diff --git a/back/src/Controller/DebugController.ts b/back/src/Controller/DebugController.ts index e9fc0743..f571d6b2 100644 --- a/back/src/Controller/DebugController.ts +++ b/back/src/Controller/DebugController.ts @@ -15,6 +15,9 @@ export class DebugController { (async () => { const query = parse(req.getQuery()); + if (ADMIN_API_TOKEN === "") { + return res.writeStatus("401 Unauthorized").end("No token configured!"); + } if (query.token !== ADMIN_API_TOKEN) { return res.writeStatus("401 Unauthorized").end("Invalid token sent!"); } diff --git a/back/src/Enum/EnvironmentVariable.ts b/back/src/Enum/EnvironmentVariable.ts index f7f0b084..f0f46a62 100644 --- a/back/src/Enum/EnvironmentVariable.ts +++ b/back/src/Enum/EnvironmentVariable.ts @@ -2,7 +2,7 @@ const MINIMUM_DISTANCE = process.env.MINIMUM_DISTANCE ? Number(process.env.MINIM const GROUP_RADIUS = process.env.GROUP_RADIUS ? Number(process.env.GROUP_RADIUS) : 48; const ALLOW_ARTILLERY = process.env.ALLOW_ARTILLERY ? process.env.ALLOW_ARTILLERY == "true" : false; const ADMIN_API_URL = process.env.ADMIN_API_URL || ""; -const ADMIN_API_TOKEN = process.env.ADMIN_API_TOKEN || "myapitoken"; +const ADMIN_API_TOKEN = process.env.ADMIN_API_TOKEN || ""; const CPU_OVERHEAT_THRESHOLD = Number(process.env.CPU_OVERHEAT_THRESHOLD) || 80; const JITSI_URL: string | undefined = process.env.JITSI_URL === "" ? undefined : process.env.JITSI_URL; const JITSI_ISS = process.env.JITSI_ISS || ""; diff --git a/pusher/src/Controller/AdminController.ts b/pusher/src/Controller/AdminController.ts index 85116df9..6fbf5721 100644 --- a/pusher/src/Controller/AdminController.ts +++ b/pusher/src/Controller/AdminController.ts @@ -31,6 +31,10 @@ export class AdminController extends BaseController { const token = req.getHeader("admin-token"); const body = await res.json(); + if (ADMIN_API_TOKEN === "") { + res.writeStatus("401 Unauthorized").end("No token configured!"); + return; + } if (token !== ADMIN_API_TOKEN) { console.error("Admin access refused for token: " + token); res.writeStatus("401 Unauthorized").end("Incorrect token"); @@ -78,6 +82,10 @@ export class AdminController extends BaseController { const token = req.getHeader("admin-token"); const body = await res.json(); + if (ADMIN_API_TOKEN === "") { + res.writeStatus("401 Unauthorized").end("No token configured!"); + return; + } if (token !== ADMIN_API_TOKEN) { console.error("Admin access refused for token: " + token); res.writeStatus("401 Unauthorized").end("Incorrect token"); diff --git a/pusher/src/Controller/DebugController.ts b/pusher/src/Controller/DebugController.ts index a4f22d80..26b229b6 100644 --- a/pusher/src/Controller/DebugController.ts +++ b/pusher/src/Controller/DebugController.ts @@ -15,6 +15,9 @@ export class DebugController { this.App.get("/dump", (res: HttpResponse, req: HttpRequest) => { const query = parse(req.getQuery()); + if (ADMIN_API_TOKEN === "") { + return res.writeStatus("401 Unauthorized").end("No token configured!"); + } if (query.token !== ADMIN_API_TOKEN) { return res.writeStatus("401 Unauthorized").end("Invalid token sent!"); } diff --git a/pusher/src/Controller/IoSocketController.ts b/pusher/src/Controller/IoSocketController.ts index 9d1f3887..6db53403 100644 --- a/pusher/src/Controller/IoSocketController.ts +++ b/pusher/src/Controller/IoSocketController.ts @@ -29,7 +29,7 @@ import { AdminSocketTokenData, jwtTokenManager, tokenInvalidException } from ".. import { adminApi, FetchMemberDataByUuidResponse } from "../Services/AdminApi"; import { SocketManager, socketManager } from "../Services/SocketManager"; import { emitInBatch } from "../Services/IoSocketHelpers"; -import { ADMIN_API_URL, DISABLE_ANONYMOUS, SOCKET_IDLE_TIMER } from "../Enum/EnvironmentVariable"; +import { ADMIN_API_URL, ADMIN_SOCKETS_TOKEN, DISABLE_ANONYMOUS, SOCKET_IDLE_TIMER } from "../Enum/EnvironmentVariable"; import { Zone } from "_Model/Zone"; import { ExAdminSocketInterface } from "_Model/Websocket/ExAdminSocketInterface"; import { CharacterTexture } from "../Messages/JsonMessages/CharacterTexture"; @@ -42,7 +42,9 @@ export class IoSocketController { constructor(private readonly app: TemplatedApp) { this.ioConnection(); - this.adminRoomSocket(); + if (ADMIN_SOCKETS_TOKEN) { + this.adminRoomSocket(); + } } adminRoomSocket() { diff --git a/pusher/src/Enum/EnvironmentVariable.ts b/pusher/src/Enum/EnvironmentVariable.ts index 29b1293c..7ad7d989 100644 --- a/pusher/src/Enum/EnvironmentVariable.ts +++ b/pusher/src/Enum/EnvironmentVariable.ts @@ -3,8 +3,8 @@ const ALLOW_ARTILLERY = process.env.ALLOW_ARTILLERY ? process.env.ALLOW_ARTILLER const API_URL = process.env.API_URL || ""; const ADMIN_API_URL = process.env.ADMIN_API_URL || ""; const ADMIN_URL = process.env.ADMIN_URL || ""; -const ADMIN_API_TOKEN = process.env.ADMIN_API_TOKEN || "myapitoken"; -export const ADMIN_SOCKETS_TOKEN = process.env.ADMIN_SOCKETS_TOKEN || "myapitoken"; +const ADMIN_API_TOKEN = process.env.ADMIN_API_TOKEN || ""; +export const ADMIN_SOCKETS_TOKEN = process.env.ADMIN_SOCKETS_TOKEN || ""; const CPU_OVERHEAT_THRESHOLD = Number(process.env.CPU_OVERHEAT_THRESHOLD) || 80; const JITSI_URL: string | undefined = process.env.JITSI_URL === "" ? undefined : process.env.JITSI_URL; const JITSI_ISS = process.env.JITSI_ISS || ""; diff --git a/pusher/src/Services/AdminApi.ts b/pusher/src/Services/AdminApi.ts index f97e144d..c72a6ba8 100644 --- a/pusher/src/Services/AdminApi.ts +++ b/pusher/src/Services/AdminApi.ts @@ -81,6 +81,9 @@ class AdminApi { reporterUserUuid: string, reportWorldSlug: string ) { + if (!ADMIN_API_URL) { + return Promise.reject(new Error("No admin backoffice set!")); + } return Axios.post( `${ADMIN_API_URL}/api/report`, {