Allow access to /features endpoint without login
This commit is contained in:
parent
a9ffaed51f
commit
400c9aaebc
5 changed files with 15 additions and 8 deletions
|
@ -19,12 +19,20 @@ import importlib
|
||||||
|
|
||||||
from ...config import Config
|
from ...config import Config
|
||||||
from .base import routes, get_config, set_config, set_loop
|
from .base import routes, get_config, set_config, set_loop
|
||||||
|
from .auth import check_token
|
||||||
from .middleware import auth, error
|
from .middleware import auth, error
|
||||||
|
|
||||||
|
|
||||||
@routes.get("/features")
|
@routes.get("/features")
|
||||||
def features(_: web.Request) -> web.Response:
|
def features(request: web.Request) -> web.Response:
|
||||||
return web.json_response(get_config()["api_features"])
|
data = get_config()["api_features"]
|
||||||
|
err = check_token(request)
|
||||||
|
if err is None:
|
||||||
|
return web.json_response(data)
|
||||||
|
else:
|
||||||
|
return web.json_response({
|
||||||
|
"login": data["login"],
|
||||||
|
})
|
||||||
|
|
||||||
|
|
||||||
def init(cfg: Config, loop: AbstractEventLoop) -> web.Application:
|
def init(cfg: Config, loop: AbstractEventLoop) -> web.Application:
|
||||||
|
|
|
@ -69,4 +69,4 @@ async def ping(request: web.Request) -> web.Response:
|
||||||
user = data.get("user_id", None)
|
user = data.get("user_id", None)
|
||||||
if not get_config().is_admin(user):
|
if not get_config().is_admin(user):
|
||||||
return resp.invalid_token
|
return resp.invalid_token
|
||||||
return resp.pong(user)
|
return resp.pong(user, get_config()["api_features"])
|
||||||
|
|
|
@ -29,7 +29,7 @@ log = logging.getLogger("maubot.server")
|
||||||
@web.middleware
|
@web.middleware
|
||||||
async def auth(request: web.Request, handler: Handler) -> web.Response:
|
async def auth(request: web.Request, handler: Handler) -> web.Response:
|
||||||
subpath = request.path[len(get_config()["server.base_path"]):]
|
subpath = request.path[len(get_config()["server.base_path"]):]
|
||||||
if subpath.startswith("/auth/") or subpath == "/logs":
|
if subpath.startswith("/auth/") or subpath == "/features" or subpath == "/logs":
|
||||||
return await handler(request)
|
return await handler(request)
|
||||||
err = check_token(request)
|
err = check_token(request)
|
||||||
if err is not None:
|
if err is not None:
|
||||||
|
|
|
@ -294,9 +294,10 @@ class _Response:
|
||||||
"token": token,
|
"token": token,
|
||||||
})
|
})
|
||||||
|
|
||||||
def pong(self, user: str) -> web.Response:
|
def pong(self, user: str, features: dict) -> web.Response:
|
||||||
return self.found({
|
return self.found({
|
||||||
"username": user,
|
"username": user,
|
||||||
|
"features": features,
|
||||||
})
|
})
|
||||||
|
|
||||||
@staticmethod
|
@staticmethod
|
||||||
|
|
|
@ -64,15 +64,13 @@ export async function login(username, password) {
|
||||||
let features = null
|
let features = null
|
||||||
|
|
||||||
export async function ping() {
|
export async function ping() {
|
||||||
if (!features) {
|
|
||||||
await remoteGetFeatures()
|
|
||||||
}
|
|
||||||
const response = await fetch(`${BASE_PATH}/auth/ping`, {
|
const response = await fetch(`${BASE_PATH}/auth/ping`, {
|
||||||
method: "POST",
|
method: "POST",
|
||||||
headers: getHeaders(),
|
headers: getHeaders(),
|
||||||
})
|
})
|
||||||
const json = await response.json()
|
const json = await response.json()
|
||||||
if (json.username) {
|
if (json.username) {
|
||||||
|
features = json.features
|
||||||
return json.username
|
return json.username
|
||||||
} else if (json.errcode === "auth_token_missing" || json.errcode === "auth_token_invalid") {
|
} else if (json.errcode === "auth_token_missing" || json.errcode === "auth_token_invalid") {
|
||||||
return null
|
return null
|
||||||
|
|
Loading…
Reference in a new issue