zhushenwudi/ew
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Check for auth header before accepting an API request

Browse Source
This commit is contained in:
Ethan O'Brien 2024-10-18 14:38:26 -05:00
parent f2d99b427b
commit 465cfda1b4
1 changed files with 7 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
src/router.rs
View File

@ -62,6 +62,13 @@ async fn api_req(req: HttpRequest, body: String) -> HttpResponse {
} else if !req.path().starts_with("/api") && !req.path().starts_with("/v1.0") { } else if !req.path().starts_with("/api") && !req.path().starts_with("/v1.0") {
return webui::main(req); return webui::main(req);
} }
if headers.get("a6573cbe").is_none() {
if args.hidden {
return not_found(&headers);
} else {
return webui::main(req);
}
}
let blank_header = HeaderValue::from_static(""); let blank_header = HeaderValue::from_static("");
let uid = req.headers().get("aoharu-user-id").unwrap_or(&blank_header).to_str().unwrap_or("").parse::<i64>().unwrap_or(0); let uid = req.headers().get("aoharu-user-id").unwrap_or(&blank_header).to_str().unwrap_or("").parse::<i64>().unwrap_or(0);
let resp: Option<JsonValue> = if req.method() == "POST" { let resp: Option<JsonValue> = if req.method() == "POST" {