Skip to content

Commit 526f056

Browse files
CodeShellDevCodeShellDev
committed
handle empty API TOKEN
1 parent feecd9d commit 526f056

File tree

2 files changed

+21
-8
lines changed

2 files changed

+21
-8
lines changed

internals/proxy/proxy.go

Lines changed: 10 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -8,7 +8,6 @@ import (
88
"net/http"
99
"net/http/httputil"
1010
"net/url"
11-
"os"
1211
"slices"
1312
"strconv"
1413
"strings"
@@ -26,7 +25,7 @@ const (
2625
None AuthType = "None"
2726
)
2827

29-
func parseTypedQuery(key string, values []string) interface{} {
28+
func parseTypedQuery(values []string) interface{} {
3029
var result interface{}
3130

3231
raw := values[0]
@@ -80,12 +79,14 @@ func renderTemplate(name string, tmplStr string, data any) (string, error) {
8079
return buf.String(), nil
8180
}
8281

83-
func AuthMiddleware(next http.Handler) http.Handler {
82+
func AuthMiddleware(next http.Handler, token string) http.Handler {
8483
return http.HandlerFunc(func(w http.ResponseWriter, req *http.Request) {
85-
log.Info("Request:", req.Method, req.URL.Path)
84+
if token == "" {
85+
next.ServeHTTP(w, req)
86+
return
87+
}
8688

87-
token := os.Getenv("API_TOKEN")
88-
user := "api"
89+
log.Info("Request:", req.Method, req.URL.Path)
8990

9091
authHeader := req.Header.Get("Authorization")
9192

@@ -117,6 +118,8 @@ func AuthMiddleware(next http.Handler) http.Handler {
117118
basicAuth := string(basicAuthBody)
118119
basicAuthParams := strings.Split(basicAuth, ":")
119120

121+
user := "api"
122+
120123
if basicAuthParams[0] == user && basicAuthParams[1] == token {
121124
success = true
122125
}
@@ -204,7 +207,7 @@ func TemplatingMiddleware(next http.Handler, VARIABLES map[string]string) http.H
204207
keyWithoutPrefix, found := strings.CutPrefix(key, "@")
205208

206209
if found {
207-
modifiedBodyData[keyWithoutPrefix] = parseTypedQuery(key, value)
210+
modifiedBodyData[keyWithoutPrefix] = parseTypedQuery(value)
208211

209212
modifiedQuery.Del(key)
210213
}

main.go

Lines changed: 11 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -39,8 +39,18 @@ func main() {
3939
blockedEndpointJSON := os.Getenv("BLOCKED_ENDPOINTS")
4040
variablesJSON := os.Getenv("VARIABLES")
4141

42+
token := os.Getenv("API_TOKEN")
43+
4244
log.Info("Loaded Environment Variables")
4345

46+
if token == "" {
47+
log.Warn("No API TOKEN provided this is NOT recommended")
48+
49+
log.Info("Disabling Security Features due to incomplete Congfiguration")
50+
51+
BLOCKED_ENDPOINTS = []string{}
52+
}
53+
4454
if blockedEndpointJSON != "" {
4555
var blockedEndpoints []string
4656

@@ -73,7 +83,7 @@ func main() {
7383
VARIABLES ),
7484

7585
BLOCKED_ENDPOINTS ),
76-
)
86+
token )
7787

7888
log.Info("Initialized Proxy Handler")
7989

0 commit comments

Comments
 (0)