Skip to content

Commit 6648a99

Browse files
nfebenfebe
committed
fix(security): Make blocked-ips endpoint public for nginx access
Move GET /security/blocked-ips from protected routes to public routes so nginx Lua can fetch the blocked IPs list without authentication.
1 parent 26cc043 commit 6648a99

File tree

1 file changed

+1
-1
lines changed

1 file changed

+1
-1
lines changed

internal/api/server.go

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -276,7 +276,6 @@ func (s *Server) setupRoutes() {
276276
protected.GET("/security/events", s.listSecurityEvents)
277277
protected.GET("/security/events/:id", s.getSecurityEvent)
278278
protected.POST("/security/cleanup", s.cleanupSecurityEvents)
279-
protected.GET("/security/blocked-ips", s.listBlockedIPs)
280279
protected.POST("/security/blocked-ips", s.blockIP)
281280
protected.DELETE("/security/blocked-ips/:ip", s.unblockIP)
282281
protected.GET("/security/ips/:ip/events", s.getEventsByIP)
@@ -302,6 +301,7 @@ func (s *Server) setupRoutes() {
302301
// Ingest endpoints (no auth - called by nginx Lua)
303302
api.POST("/security/events/ingest", s.ingestSecurityEvent)
304303
api.POST("/traffic/ingest", s.ingestTrafficLog)
304+
api.GET("/security/blocked-ips", s.listBlockedIPs)
305305
}
306306
}
307307

0 commit comments

Comments
 (0)