mirror of https://github.com/statping/statping
parent
4e15799680
commit
8897f2cccb
|
@ -24,8 +24,6 @@ import (
|
|||
"github.com/hunterlong/statup/types"
|
||||
"github.com/hunterlong/statup/utils"
|
||||
"net/http"
|
||||
"os"
|
||||
"strings"
|
||||
)
|
||||
|
||||
type apiResponse struct {
|
||||
|
@ -38,7 +36,7 @@ type apiResponse struct {
|
|||
}
|
||||
|
||||
func apiIndexHandler(w http.ResponseWriter, r *http.Request) {
|
||||
if !isAuthorized(r) {
|
||||
if !IsAuthenticated(r) {
|
||||
sendUnauthorizedJson(w, r)
|
||||
return
|
||||
}
|
||||
|
@ -47,7 +45,7 @@ func apiIndexHandler(w http.ResponseWriter, r *http.Request) {
|
|||
}
|
||||
|
||||
func apiRenewHandler(w http.ResponseWriter, r *http.Request) {
|
||||
if !isAuthorized(r) {
|
||||
if !IsAuthenticated(r) {
|
||||
sendUnauthorizedJson(w, r)
|
||||
return
|
||||
}
|
||||
|
@ -130,23 +128,3 @@ func sendUnauthorizedJson(w http.ResponseWriter, r *http.Request) {
|
|||
w.WriteHeader(http.StatusUnauthorized)
|
||||
json.NewEncoder(w).Encode(output)
|
||||
}
|
||||
|
||||
func isAuthorized(r *http.Request) bool {
|
||||
utils.Http(r)
|
||||
if os.Getenv("GO_ENV") == "test" {
|
||||
return true
|
||||
}
|
||||
if IsAuthenticated(r) {
|
||||
return true
|
||||
}
|
||||
var token string
|
||||
tokens, ok := r.Header["Authorization"]
|
||||
if ok && len(tokens) >= 1 {
|
||||
token = tokens[0]
|
||||
token = strings.TrimPrefix(token, "Bearer ")
|
||||
}
|
||||
if token == core.CoreApp.ApiSecret {
|
||||
return true
|
||||
}
|
||||
return false
|
||||
}
|
||||
|
|
|
@ -27,7 +27,7 @@ import (
|
|||
)
|
||||
|
||||
func apiAllCheckinsHandler(w http.ResponseWriter, r *http.Request) {
|
||||
if !isAuthorized(r) {
|
||||
if !IsAuthenticated(r) {
|
||||
sendUnauthorizedJson(w, r)
|
||||
return
|
||||
}
|
||||
|
@ -41,7 +41,7 @@ func apiAllCheckinsHandler(w http.ResponseWriter, r *http.Request) {
|
|||
}
|
||||
|
||||
func apiCheckinHandler(w http.ResponseWriter, r *http.Request) {
|
||||
if !isAuthorized(r) {
|
||||
if !IsAuthenticated(r) {
|
||||
sendUnauthorizedJson(w, r)
|
||||
return
|
||||
}
|
||||
|
|
|
@ -27,6 +27,7 @@ import (
|
|||
"net/http"
|
||||
"os"
|
||||
"reflect"
|
||||
"strings"
|
||||
"time"
|
||||
)
|
||||
|
||||
|
@ -70,10 +71,19 @@ func IsAuthenticated(r *http.Request) bool {
|
|||
return true
|
||||
}
|
||||
if core.CoreApp == nil {
|
||||
return false
|
||||
return true
|
||||
}
|
||||
if sessionStore == nil {
|
||||
return false
|
||||
return true
|
||||
}
|
||||
var token string
|
||||
tokens, ok := r.Header["Authorization"]
|
||||
if ok && len(tokens) >= 1 {
|
||||
token = tokens[0]
|
||||
token = strings.TrimPrefix(token, "Bearer ")
|
||||
if token == core.CoreApp.ApiSecret {
|
||||
return true
|
||||
}
|
||||
}
|
||||
session, err := sessionStore.Get(r, cookieKey)
|
||||
if err != nil {
|
||||
|
|
|
@ -50,7 +50,7 @@ func viewMessageHandler(w http.ResponseWriter, r *http.Request) {
|
|||
}
|
||||
|
||||
func apiAllMessagesHandler(w http.ResponseWriter, r *http.Request) {
|
||||
if !isAuthorized(r) {
|
||||
if !IsAuthenticated(r) {
|
||||
sendUnauthorizedJson(w, r)
|
||||
return
|
||||
}
|
||||
|
@ -64,7 +64,7 @@ func apiAllMessagesHandler(w http.ResponseWriter, r *http.Request) {
|
|||
}
|
||||
|
||||
func apiMessageCreateHandler(w http.ResponseWriter, r *http.Request) {
|
||||
if !isAuthorized(r) {
|
||||
if !IsAuthenticated(r) {
|
||||
sendUnauthorizedJson(w, r)
|
||||
return
|
||||
}
|
||||
|
@ -85,7 +85,7 @@ func apiMessageCreateHandler(w http.ResponseWriter, r *http.Request) {
|
|||
}
|
||||
|
||||
func apiMessageGetHandler(w http.ResponseWriter, r *http.Request) {
|
||||
if !isAuthorized(r) {
|
||||
if !IsAuthenticated(r) {
|
||||
sendUnauthorizedJson(w, r)
|
||||
return
|
||||
}
|
||||
|
@ -100,7 +100,7 @@ func apiMessageGetHandler(w http.ResponseWriter, r *http.Request) {
|
|||
}
|
||||
|
||||
func apiMessageDeleteHandler(w http.ResponseWriter, r *http.Request) {
|
||||
if !isAuthorized(r) {
|
||||
if !IsAuthenticated(r) {
|
||||
sendUnauthorizedJson(w, r)
|
||||
return
|
||||
}
|
||||
|
@ -119,7 +119,7 @@ func apiMessageDeleteHandler(w http.ResponseWriter, r *http.Request) {
|
|||
}
|
||||
|
||||
func apiMessageUpdateHandler(w http.ResponseWriter, r *http.Request) {
|
||||
if !isAuthorized(r) {
|
||||
if !IsAuthenticated(r) {
|
||||
sendUnauthorizedJson(w, r)
|
||||
return
|
||||
}
|
||||
|
|
|
@ -27,7 +27,7 @@ import (
|
|||
)
|
||||
|
||||
func apiNotifiersHandler(w http.ResponseWriter, r *http.Request) {
|
||||
if !isAuthorized(r) {
|
||||
if !IsAuthenticated(r) {
|
||||
sendUnauthorizedJson(w, r)
|
||||
return
|
||||
}
|
||||
|
@ -41,7 +41,7 @@ func apiNotifiersHandler(w http.ResponseWriter, r *http.Request) {
|
|||
}
|
||||
|
||||
func apiNotifierGetHandler(w http.ResponseWriter, r *http.Request) {
|
||||
if !isAuthorized(r) {
|
||||
if !IsAuthenticated(r) {
|
||||
sendUnauthorizedJson(w, r)
|
||||
return
|
||||
}
|
||||
|
@ -56,7 +56,7 @@ func apiNotifierGetHandler(w http.ResponseWriter, r *http.Request) {
|
|||
}
|
||||
|
||||
func apiNotifierUpdateHandler(w http.ResponseWriter, r *http.Request) {
|
||||
if !isAuthorized(r) {
|
||||
if !IsAuthenticated(r) {
|
||||
sendUnauthorizedJson(w, r)
|
||||
return
|
||||
}
|
||||
|
|
|
@ -27,7 +27,7 @@ type PluginSelect struct {
|
|||
}
|
||||
|
||||
func pluginSavedHandler(w http.ResponseWriter, r *http.Request) {
|
||||
if !isAuthorized(r) {
|
||||
if !IsAuthenticated(r) {
|
||||
http.Redirect(w, r, "/", http.StatusSeeOther)
|
||||
return
|
||||
}
|
||||
|
|
|
@ -33,7 +33,7 @@ import (
|
|||
//
|
||||
|
||||
func prometheusHandler(w http.ResponseWriter, r *http.Request) {
|
||||
if !isAuthorized(r) {
|
||||
if !IsAuthenticated(r) {
|
||||
http.Redirect(w, r, "/", http.StatusSeeOther)
|
||||
return
|
||||
}
|
||||
|
|
|
@ -119,7 +119,7 @@ func servicesViewHandler(w http.ResponseWriter, r *http.Request) {
|
|||
}
|
||||
|
||||
func apiServiceHandler(w http.ResponseWriter, r *http.Request) {
|
||||
if !isAuthorized(r) {
|
||||
if !IsAuthenticated(r) {
|
||||
sendUnauthorizedJson(w, r)
|
||||
return
|
||||
}
|
||||
|
@ -135,7 +135,7 @@ func apiServiceHandler(w http.ResponseWriter, r *http.Request) {
|
|||
}
|
||||
|
||||
func apiCreateServiceHandler(w http.ResponseWriter, r *http.Request) {
|
||||
if !isAuthorized(r) {
|
||||
if !IsAuthenticated(r) {
|
||||
sendUnauthorizedJson(w, r)
|
||||
return
|
||||
}
|
||||
|
@ -156,7 +156,7 @@ func apiCreateServiceHandler(w http.ResponseWriter, r *http.Request) {
|
|||
}
|
||||
|
||||
func apiServiceUpdateHandler(w http.ResponseWriter, r *http.Request) {
|
||||
if !isAuthorized(r) {
|
||||
if !IsAuthenticated(r) {
|
||||
sendUnauthorizedJson(w, r)
|
||||
return
|
||||
}
|
||||
|
@ -220,7 +220,7 @@ func apiServicePingDataHandler(w http.ResponseWriter, r *http.Request) {
|
|||
}
|
||||
|
||||
func apiServiceDeleteHandler(w http.ResponseWriter, r *http.Request) {
|
||||
if !isAuthorized(r) {
|
||||
if !IsAuthenticated(r) {
|
||||
sendUnauthorizedJson(w, r)
|
||||
return
|
||||
}
|
||||
|
@ -239,7 +239,7 @@ func apiServiceDeleteHandler(w http.ResponseWriter, r *http.Request) {
|
|||
}
|
||||
|
||||
func apiAllServicesHandler(w http.ResponseWriter, r *http.Request) {
|
||||
if !isAuthorized(r) {
|
||||
if !IsAuthenticated(r) {
|
||||
sendUnauthorizedJson(w, r)
|
||||
return
|
||||
}
|
||||
|
|
|
@ -48,7 +48,7 @@ func usersEditHandler(w http.ResponseWriter, r *http.Request) {
|
|||
}
|
||||
|
||||
func apiUserHandler(w http.ResponseWriter, r *http.Request) {
|
||||
if !isAuthorized(r) {
|
||||
if !IsAuthenticated(r) {
|
||||
sendUnauthorizedJson(w, r)
|
||||
return
|
||||
}
|
||||
|
@ -64,7 +64,7 @@ func apiUserHandler(w http.ResponseWriter, r *http.Request) {
|
|||
}
|
||||
|
||||
func apiUserUpdateHandler(w http.ResponseWriter, r *http.Request) {
|
||||
if !isAuthorized(r) {
|
||||
if !IsAuthenticated(r) {
|
||||
sendUnauthorizedJson(w, r)
|
||||
return
|
||||
}
|
||||
|
@ -88,7 +88,7 @@ func apiUserUpdateHandler(w http.ResponseWriter, r *http.Request) {
|
|||
}
|
||||
|
||||
func apiUserDeleteHandler(w http.ResponseWriter, r *http.Request) {
|
||||
if !isAuthorized(r) {
|
||||
if !IsAuthenticated(r) {
|
||||
sendUnauthorizedJson(w, r)
|
||||
return
|
||||
}
|
||||
|
@ -112,7 +112,7 @@ func apiUserDeleteHandler(w http.ResponseWriter, r *http.Request) {
|
|||
}
|
||||
|
||||
func apiAllUsersHandler(w http.ResponseWriter, r *http.Request) {
|
||||
if !isAuthorized(r) {
|
||||
if !IsAuthenticated(r) {
|
||||
sendUnauthorizedJson(w, r)
|
||||
return
|
||||
}
|
||||
|
@ -126,7 +126,7 @@ func apiAllUsersHandler(w http.ResponseWriter, r *http.Request) {
|
|||
}
|
||||
|
||||
func apiCreateUsersHandler(w http.ResponseWriter, r *http.Request) {
|
||||
if !isAuthorized(r) {
|
||||
if !IsAuthenticated(r) {
|
||||
sendUnauthorizedJson(w, r)
|
||||
return
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue