zhushenwudi/ew_author
1
0
Fork 0
mirror of https://git.ethanthesleepy.one/ethanaobrien/ew synced 2025-10-09 00:47:19 +08:00
Code Issues Packages Projects Releases Wiki Activity

Check Authorization header before accepting gree request

Browse Source
This commit is contained in:
Ethan O'Brien
2024-10-18 14:53:04 -05:00
parent 465cfda1b4
commit 6a98949f77
2 changed files with 22 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
src/router.rs
View File

@@ -62,7 +62,7 @@ async fn api_req(req: HttpRequest, body: String) -> HttpResponse {
} else if !req.path().starts_with("/api") && !req.path().starts_with("/v1.0") {
return webui::main(req);
}
if headers.get("a6573cbe").is_none() {
if headers.get("a6573cbe").is_none() && req.path().starts_with("/api") {
if args.hidden {
return not_found(&headers);
} else {
@@ -179,6 +179,13 @@ pub async fn request(req: HttpRequest, body: String) -> HttpResponse {
if args.hidden && req.path().starts_with("/api/webui/") {
return not_found(&req.headers());
}
if req.path().starts_with("/v1.0") && req.headers().get("Authorization").is_none() {
if args.hidden {
return gree::not_found();
} else {
return webui::main(req);
}
}
if req.method() == "POST" {
match req.path() {
"/v1.0/auth/initialize" => gree::initialize(req, body),