# RDP Web Gateway

HTML5 WebSocket-based gateway for accessing RDP connections through a web browser. This service sits in front of RdpBroker and provides a modern web interface for remote desktop access.

## Features

- 🌐 **Browser-Based Access** - Connect to RDP sessions from any modern web browser
- 🔒 **Secure WebSocket** - Real-time bidirectional communication
- 🎨 **Modern UI** - Clean, responsive interface
- 🔑 **Session Management** - Automatic session cleanup and timeout
- 📊 **Activity Monitoring** - Track active connections
- ⚡ **Low Latency** - Optimized for performance

## Architecture

```
User Browser (HTML5/WebSocket)
          ↓
    RDP Web Gateway (Node.js)
          ↓
      RdpBroker (RDP)
          ↓
    Target RDP Servers
```

## Prerequisites

- Node.js 18+
- RdpBroker service running
- Modern web browser with WebSocket support

## Installation

### Local Development

```bash
cd web-gateway

# Install dependencies
npm install

# Copy environment file
cp .env.example .env

# Edit configuration
nano .env

# Start development server
npm run dev
```

### Docker Build

```bash
docker build -t rdp-web-gateway:latest .
```

## Configuration

Edit `.env` file:

```env
PORT=8080
RDP_BROKER_HOST=rdpbroker
RDP_BROKER_PORT=3389
LOG_LEVEL=info
SESSION_TIMEOUT=3600000
```

## Usage

### Access the Web Interface

1. Open your browser to `http://localhost:8080`
2. Enter your credentials (validated against Samba AD via RdpBroker)
3. Select a target from the list
4. Connect and use the remote desktop

### API Endpoints

#### POST /api/auth/login
Authenticate user and create session.

```json
{
  "username": "user@domain.com",
  "password": "password"
}
```

Response:
```json
{
  "success": true,
  "sessionId": "uuid"
}
```

#### GET /api/targets
Get available RDP targets (requires X-Session-ID header).

Response:
```json
{
  "targets": [
    {
      "name": "Server 01",
      "host": "192.168.1.10",
      "port": 3389,
      "description": "Production Server"
    }
  ]
}
```

#### POST /api/auth/logout
Logout and destroy session (requires X-Session-ID header).

### WebSocket Protocol

Connect to `ws://localhost:8080/ws/rdp`

#### Client → Server Messages

**Connect to target:**
```json
{
  "type": "connect",
  "sessionId": "uuid",
  "target": {
    "name": "Server 01",
    "host": "192.168.1.10",
    "port": 3389
  }
}
```

**Mouse event:**
```json
{
  "type": "mouse",
  "action": "move|down|up|wheel",
  "x": 100,
  "y": 200,
  "button": 0,
  "deltaY": 0
}
```

**Keyboard event:**
```json
{
  "type": "keyboard",
  "action": "down|up",
  "key": "a",
  "code": "KeyA",
  "ctrlKey": false,
  "altKey": false,
  "shiftKey": false
}
```

**Special command:**
```json
{
  "type": "special",
  "action": "ctrl-alt-del"
}
```

#### Server → Client Messages

**Connected:**
```json
{
  "type": "connected",
  "target": "Server 01"
}
```

**Resize canvas:**
```json
{
  "type": "resize",
  "width": 1920,
  "height": 1080
}
```

**Error:**
```json
{
  "type": "error",
  "error": "Error message"
}
```

## Deployment

See the Helm chart in `chart/rdp-web-gateway/` for Kubernetes deployment.

```bash
helm install rdp-web-gateway ./chart/rdp-web-gateway -n rdpbroker
```

## Browser Support

- Chrome/Edge 90+
- Firefox 88+
- Safari 14+
- Opera 76+

## Security Considerations

- Use HTTPS/WSS in production
- Implement rate limiting
- Set strong session secrets
- Enable CORS restrictions
- Regular security audits

## Performance Tuning

- Adjust session timeout based on usage
- Configure WebSocket buffer sizes
- Enable compression for HTTP responses
- Use CDN for static assets in production

## Troubleshooting

### Can't connect to RdpBroker

Check environment variables:
```bash
echo $RDP_BROKER_HOST
echo $RDP_BROKER_PORT
```

Test connectivity:
```bash
nc -zv rdpbroker 3389
```

### WebSocket connection fails

Ensure WebSocket upgrade is allowed through any proxies/load balancers.

For nginx:
```nginx
location /ws/ {
    proxy_pass http://backend;
    proxy_http_version 1.1;
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection "upgrade";
}
```

### High memory usage

Reduce session timeout or implement session limits per user.

## Development

### Running Tests
```bash
npm test
```

### Code Style
```bash
npm run lint
```

## License

MIT License - see LICENSE file

## Support

For issues and questions, check the logs:

```bash
# View logs
kubectl logs -f deployment/rdp-web-gateway -n rdpbroker

# Check health
curl http://localhost:8080/health
```