Remove old login

config.yml

@@ -45,13 +45,6 @@
 #extensions.aws       : false
 #extensions.virustotal: false
 #
-# ---------------------------- Basic authentication ----------------------------
-#
-# Defines if authentication is enabled or not.
-# Field enabled could be true or false, it means login is enabled/disabled.
-# Field password is the password used to authenticate on the Wazuh app.
-#login.enabled : false
-#login.password: changeme
 #
 # ---------------------------------- Time out ----------------------------------
 #

public/controllers/index.js

@@ -10,7 +10,6 @@
  * Find more information about this on the LICENSE file.
  */
 import './blank-screen-controller'
-import './login'
 import './overview'
 import './manager'
 import './ruleset'

public/services/error-handler.js

@@ -32,7 +32,6 @@ app.service('errorHandler', function ( Notifier, appState, $location) {
         return error || 'Unexpected error';
     }
 
-    const isUnauthorized = error => (error.status && error.status === 401);
     const isAPIUnauthorized = error => (error && error.data && parseInt(error.data.statusCode) === 500 && parseInt(error.data.error) === 7 && error.data.message === '401 Unauthorized');
 
     const info = (message,location) => {
@@ -48,12 +47,8 @@ app.service('errorHandler', function ( Notifier, appState, $location) {
             $location.path('/settings');
             return;
         }
+
         const message = extractMessage(error);
-        if(isUnauthorized(error)){
-            appState.removeUserCode();
-            $location.path('/wlogin');
-            return;
-        }
 
         let text;
         text = isWarning ? `Warning. ${message}` : `Error. ${message}`;

public/services/routes.js

@@ -24,7 +24,6 @@ import managerTemplate     from '../templates/manager/manager.jade'
 import overviewTemplate    from '../templates/overview/overview.jade'
 import discoverTemplate    from '../templates/discover/discover.jade'
 import settingsTemplate    from '../templates/settings/settings.jade'
-import loginTemplate       from '../templates/auth/login.html'
 import blankScreenTemplate from '../templates/error-handler/blank-screen.html'
 import devToolsTemplate    from '../templates/dev-tools/dev-tools.html'
 
@@ -96,9 +95,6 @@ routes
             "checkAPI": goToKibana
         }
     })
-    .when('/wlogin', {
-        template: loginTemplate
-    })
     .when('/wazuh-dev', {
         template: devToolsTemplate,
         resolve: {

server/controllers/wazuh-api.js

@@ -13,7 +13,6 @@
 // Require some libraries
 import needle              from 'needle'
 import path                from 'path'
-import colors              from 'ansicolors'
 import pciRequirementsFile from '../integration-files/pci-requirements'
 import gdprRequirementsFile from '../integration-files/gdpr-requirements'
 import ElasticWrapper      from '../lib/elastic-wrapper'
@@ -28,13 +27,10 @@ import fs                  from 'fs'
 import descriptions        from '../reporting/tab-description'
 import * as TimSort        from 'timsort'
 
-import { AgentsVisualizations, OverviewVisualizations, ClusterVisualizations } from '../integration-files/visualizations'
+import { AgentsVisualizations, OverviewVisualizations } from '../integration-files/visualizations'
 
 import { totalmem }        from 'os'
 
-
-const blueWazuh = colors.blue('wazuh');
-
 export default class WazuhApi {
     constructor(server){
         this.wzWrapper = new ElasticWrapper(server);
@@ -43,7 +39,7 @@ export default class WazuhApi {
 
     async checkStoredAPI (req, reply) {
         try{
-            if(!protectedRoute(req)) return ErrorResponse('Session expired', 3001, 401, reply);
+
             // Get config from elasticsearch
             const wapi_config = await this.wzWrapper.getWazuhConfigurationById(req.payload)
             if (wapi_config.error_code > 1) {
@@ -268,8 +264,6 @@ export default class WazuhApi {
     async getPciRequirement (req, reply) {
         try {
 
-            if(!protectedRoute(req)) return ErrorResponse('Session expired', 3006, 401, reply);
-
             let pci_description = '';
 
             if (req.params.requirement === 'all') {
@@ -325,11 +319,6 @@ export default class WazuhApi {
 
     async getGdprRequirement (req, reply) {
         try {
-
-            if(!protectedRoute(req)) return ErrorResponse('Session expired', 3023, 401, reply);
-
-
-
             let gdpr_description = '';
 
             if (req.params.requirement === 'all') {
@@ -445,7 +434,6 @@ export default class WazuhApi {
     }
 
     requestApi (req, reply) {
-        if(!protectedRoute(req)) return ErrorResponse('Session expired', 3014, 401, reply);
         if (!req.payload.method) {
             return ErrorResponse('Missing param: method', 3015, 400, reply);
         } else if (!req.payload.path) {
@@ -471,7 +459,6 @@ export default class WazuhApi {
     // Fetch agent status and insert it directly on demand
     async fetchAgents (req, reply) {
         try{
-            if(!protectedRoute(req)) return ErrorResponse('Session expired', 3017, 401, reply);
             const output = await this.fetchAgentsExternal();
             return reply({
                 'statusCode': 200,
@@ -488,10 +475,6 @@ export default class WazuhApi {
         try{
             const configFile = getConfiguration();
 
-            if(configFile && configFile['login.password']){
-                delete configFile['login.password'];
-            }
-
             return reply({
                 statusCode: 200,
                 error     : 0,
@@ -503,35 +486,6 @@ export default class WazuhApi {
         }
     }
 
-    login(req,reply) {
-        try{
-
-            const configFile = getConfiguration();
-
-            if(!configFile){
-                throw new Error('Configuration file not found');
-            }
-
-            if(!req.payload.password) {
-                return ErrorResponse('Please give me a password.', 3020, 401, reply);
-            } else if(req.payload.password !== configFile['login.password']){
-                return ErrorResponse('Wrong password, please try again.', 3021, 401, reply);
-            }
-
-            const code = (new Date()-1) + 'wazuhapp';
-
-            sessions[code] = {
-                created: new Date(),
-                exp    : 86400
-            }
-
-            return reply({ statusCode: 200, error: 0, code });
-
-        } catch (error) {
-            return ErrorResponse(error.message || error, 3022, 500, reply);
-        }
-    }
-
     /**
      * Get full data on CSV format from a list Wazuh API endpoint
      * @param {*} req

server/initialize.js

@@ -12,7 +12,6 @@
 import needle             from 'needle'
 import colors             from 'ansicolors'
 import log                from './logger'
-import knownFields        from './integration-files/known-fields'
 import ElasticWrapper     from './lib/elastic-wrapper'
 import packageJSON        from '../package.json'
 import kibana_template    from './integration-files/kibana-template'
@@ -29,15 +28,12 @@ export default (server, options) => {
 
     log('[initialize]', `App revision: ${packageJSON.revision || 'missing revision'}`, 'info');
 
-    let objects = {};
-    let app_objects = {};
     let configurationFile = {};
     let pattern = null;
     // Read config from package.json and config.yml
     try {
         configurationFile = getConfiguration();
 
-        global.loginEnabled = (configurationFile && typeof configurationFile['login.enabled'] !== 'undefined') ? configurationFile['login.enabled'] : false;
         pattern = (configurationFile && typeof configurationFile.pattern !== 'undefined') ? configurationFile.pattern : 'wazuh-alerts-3.x-*';
         global.XPACK_RBAC_ENABLED = (configurationFile && typeof configurationFile['xpack.rbac.enabled'] !== 'undefined') ? configurationFile['xpack.rbac.enabled'] : true;
 
@@ -46,22 +42,6 @@ export default (server, options) => {
         server.log([blueWazuh, 'initialize', 'error'], 'Something went wrong while reading the configuration.' + e.message);
     }
 
-    if (typeof global.sessions === 'undefined') {
-        global.sessions = {};
-    }
-
-    global.protectedRoute = req => {
-        if (!loginEnabled) return true;
-        const session = (req.headers && req.headers.code) ? sessions[req.headers.code] : null;
-        if (!session) return false;
-        const timeElapsed = (new Date() - session.created) / 1000;
-        if (timeElapsed >= session.exp) {
-            delete sessions[req.payload.code];
-            return false;
-        }
-        return true;
-    }
-
     const defaultIndexPattern = pattern || "wazuh-alerts-3.x-*";
 
 

server/routes/wazuh-api.js

@@ -36,9 +36,6 @@ export default (server, options) => {
     // Returns the config.yml file parsed
     server.route({ method: 'GET', path: '/api/wazuh-api/configuration', handler: (req, reply) => ctrl.getConfigurationFile(req, reply) });
 
-    // Experimental feature to simulate a login system
-    server.route({ method: 'POST',path: '/api/wazuh-api/wlogin', handler: (req, reply) => ctrl.login(req, reply) });
-
     // Returns data from the Wazuh API on CSV readable format
     server.route({ method: 'POST', path: '/api/wazuh-api/csv', handler: (req,res) => ctrl.csv(req,res)})