Home Esplora Aiuto
Accedi
Apq
/
syncthing
mirror da https://github.com/syncthing/syncthing.git
1
0
Forka 0
File Problemi 0 Wiki
Sfoglia il codice sorgente

API key change should take effect on restart only

Jakob Borg 11 anni fa
parent
20a018db2e
commit
1cff9ccc63
2 ha cambiato i file con 4 aggiunte e 1 eliminazioni
Visualizzazione separata Mostra Diff Stats
  1. 3 1
      cmd/syncthing/gui.go
  2. 1 0
      cmd/syncthing/gui_csrf.go

+ 3 - 1
cmd/syncthing/gui.go
Vedi File 

@@ -40,6 +40,7 @@ var (
 
 	guiErrors    = []guiError{}
 
 	guiErrorsMut sync.Mutex
 
 	static       func(http.ResponseWriter, *http.Request, *log.Logger)
 
+	apiKey       string
 
 )
 
 
 const (
 
@@ -115,6 +116,7 @@ func startGUI(cfg config.GUIConfiguration, assetDir string, m *model.Model) erro
 
 	mr.Action(router.Handle)
 
 	mr.Map(m)
 
 
+	apiKey = cfg.APIKey
 
 	loadCsrfTokens()
 
 
 	go http.Serve(listener, mr)
 
@@ -363,7 +365,7 @@ func basic(username string, passhash string) http.HandlerFunc {
 
 }
 
 
 func validAPIKey(k string) bool {
 
-	return len(cfg.GUI.APIKey) > 0 && k == cfg.GUI.APIKey
 
+	return len(apiKey) > 0 && k == apiKey
 
 }
 
 
 func embeddedStatic() func(http.ResponseWriter, *http.Request, *log.Logger) {

+ 1 - 0
cmd/syncthing/gui_csrf.go
Vedi File 

@@ -25,6 +25,7 @@ func csrfMiddleware(w http.ResponseWriter, r *http.Request) {
 
 	if validAPIKey(r.Header.Get("X-API-Key")) {
 
 		return
 
 	}
 
+
 
 	if strings.HasPrefix(r.URL.Path, "/rest/") {
 
 		token := r.Header.Get("X-CSRF-Token")
 
 		if !validCsrfToken(token) {