janpeter/Ops-dashboard
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
Ops-dashboard/app/docker/_components/docker-table.tsx
Scrum4Me Agent aa1fd41bec feat(security): rate-limit /api/flows/start, CSRF double-submit cookie, CSP headers 
- Rate-limit /api/flows/start to 10 req/min per user (in-memory, matches login pattern)
- Add middleware.ts: validates x-csrf-token header against csrf_token cookie on all
  API POST requests; issues the cookie on GET if missing; sets CSP, X-Frame-Options,
  X-Content-Type-Options, and Referrer-Policy on all responses
- Add lib/csrf.ts: client-side apiFetch() wrapper that injects the CSRF header
- Update all client components (login, useFlowRun, docker, caddy, git, systemd)
  to use apiFetch() for POST requests
- Cookie config in login route already correct (NODE_ENV check, httpOnly, sameSite=strict)

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-05-13 20:01:43 +02:00

246 lines
8.5 KiB
TypeScript
Raw Blame History

'use client'
import { useCallback, useEffect, useState } from 'react'
import Link from 'next/link'
import { type Container, parseDockerPs } from '@/lib/parse-docker'
import { useFlowRun } from '@/hooks/useFlowRun'
import ConfirmDialog from '@/components/ConfirmDialog'
import StreamingTerminal from '@/components/StreamingTerminal'
import { apiFetch } from '@/lib/csrf'
async function fetchContainers(): Promise<Container[]> {
const res = await apiFetch('/api/agent/exec', {
method: 'POST',
headers: { 'Content-Type': 'application/json' },
body: JSON.stringify({ command_key: 'docker_ps' }),
})
if (!res.ok) {
const text = await res.text()
throw new Error(`agent ${res.status}: ${text}`)
}
const reader = res.body?.getReader()
if (!reader) throw new Error('no response body')
const decoder = new TextDecoder()
let buffer = ''
let output = ''
while (true) {
const { done, value } = await reader.read()
if (done) break
buffer += decoder.decode(value, { stream: true })
const lines = buffer.split('\n')
buffer = lines.pop() ?? ''
for (const line of lines) {
if (line.startsWith('data:')) {
try {
const parsed = JSON.parse(line.slice(5).trim()) as { data?: string }
if (parsed.data !== undefined) output += parsed.data
} catch {
// ignore malformed
}
}
}
}
return parseDockerPs(output)
}
function statusBadge(status: string) {
const up = status.toLowerCase().startsWith('up')
return (
<span
className={
'inline-flex items-center gap-1.5 rounded-full px-2 py-0.5 text-xs font-medium ' +
(up
? 'bg-green-100 text-green-800 dark:bg-green-900/30 dark:text-green-400'
: 'bg-zinc-100 text-zinc-600 dark:bg-zinc-800 dark:text-zinc-400')
}
>
<span
className={
'size-1.5 rounded-full ' +
(up ? 'bg-green-500 dark:bg-green-400' : 'bg-zinc-400 dark:bg-zinc-500')
}
/>
{status}
</span>
)
}
type ActionDef = {
commandKey: string
args: string[]
preview: string
title: string
}
type Props = {
initialContainers: Container[]
initialError: string | null
}
export default function DockerTable({ initialContainers, initialError }: Props) {
const [containers, setContainers] = useState<Container[]>(initialContainers)
const [error, setError] = useState<string | null>(initialError)
const [refreshing, setRefreshing] = useState(false)
const [lastUpdated, setLastUpdated] = useState<Date>(new Date())
const [pendingAction, setPendingAction] = useState<ActionDef | null>(null)
const flowRun = useFlowRun()
const refresh = useCallback(async () => {
setRefreshing(true)
try {
const data = await fetchContainers()
setContainers(data)
setError(null)
setLastUpdated(new Date())
} catch (err) {
setError(err instanceof Error ? err.message : 'refresh failed')
} finally {
setRefreshing(false)
}
}, [])
useEffect(() => {
const id = setInterval(refresh, 5000)
return () => clearInterval(id)
}, [refresh])
const handleConfirm = useCallback(() => {
if (!pendingAction) return
flowRun.start(pendingAction.commandKey, pendingAction.args)
setPendingAction(null)
}, [pendingAction, flowRun.start])
return (
<div className="space-y-4">
<div className="flex items-center justify-between">
<div className="flex items-center gap-2">
<span className="text-sm text-muted-foreground">
{containers.length} container{containers.length !== 1 ? 's' : ''}
</span>
{refreshing && (
<span className="text-xs text-muted-foreground animate-pulse">refreshing</span>
)}
</div>
<span className="text-xs text-muted-foreground">
updated {lastUpdated.toLocaleTimeString()}
</span>
</div>
{error && (
<div className="rounded-lg border border-destructive/30 bg-destructive/10 px-4 py-3 text-sm text-destructive">
{error}
</div>
)}
<div className="overflow-x-auto rounded-lg border border-border">
<table className="w-full text-sm">
<thead>
<tr className="border-b border-border bg-muted/50">
<th className="px-4 py-3 text-left font-medium text-muted-foreground">Name</th>
<th className="px-4 py-3 text-left font-medium text-muted-foreground">Image</th>
<th className="px-4 py-3 text-left font-medium text-muted-foreground">Status</th>
<th className="px-4 py-3 text-left font-medium text-muted-foreground">Ports</th>
<th className="px-4 py-3 text-left font-medium text-muted-foreground">Uptime</th>
<th className="px-4 py-3 text-left font-medium text-muted-foreground">Actions</th>
</tr>
</thead>
<tbody>
{containers.length === 0 && !error ? (
<tr>
<td colSpan={6} className="px-4 py-8 text-center text-muted-foreground">
No containers running
</td>
</tr>
) : (
containers.map((c) => (
<tr
key={c.id}
className="border-b border-border last:border-0 hover:bg-muted/30 transition-colors"
>
<td className="px-4 py-3 font-mono text-xs">
<Link
href={`/docker/${encodeURIComponent(c.name)}`}
className="font-medium text-foreground hover:underline"
>
{c.name}
</Link>
</td>
<td className="px-4 py-3 font-mono text-xs text-muted-foreground">{c.image}</td>
<td className="px-4 py-3">{statusBadge(c.status)}</td>
<td className="px-4 py-3 font-mono text-xs text-muted-foreground">
{c.ports || '—'}
</td>
<td className="px-4 py-3 text-xs text-muted-foreground">{c.created}</td>
<td className="px-4 py-3">
<div className="flex items-center gap-2">
<button
onClick={() =>
setPendingAction({
commandKey: 'docker_compose_restart',
args: [c.name],
preview: `docker compose restart ${c.name}`,
title: `Restart ${c.name}`,
})
}
disabled={flowRun.status === 'running'}
className="rounded-md border border-border px-2 py-1 text-xs hover:bg-muted/50 disabled:opacity-50 transition-colors"
>
Restart
</button>
<button
onClick={() =>
setPendingAction({
commandKey: 'docker_compose_stop',
args: [c.name],
preview: `docker compose stop ${c.name}`,
title: `Stop ${c.name}`,
})
}
disabled={flowRun.status === 'running'}
className="rounded-md border border-destructive/30 px-2 py-1 text-xs text-destructive hover:bg-destructive/10 disabled:opacity-50 transition-colors"
>
Stop
</button>
</div>
</td>
</tr>
))
)}
</tbody>
</table>
</div>
{flowRun.status !== 'idle' && (
<div className="space-y-2">
<div className="flex items-center justify-between">
<span className="text-sm font-medium text-foreground">Output</span>
{flowRun.status !== 'running' && (
<button
onClick={flowRun.reset}
className="text-xs text-muted-foreground hover:text-foreground transition-colors"
>
Close
</button>
)}
</div>
<StreamingTerminal lines={flowRun.lines} status={flowRun.status} error={flowRun.error} />
</div>
)}
<ConfirmDialog
open={pendingAction !== null}
title={pendingAction?.title ?? ''}
commandPreview={pendingAction?.preview ?? ''}
onConfirm={handleConfirm}
onCancel={() => setPendingAction(null)}
/>
</div>
)
}
Reference in a new issue View git blame Copy permalink