded port for `7878`.
|
||||
|
||||
On a brand-new database, the app creates a default UI user:
|
||||
|
||||
- username: `admin`
|
||||
- password: `admin`
|
||||
- role: `admin`
|
||||
|
||||
Any signed-in user can access `/users` to manage their own password. Admin users also get full user management on that page.
|
||||
|
||||
You can also override the defaults:
|
||||
|
||||
```bash
|
||||
@ -74,10 +89,10 @@ Available flags:
|
||||
|
||||
## UI Behavior
|
||||
|
||||
The main table includes an add row for creating a proxy with:
|
||||
The web UI is protected by a login page. After signing in, the main table includes an add row for creating a proxy with:
|
||||
|
||||
- `Name`
|
||||
- `Allow From`: accepts `All` or a specific IP address, with the current client IP suggested
|
||||
- `Allow From`: accepts `All`, comma-separated IP addresses, or CIDR ranges such as `10.0.0.5, 192.168.1.0/24`
|
||||
- `Proto`: choose `TCP` or `UDP`
|
||||
- `Listen Port`
|
||||
- `Destination Port`
|
||||
@ -89,6 +104,17 @@ The `Status` column is a checkbox:
|
||||
- checked: the proxy is active and the expiration counts down
|
||||
- unchecked: the proxy is closed and the expiration is paused
|
||||
|
||||
The table also shows:
|
||||
|
||||
- `Created By`: the authenticated user who created the proxy
|
||||
|
||||
Delete actions in the UI prompt for confirmation before the request is submitted.
|
||||
|
||||
The `/users` page behavior depends on role:
|
||||
|
||||
- `regular`: can change their own password
|
||||
- `admin`: can create users, change roles, change any password, and delete users
|
||||
|
||||
The expiration value is shown as a live countdown in the browser. When it reaches zero, the row is removed from the UI and the noodle is deleted from the database.
|
||||
|
||||
## Codespaces Port Notes
|
||||
@ -143,8 +169,11 @@ GOOS=linux GOARCH=amd64 go build -buildvcs=false -o target/infinite-noodle.net-p
|
||||
- [`cmd/infinite-noodle/main.go`](/data/project/go/src/infinite-noodle/cmd/infinite-noodle/main.go): binary entrypoint and CLI flags
|
||||
- [`internal/app/app.go`](/data/project/go/src/infinite-noodle/internal/app/app.go): app startup, HTTP server, and proxy lifecycle
|
||||
- [`internal/noodle/database.go`](/data/project/go/src/infinite-noodle/internal/noodle/database.go): Bitcask storage layer
|
||||
- [`internal/web/auth.go`](/data/project/go/src/infinite-noodle/internal/web/auth.go): login, sessions, and role-based access control
|
||||
- [`internal/web/handlers.go`](/data/project/go/src/infinite-noodle/internal/web/handlers.go): HTML handlers
|
||||
- [`internal/assets/templates/index.html`](/data/project/go/src/infinite-noodle/internal/assets/templates/index.html): UI template
|
||||
- [`internal/assets/templates/login.html`](/data/project/go/src/infinite-noodle/internal/assets/templates/login.html): login page
|
||||
- [`internal/assets/templates/users.html`](/data/project/go/src/infinite-noodle/internal/assets/templates/users.html): user configuration page
|
||||
|
||||
## Verification Note
|
||||
|
||||
|
||||
Reference in New Issue
Block a user