mirror of
https://github.com/Suwayomi/Suwayomi-Server.git
synced 2026-06-30 17:34:39 -05:00
fix auth not actually blocking requests (#333)
This commit is contained in:
@@ -54,6 +54,20 @@ object JavalinSetup {
|
|||||||
}
|
}
|
||||||
|
|
||||||
config.enableCorsForAllOrigins()
|
config.enableCorsForAllOrigins()
|
||||||
|
|
||||||
|
config.accessManager { handler, ctx, _ ->
|
||||||
|
fun credentialsValid(): Boolean {
|
||||||
|
val (username, password) = ctx.basicAuthCredentials()
|
||||||
|
return username == serverConfig.basicAuthUsername && password == serverConfig.basicAuthPassword
|
||||||
|
}
|
||||||
|
|
||||||
|
if (serverConfig.basicAuthEnabled && !(ctx.basicAuthCredentialsExist() && credentialsValid())) {
|
||||||
|
ctx.header("WWW-Authenticate", "Basic")
|
||||||
|
ctx.status(401).json("Unauthorized")
|
||||||
|
} else {
|
||||||
|
handler.handle(ctx)
|
||||||
|
}
|
||||||
|
}
|
||||||
}.events { event ->
|
}.events { event ->
|
||||||
event.serverStarted {
|
event.serverStarted {
|
||||||
if (serverConfig.initialOpenInBrowserEnabled) {
|
if (serverConfig.initialOpenInBrowserEnabled) {
|
||||||
@@ -83,18 +97,6 @@ object JavalinSetup {
|
|||||||
ctx.result(e.message ?: "Internal Server Error")
|
ctx.result(e.message ?: "Internal Server Error")
|
||||||
}
|
}
|
||||||
|
|
||||||
app.before { ctx ->
|
|
||||||
fun credentialsValid(): Boolean {
|
|
||||||
val (username, password) = ctx.basicAuthCredentials()
|
|
||||||
return username == serverConfig.basicAuthUsername && password == serverConfig.basicAuthPassword
|
|
||||||
}
|
|
||||||
|
|
||||||
if (serverConfig.basicAuthEnabled && !(ctx.basicAuthCredentialsExist() && credentialsValid())) {
|
|
||||||
ctx.header("WWW-Authenticate", "Basic")
|
|
||||||
ctx.status(401).json("Unauthorized")
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
app.routes {
|
app.routes {
|
||||||
path("api/v1/") {
|
path("api/v1/") {
|
||||||
GlobalAPI.defineEndpoints()
|
GlobalAPI.defineEndpoints()
|
||||||
|
|||||||
Reference in New Issue
Block a user