diff --git a/AppImage/README.md b/AppImage/README.md index 65c2429..36e005f 100644 --- a/AppImage/README.md +++ b/AppImage/README.md @@ -31,9 +31,6 @@ A modern, responsive dashboard for monitoring Proxmox VE systems built with Next The application runs as a standalone AppImage on your Proxmox server and serves a web interface accessible from any device on your network. -

- ProxMenux Monitor Logo -

## Screenshots @@ -136,22 +133,6 @@ location /proxmenux-monitor/ { } ``` -### Manual Installation (Standalone) - -If you want to run ProxMenux Monitor as a standalone application outside of ProxMenux: - -1. Download the latest `ProxMenux-Monitor.AppImage` from the releases page -2. Make it executable: - ```bash - chmod +x ProxMenux-Monitor.AppImage - ``` -3. Run the AppImage: - ```bash - ./ProxMenux-Monitor.AppImage - ``` -4. Access the dashboard at `http://your-proxmox-ip:8008` - -The application will start automatically and create a systemd service for persistence. ## Authentication & Security @@ -685,6 +666,19 @@ entities: --- +## Contributing + +Contributions are welcome! Please feel free to submit issues, feature requests, or pull requests. + +### Development Setup + +1. Clone the repository +2. Install dependencies: `npm install` +3. Run development server: `npm run dev` +4. Build AppImage: `./build_appimage.sh` + +--- + ## License This project is licensed under the **Creative Commons Attribution-NonCommercial 4.0 International License (CC BY-NC 4.0)**. diff --git a/AppImage/scripts/flask_auth_routes.py b/AppImage/scripts/flask_auth_routes.py index 32f8bae..bf3ab30 100644 --- a/AppImage/scripts/flask_auth_routes.py +++ b/AppImage/scripts/flask_auth_routes.py @@ -231,17 +231,25 @@ def totp_disable(): def generate_api_token(): """Generate a long-lived API token for external integrations (Homepage, Home Assistant, etc.)""" try: - token = request.headers.get('Authorization', '').replace('Bearer ', '') + auth_header = request.headers.get('Authorization', '') + token = auth_header.replace('Bearer ', '') + + if not token: + return jsonify({"success": False, "message": "Unauthorized. Please log in first."}), 401 + username = auth_manager.verify_token(token) if not username: - return jsonify({"success": False, "message": "Unauthorized. Please log in first."}), 401 + return jsonify({"success": False, "message": "Invalid or expired session. Please log in again."}), 401 data = request.json password = data.get('password') totp_token = data.get('totp_token') # Optional 2FA token token_name = data.get('token_name', 'API Token') # Optional token description + if not password: + return jsonify({"success": False, "message": "Password is required"}), 400 + # Authenticate user with password and optional 2FA success, _, requires_totp, message = auth_manager.authenticate(username, password, totp_token) @@ -266,4 +274,5 @@ def generate_api_token(): else: return jsonify({"success": False, "message": message}), 401 except Exception as e: - return jsonify({"success": False, "message": str(e)}), 500 + print(f"[ERROR] generate_api_token: {str(e)}") # Log error for debugging + return jsonify({"success": False, "message": f"Internal error: {str(e)}"}), 500