_Bastler/partey_workadventure
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Disabling completely routes if admin token not configured

Browse Source
This commit is contained in:
David Négrier
2022-01-27 18:38:33 +01:00
parent 767ac9a68f
commit 12d6d9a50d
7 changed files with 22 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files
pusher/src/Controller/AdminController.ts
+6
View File
@@ -31,6 +31,9 @@ export class AdminController extends BaseController {
const token = req.getHeader("admin-token");
const body = await res.json();
if (ADMIN_API_TOKEN === "") {
return res.writeStatus("401 Unauthorized").end("No token configured!");
}
if (token !== ADMIN_API_TOKEN) {
console.error("Admin access refused for token: " + token);
res.writeStatus("401 Unauthorized").end("Incorrect token");
@@ -78,6 +81,9 @@ export class AdminController extends BaseController {
const token = req.getHeader("admin-token");
const body = await res.json();
if (ADMIN_API_TOKEN === "") {
return res.writeStatus("401 Unauthorized").end("No token configured!");
}
if (token !== ADMIN_API_TOKEN) {
console.error("Admin access refused for token: " + token);
res.writeStatus("401 Unauthorized").end("Incorrect token");
pusher/src/Controller/DebugController.ts
+3
View File
@@ -15,6 +15,9 @@ export class DebugController {
this.App.get("/dump", (res: HttpResponse, req: HttpRequest) => {
const query = parse(req.getQuery());
if (ADMIN_API_TOKEN === "") {
return res.writeStatus("401 Unauthorized").end("No token configured!");
}
if (query.token !== ADMIN_API_TOKEN) {
return res.writeStatus("401 Unauthorized").end("Invalid token sent!");
}
pusher/src/Controller/IoSocketController.ts
+4 -2
View File
@@ -29,7 +29,7 @@ import { AdminSocketTokenData, jwtTokenManager, tokenInvalidException } from "..
import { adminApi, FetchMemberDataByUuidResponse } from "../Services/AdminApi";
import { SocketManager, socketManager } from "../Services/SocketManager";
import { emitInBatch } from "../Services/IoSocketHelpers";
import { ADMIN_API_URL, DISABLE_ANONYMOUS, SOCKET_IDLE_TIMER } from "../Enum/EnvironmentVariable";
import { ADMIN_API_URL, ADMIN_SOCKETS_TOKEN, DISABLE_ANONYMOUS, SOCKET_IDLE_TIMER } from "../Enum/EnvironmentVariable";
import { Zone } from "_Model/Zone";
import { ExAdminSocketInterface } from "_Model/Websocket/ExAdminSocketInterface";
import { CharacterTexture } from "../Messages/JsonMessages/CharacterTexture";
@@ -42,7 +42,9 @@ export class IoSocketController {
constructor(private readonly app: TemplatedApp) {
this.ioConnection();
this.adminRoomSocket();
if (ADMIN_SOCKETS_TOKEN) {
this.adminRoomSocket();
}
}
adminRoomSocket() {