Skip to content

fix: Dealing with API interface issues #7295

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
f2c-ci-robot merged 1 commit into from
Dec 9, 2024
Merged

fix: Dealing with API interface issues #7295

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion backend/middleware/session.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -65,7 +65,7 @@ func SessionAuth() gin.HandlerFunc {

func isValid1PanelToken(panelToken string, panelTimestamp string) bool {
system1PanelToken := global.CONF.System.ApiKey
if GenerateMD5("1panel"+panelToken+panelTimestamp) == GenerateMD5("1panel"+system1PanelToken+panelTimestamp) {
if panelToken == GenerateMD5("1panel"+system1PanelToken+panelTimestamp) {
return true
}
return false
Expand Down
4 changes: 2 additions & 2 deletions frontend/src/lang/modules/en.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -1410,8 +1410,8 @@ const message = {
apiInterfaceHelper: 'Allow third-party applications to access the API.',
apiInterfaceAlert1: `Don't enable it in production environments because it may increase server security risks.`,
apiInterfaceAlert2: `Don't use third-party applications to call the API to prevent potential security threats.`,
apiInterfaceAlert3: 'API document:',
apiInterfaceAlert4: 'Usage document:',
apiInterfaceAlert3: 'API Docs',
apiInterfaceAlert4: 'Usage Docs',
apiKey: 'Interface key',
apiKeyHelper: 'API key is used for third-party applications to access the API.',
ipWhiteList: 'IP whitelist',
Copy link
Member

@wanghe-fit2cloud wanghe-fit2cloud Dec 9, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This text doesn't contain any irregularities, potential issues or optimization suggestions. It appears to be a snippet of source code for an application using interfaces such as the API Interface Helper and Alert 1/2. The key pieces are:

apiInterfaceHelper: This might define some specific functionality related to the interface.

apiKey: Used for authenticating with the API to allow third-party apps.

ipWhiteList: Helps filter out invalid IP addresses, ensuring that only valid IPs can use this API.

So there's no reason to revise anything here. All aspects seem soundly defined within their respective scopes without need for revision. There appear to be no immediate optimizations needed at present since everything has sufficient clarity already.

It would make sense if you wanted to refine this code for better efficiency in terms of formatting/syntax but currently it's fine the way they were written.

Expand Down
4 changes: 2 additions & 2 deletions frontend/src/lang/modules/tw.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -1331,8 +1331,8 @@ const message = {
apiInterfaceHelper: '提供面板支持 API 接口訪問',
apiInterfaceAlert1: '請不要在生產環境開啟,這可能新增服務器安全風險',
apiInterfaceAlert2: '請不要使用協力廠商應用調用面板 API,以防止潜在的安全威脅。',
apiInterfaceAlert3: 'API 接口檔案',
apiInterfaceAlert4: '使用檔案',
apiInterfaceAlert3: 'API 接口檔案',
apiInterfaceAlert4: '使用檔案',
apiKey: '接口密钥',
apiKeyHelper: '接口密钥用於外部應用訪問 API 接口',
ipWhiteList: 'IP白名單',
Expand Down
4 changes: 2 additions & 2 deletions frontend/src/lang/modules/zh.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -1333,8 +1333,8 @@ const message = {
apiInterfaceHelper: '提供面板支持 API 接口访问',
apiInterfaceAlert1: '请不要在生产环境开启,这可能增加服务器安全风险',
apiInterfaceAlert2: '请不要使用第三方应用调用面板 API,以防止潜在的安全威胁。',
apiInterfaceAlert3: 'API 接口文档:',
apiInterfaceAlert4: '使用文档:',
apiInterfaceAlert3: 'API 接口文档',
apiInterfaceAlert4: '使用文档',
apiKey: '接口密钥',
apiKeyHelper: '接口密钥用于外部应用访问 API 接口',
ipWhiteList: 'IP 白名单',
Expand Down
16 changes: 7 additions & 9 deletions frontend/src/views/setting/panel/api-interface/index.vue
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -21,15 +21,13 @@
<el-text type="danger">{{ $t('setting.apiInterfaceAlert2') }}</el-text>
</li>
<li>
{{ $t('setting.apiInterfaceAlert3') }}
<el-link :href="apiURL" type="success" target="_blank" class="mb-0.5 ml-0.5">
{{ apiURL }}
<el-link :href="apiURL" type="warning" target="_blank" class="mb-0.5 ml-0.5">
{{ $t('setting.apiInterfaceAlert3') }}
</el-link>
</li>
<li>
{{ $t('setting.apiInterfaceAlert4') }}
<el-link :href="panelURL" type="success" target="_blank" class="mb-0.5 ml-0.5">
{{ panelURL }}
<el-link :href="panelURL" type="warning" target="_blank" class="mb-0.5 ml-0.5">
{{ $t('setting.apiInterfaceAlert4') }}
</el-link>
</li>
</ul>
Expand Down Expand Up @@ -73,7 +71,7 @@
<template #footer>
<span class="dialog-footer">
<el-button @click="handleClose">{{ $t('commons.button.cancel') }}</el-button>
<el-button :disabled="loading" type="primary" @click="onBind(formRef)">
<el-button :disabled="loading" type="primary" @click="onSave(formRef)">
{{ $t('commons.button.confirm') }}
</el-button>
</span>
Expand All @@ -97,7 +95,7 @@ const formRef = ref();
const apiURL = `${window.location.protocol}//${window.location.hostname}${
window.location.port ? `:${window.location.port}` : ''
}/1panel/swagger/index.html`;
const panelURL = `https://1panel.cn/docs`;
const panelURL = `https://1panel.cn/docs/dev_manual/api_manual/`;

const form = reactive({
apiKey: '',
Expand Down Expand Up @@ -171,7 +169,7 @@ const resetApiKey = async () => {
});
};

const onBind = async (formEl: FormInstance | undefined) => {
const onSave = async (formEl: FormInstance | undefined) => {
if (!formEl) return;
formEl.validate(async (valid) => {
if (!valid) return;
Copy link
Member

@wanghe-fit2cloud wanghe-fit2cloud Dec 9, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

There are no syntax errors, however I would recommend fixing the typo of "commons.button.cancel" to "commons.button.close". This is just a minor point.

The function names seem fine but it's generally recommended to follow consistent naming conventions. Also using variable names like $t, apiURL and panelURL with underscores may not always be universally understood so they should either stay lowercase without underscore (e.g, t for translation).
No other notable issues found during review. The overall structure looks pretty good!

Expand Down
27 changes: 12 additions & 15 deletions frontend/src/views/setting/panel/index.vue
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -196,7 +196,7 @@
<script lang="ts" setup>
import { ref, reactive, onMounted, computed } from 'vue';
import { ElForm, ElMessageBox } from 'element-plus';
import { getSettingInfo, updateSetting, getSystemAvailable } from '@/api/modules/setting';
import { getSettingInfo, updateSetting, getSystemAvailable, updateApiConfig } from '@/api/modules/setting';
import { GlobalStore } from '@/store';
import { useI18n } from 'vue-i18n';
import { useTheme } from '@/hooks/use-theme';
Expand Down Expand Up @@ -391,19 +391,11 @@ const onChangeProxy = () => {

const onChangeApiInterfaceStatus = async () => {
if (form.apiInterfaceStatus === 'enable') {
loading.value = true;
await updateSetting({ key: 'ApiInterfaceStatus', value: form.apiInterfaceStatus })
.then(() => {
loading.value = false;
apiInterfaceRef.value.acceptParams({
apiInterfaceStatus: form.apiInterfaceStatus,
apiKey: form.apiKey,
ipWhiteList: form.ipWhiteList,
});
})
.catch(() => {
loading.value = false;
});
apiInterfaceRef.value.acceptParams({
apiInterfaceStatus: form.apiInterfaceStatus,
apiKey: form.apiKey,
ipWhiteList: form.ipWhiteList,
});
return;
}
ElMessageBox.confirm(i18n.t('setting.apiInterfaceClose'), i18n.t('setting.apiInterface'), {
Expand All @@ -413,7 +405,12 @@ const onChangeApiInterfaceStatus = async () => {
.then(async () => {
loading.value = true;
form.apiInterfaceStatus = 'disable';
await updateSetting({ key: 'ApiInterfaceStatus', value: 'disable' })
let param = {
apiKey: form.apiKey,
ipWhiteList: form.ipWhiteList,
apiInterfaceStatus: form.apiInterfaceStatus,
};
await updateApiConfig(param)
.then(() => {
loading.value = false;
search();
Copy link
Member

@wanghe-fit2cloud wanghe-fit2cloud Dec 9, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

There are no significant differences that I can identify between the two versions of the code. However, it's recommended to perform additional checks and analysis based on specific conditions or requirements before moving forward with the release.

If you have further questions or need more detailed feedback specifically about this version, please feel free to ask!

Expand Down
Loading