AlphaX
/
qortal
forked from Qortal/qortal
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
Browse Source

Website serving now requires authentication for everything except the "domain map" server

qdn
CalDescent 3 years ago
parent
1397cbeac2
commit
0b20bf0145
1 changed files with 14 additions and 0 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 14
      src/main/java/org/qortal/api/resource/WebsiteResource.java

14
src/main/java/org/qortal/api/resource/WebsiteResource.java
Unescape View File

@ -15,6 +15,7 @@ import io.swagger.v3.oas.annotations.media.Content;
import io.swagger.v3.oas.annotations.media.Schema; import io.swagger.v3.oas.annotations.media.Schema;
import io.swagger.v3.oas.annotations.parameters.RequestBody; import io.swagger.v3.oas.annotations.parameters.RequestBody;
import io.swagger.v3.oas.annotations.responses.ApiResponse; import io.swagger.v3.oas.annotations.responses.ApiResponse;
import io.swagger.v3.oas.annotations.security.SecurityRequirement;
import io.swagger.v3.oas.annotations.tags.Tag; import io.swagger.v3.oas.annotations.tags.Tag;
import org.apache.logging.log4j.LogManager; import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger; import org.apache.logging.log4j.Logger;
@ -65,6 +66,7 @@ public class WebsiteResource {
) )
} }
) )
@SecurityRequirement(name = "apiKey")
public String previewWebsite(String directoryPath) { public String previewWebsite(String directoryPath) {
Security.checkApiCallAllowed(request); Security.checkApiCallAllowed(request);
@ -101,38 +103,50 @@ public class WebsiteResource {
@GET @GET
@Path("/signature/{signature}") @Path("/signature/{signature}")
@SecurityRequirement(name = "apiKey")
public HttpServletResponse getIndexBySignature(@PathParam("signature") String signature) { public HttpServletResponse getIndexBySignature(@PathParam("signature") String signature) {
Security.checkApiCallAllowed(request);
return this.get(signature, ResourceIdType.SIGNATURE, "/", null, "/site/signature", true, true); return this.get(signature, ResourceIdType.SIGNATURE, "/", null, "/site/signature", true, true);
} }
@GET @GET
@Path("/signature/{signature}/{path:.*}") @Path("/signature/{signature}/{path:.*}")
@SecurityRequirement(name = "apiKey")
public HttpServletResponse getPathBySignature(@PathParam("signature") String signature, @PathParam("path") String inPath) { public HttpServletResponse getPathBySignature(@PathParam("signature") String signature, @PathParam("path") String inPath) {
Security.checkApiCallAllowed(request);
return this.get(signature, ResourceIdType.SIGNATURE, inPath,null, "/site/signature", true, true); return this.get(signature, ResourceIdType.SIGNATURE, inPath,null, "/site/signature", true, true);
} }
@GET @GET
@Path("/hash/{hash}") @Path("/hash/{hash}")
@SecurityRequirement(name = "apiKey")
public HttpServletResponse getIndexByHash(@PathParam("hash") String hash58, @QueryParam("secret") String secret58) { public HttpServletResponse getIndexByHash(@PathParam("hash") String hash58, @QueryParam("secret") String secret58) {
Security.checkApiCallAllowed(request);
return this.get(hash58, ResourceIdType.FILE_HASH, "/", secret58, "/site/hash", true, false); return this.get(hash58, ResourceIdType.FILE_HASH, "/", secret58, "/site/hash", true, false);
} }
@GET @GET
@Path("/hash/{hash}/{path:.*}") @Path("/hash/{hash}/{path:.*}")
@SecurityRequirement(name = "apiKey")
public HttpServletResponse getPathByHash(@PathParam("hash") String hash58, @PathParam("path") String inPath, public HttpServletResponse getPathByHash(@PathParam("hash") String hash58, @PathParam("path") String inPath,
@QueryParam("secret") String secret58) { @QueryParam("secret") String secret58) {
Security.checkApiCallAllowed(request);
return this.get(hash58, ResourceIdType.FILE_HASH, inPath, secret58, "/site/hash", true, false); return this.get(hash58, ResourceIdType.FILE_HASH, inPath, secret58, "/site/hash", true, false);
} }
@GET @GET
@Path("{name}/{path:.*}") @Path("{name}/{path:.*}")
@SecurityRequirement(name = "apiKey")
public HttpServletResponse getPathByName(@PathParam("name") String name, @PathParam("path") String inPath) { public HttpServletResponse getPathByName(@PathParam("name") String name, @PathParam("path") String inPath) {
Security.checkApiCallAllowed(request);
return this.get(name, ResourceIdType.NAME, inPath, null, "/site", true, true); return this.get(name, ResourceIdType.NAME, inPath, null, "/site", true, true);
} }
@GET @GET
@Path("{name}") @Path("{name}")
@SecurityRequirement(name = "apiKey")
public HttpServletResponse getIndexByName(@PathParam("name") String name) { public HttpServletResponse getIndexByName(@PathParam("name") String name) {
Security.checkApiCallAllowed(request);
return this.get(name, ResourceIdType.NAME, "/", null, "/site", true, true); return this.get(name, ResourceIdType.NAME, "/", null, "/site", true, true);
} }

Write Preview
Loading…
Cancel
Save