laantungir/ginxsom
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

v0.0.10 - Working on auth system

Browse Source
This commit is contained in:
Your Name
2025-09-09 10:42:59 -04:00
parent dd0d8a8b65
commit a3c8918491
23 changed files with 1284 additions and 113 deletions
Download Patch File Download Diff File Expand all files Collapse all files

158
src/admin_api.c
View File

@@ -19,6 +19,7 @@ void handle_admin_api_request(const char* method, const char* uri);
void handle_stats_api(void);
void handle_config_get_api(void);
void handle_config_put_api(void);
void handle_config_key_put_api(const char* key);
void handle_files_api(void);
void handle_health_api(void);
int authenticate_admin_request(const char* auth_header);
@@ -51,7 +52,7 @@ static int admin_nip94_get_origin(char* out, size_t out_size) {
return 1;
}
const char* sql = "SELECT value FROM server_config WHERE key = 'cdn_origin'";
const char* sql = "SELECT value FROM config WHERE key = 'cdn_origin'";
rc = sqlite3_prepare_v2(db, sql, -1, &stmt, NULL);
if (rc == SQLITE_OK) {
rc = sqlite3_step(stmt);
@@ -128,14 +129,15 @@ void handle_admin_api_request(const char* method, const char* uri) {
return;
}
// Authentication required for all admin operations except health check
if (strcmp(path, "/health") != 0) {
const char* auth_header = getenv("HTTP_AUTHORIZATION");
if (!authenticate_admin_request(auth_header)) {
send_json_error(401, "admin_auth_required", "Valid admin authentication required");
return;
}
}
// TODO: Re-enable authentication later
// Authentication temporarily disabled for testing
// if (strcmp(path, "/health") != 0) {
// const char* auth_header = getenv("HTTP_AUTHORIZATION");
// if (!authenticate_admin_request(auth_header)) {
// send_json_error(401, "admin_auth_required", "Valid admin authentication required");
// return;
// }
// }
// Route to appropriate handler
if (strcmp(method, "GET") == 0) {
@@ -153,6 +155,13 @@ void handle_admin_api_request(const char* method, const char* uri) {
} else if (strcmp(method, "PUT") == 0) {
if (strcmp(path, "/config") == 0) {
handle_config_put_api();
} else if (strncmp(path, "/config/", 8) == 0) {
const char* key = path + 8; // Skip "/config/"
if (strlen(key) > 0) {
handle_config_key_put_api(key);
} else {
send_json_error(400, "invalid_key", "Configuration key cannot be empty");
}
} else {
send_json_error(405, "method_not_allowed", "Method not allowed");
}
@@ -209,7 +218,7 @@ int verify_admin_pubkey(const char* event_pubkey) {
return 0;
}
const char* sql = "SELECT value FROM server_config WHERE key = 'admin_pubkey'";
const char* sql = "SELECT value FROM config WHERE key = 'admin_pubkey'";
rc = sqlite3_prepare_v2(db, sql, -1, &stmt, NULL);
if (rc == SQLITE_OK) {
rc = sqlite3_step(stmt);
@@ -236,7 +245,7 @@ int is_admin_enabled(void) {
return 0; // Default disabled if can't access DB
}
const char* sql = "SELECT value FROM server_config WHERE key = 'admin_enabled'";
const char* sql = "SELECT value FROM config WHERE key = 'admin_enabled'";
rc = sqlite3_prepare_v2(db, sql, -1, &stmt, NULL);
if (rc == SQLITE_OK) {
rc = sqlite3_step(stmt);
@@ -363,8 +372,8 @@ void handle_config_get_api(void) {
cJSON_AddStringToObject(response, "status", "success");
cJSON_AddItemToObject(response, "data", data);
// Query all server config settings
const char* sql = "SELECT key, value FROM server_config ORDER BY key";
// Query all config settings
const char* sql = "SELECT key, value FROM config ORDER BY key";
rc = sqlite3_prepare_v2(db, sql, -1, &stmt, NULL);
if (rc == SQLITE_OK) {
while (sqlite3_step(stmt) == SQLITE_ROW) {
@@ -438,7 +447,7 @@ void handle_config_put_api(void) {
cJSON* updated_keys = cJSON_CreateArray();
// Update each config value
const char* update_sql = "INSERT OR REPLACE INTO server_config (key, value) VALUES (?, ?)";
const char* update_sql = "INSERT OR REPLACE INTO config (key, value, updated_at) VALUES (?, ?, ?)";
cJSON* item = NULL;
cJSON_ArrayForEach(item, config_data) {
@@ -447,6 +456,7 @@ void handle_config_put_api(void) {
if (rc == SQLITE_OK) {
sqlite3_bind_text(stmt, 1, item->string, -1, SQLITE_STATIC);
sqlite3_bind_text(stmt, 2, cJSON_GetStringValue(item), -1, SQLITE_STATIC);
sqlite3_bind_int64(stmt, 3, time(NULL));
rc = sqlite3_step(stmt);
if (rc == SQLITE_DONE) {
@@ -471,6 +481,126 @@ void handle_config_put_api(void) {
send_json_response(200, response_str);
free(response_str);
cJSON_Delete(response);
// Force cache refresh after configuration update
nostr_request_validator_force_cache_refresh();
}
void handle_config_key_put_api(const char* key) {
if (!key || strlen(key) == 0) {
send_json_error(400, "invalid_key", "Configuration key cannot be empty");
return;
}
// Read request body
const char* content_length_str = getenv("CONTENT_LENGTH");
if (!content_length_str) {
send_json_error(411, "length_required", "Content-Length header required");
return;
}
long content_length = atol(content_length_str);
if (content_length <= 0 || content_length > 4096) {
send_json_error(400, "invalid_content_length", "Invalid content length");
return;
}
char* json_body = malloc(content_length + 1);
if (!json_body) {
send_json_error(500, "memory_error", "Failed to allocate memory");
return;
}
size_t bytes_read = fread(json_body, 1, content_length, stdin);
if (bytes_read != (size_t)content_length) {
free(json_body);
send_json_error(400, "incomplete_body", "Failed to read complete request body");
return;
}
json_body[content_length] = '\0';
// Parse JSON - expect {"value": "..."}
cJSON* request_data = cJSON_Parse(json_body);
if (!request_data) {
free(json_body);
send_json_error(400, "invalid_json", "Invalid JSON in request body");
return;
}
cJSON* value_item = cJSON_GetObjectItem(request_data, "value");
if (!cJSON_IsString(value_item)) {
free(json_body);
cJSON_Delete(request_data);
send_json_error(400, "missing_value", "Request must contain 'value' field");
return;
}
const char* value = cJSON_GetStringValue(value_item);
if (!value) {
free(json_body);
cJSON_Delete(request_data);
send_json_error(400, "invalid_value", "Value must be a string");
return;
}
// Make a safe copy of the value string BEFORE deleting cJSON object
char safe_value[256];
strncpy(safe_value, value, sizeof(safe_value) - 1);
safe_value[sizeof(safe_value) - 1] = '\0';
// Update database
sqlite3* db;
sqlite3_stmt* stmt;
int rc;
rc = sqlite3_open_v2(DB_PATH, &db, SQLITE_OPEN_READWRITE, NULL);
if (rc) {
free(json_body);
cJSON_Delete(request_data);
send_json_error(500, "database_error", "Failed to open database");
return;
}
// Update or insert the config value
const char* update_sql = "INSERT OR REPLACE INTO config (key, value, updated_at) VALUES (?, ?, ?)";
rc = sqlite3_prepare_v2(db, update_sql, -1, &stmt, NULL);
if (rc != SQLITE_OK) {
free(json_body);
cJSON_Delete(request_data);
sqlite3_close(db);
send_json_error(500, "database_error", "Failed to prepare update statement");
return;
}
sqlite3_bind_text(stmt, 1, key, -1, SQLITE_STATIC);
sqlite3_bind_text(stmt, 2, safe_value, -1, SQLITE_STATIC);
sqlite3_bind_int64(stmt, 3, time(NULL));
rc = sqlite3_step(stmt);
sqlite3_finalize(stmt);
sqlite3_close(db);
free(json_body);
cJSON_Delete(request_data);
if (rc != SQLITE_DONE) {
send_json_error(500, "database_error", "Failed to update configuration");
return;
}
cJSON* response = cJSON_CreateObject();
cJSON_AddStringToObject(response, "status", "success");
cJSON_AddStringToObject(response, "message", "Configuration updated successfully");
cJSON_AddStringToObject(response, "key", key);
cJSON_AddStringToObject(response, "value", safe_value);
char* response_str = cJSON_PrintUnformatted(response);
send_json_response(200, response_str);
free(response_str);
cJSON_Delete(response);
// Force cache refresh after configuration update
nostr_request_validator_force_cache_refresh();
}
void handle_files_api(void) {