Cockpit allows for authentication via a `token` query parameter a la
```
http://localhost:8000/embark?token=xxxx-xxxx-xxxx-xxxx
```
So far, this was the only query parameter cockpit knew about, which is
why the algorithm during bootstrap always assumed that, if we have
query parameters, there has to be a `token` query parameter.
However, since 20831179fc, this turns out to be a problem. The hashing algorithm
for the request headers will throw, when `token` is not defined, which
can be possible with future features that add new query parameters.
This can be easily reproduced by bootstrapping/refreshing Cockpit using
any arbitrary query string parameter that is not `token`.
With this commit we ensure that we only perform query string authentication
when a `token` parameter is available.
Prior to this commit it wasn't possible to authenticate using the
`token` query param as the `host` used for authentication doesn't
match the one of the Embark host.
This commit adds a new component to decode and analyze transactions.
It's similar to the transaction component that's already available,
with the difference that it takes advantage of the ReactJson tree
view for better analysis experience.
This introduces a new dark-theme file for the login screen
and ensures that it keeps the contrast ratio in tact when
switching themes.
Notice that it simply overrides the component styles which are
expected to be light-theme by default. That's because we don't
maintain equivalent SCSS files for the light-theme at the moment.
Fixes#114
Instead, we want to hash a header to sign a request with a client nonce,
http method and URL. This is a first step towards protecting the backend
against eavesdropping.
Please note that this will still be susceptible to replay attacks.
Removed tabler-react from the page structure.
Changed sub nav to reactstrap.
Added the overview child item on LHS nav and the sub nav on the page.
Adjusted width of the sub nav and page contents.
Explorer “dashboard” or overview page has been added to give an overview of what can be seen on the individual explorer pages.
Needs work for exact routes not highlighting the overview page.
After the code was rebased, there were some additional changes for getting websockets logs that needed to be catered for.
When there is a call to get all logs for a process, the state entity is updated with a new array item containing all the logs (this is then reduced and selected for rendering). In the case of a websocket log that simply returns only one log item, the latest full log for the process is found in the state entities, and it’s logs are appending to with the data from the websocket.
Additionally, log limits were updated to be passed in as a parameter to the API calls from the frontend. Parameter validation (for `limit`) was also added in this commit.
*Console.js*
- Moved `DEFAULT_PROCESS` const to outside of the `Console` class (but inside the module).
- Removed `(` and `)` from `.filter` in `getProcessLogs()`.
- Updated comments
*logger.js*
- Moved `dateFormat` and `logRegex` to constants outside of `Logger` class
- Moved the `parseLogFile` method inside of the `Logger` class (ES6 style)
- Added a log limit to the `parseLogFile` method
- Added the log path to the constants file and used inside of `Logger`
*cmd_controller.js*
- Defaulted `this.context` to `[constants.context.any]` in the constructor.
- Changed `’embark’` to split modules`coreProcess` and `loggerApi`.
*engine.js*
- Changed `’embark’` to split modules`coreProcess` and `loggerApi`.
On every load of the component, the API request would fetch the entire log history, and effective append it to the list of process logs, so that if a component was loaded multiple times (ie click to different tab, then back to home), the log would be duplicated.
This was solved by timestamping and labelling each fetch response, then getting the latest response in the selector, and filtering by process name in the component.
- Created an “embark” module so that an “embark” process could be registered in the correct way. This service is only used on `embark run` (can be extended to other commands if needed).
- extracted “embark” to a const `DEFAULT_PROCESS` param in the `Console` component.
- extracted commands result rendering to it’s own function to keep the `renderTabs` function from getting cluttered
- Added sorting of logs by timestamp
- Added milliseconds to the log file data (which helps in sorting log messages).
A logfile is now generated by default, in the format `.embark/embark-log__YYYY-MM-DD_HH-mm-ss.log`.
When the home tab is loaded, the process logs are fetched for all the processes. The list of processes returned now includes `embark`, and when `/embark-api/process-logs/embark` is fetched, the logFile is parsed and an array of log messages are returned.
This also removes the previously introduced `LoginLayout` component as
chances are very low that we'll need the layout for anything else then the
login.