laantungir/ginxsom
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

v0.0.14 - Still working on commenting out old code and deleting

Browse Source
This commit is contained in:
Your Name
2025-09-11 07:48:33 -04:00
parent cafaa2f2e2
commit e1741fb1fc
10 changed files with 225 additions and 22 deletions
Download Patch File Download Diff File Expand all files Collapse all files

27
src/admin_api.c
View File

@@ -15,7 +15,7 @@
#define DB_PATH "db/ginxsom.db"
// Function declarations (moved from admin_api.h)
void handle_admin_api_request(const char* method, const char* uri);
void handle_admin_api_request(const char* method, const char* uri, const char* validated_pubkey, int is_authenticated);
void handle_stats_api(void);
void handle_config_get_api(void);
void handle_config_put_api(void);
@@ -120,7 +120,7 @@ static const char* admin_mime_to_extension(const char* mime_type) {
}
// Main API request handler
void handle_admin_api_request(const char* method, const char* uri) {
void handle_admin_api_request(const char* method, const char* uri, const char* validated_pubkey, int is_authenticated) {
const char* path = uri + 4; // Skip "/api"
// Check if admin interface is enabled
@@ -129,15 +129,20 @@ void handle_admin_api_request(const char* method, const char* uri) {
return;
}
// TODO: Re-enable authentication later
// Authentication temporarily disabled for testing
// if (strcmp(path, "/health") != 0) {
// const char* auth_header = getenv("HTTP_AUTHORIZATION");
// if (!authenticate_admin_request(auth_header)) {
// send_json_error(401, "admin_auth_required", "Valid admin authentication required");
// return;
// }
// }
// Authentication now handled by centralized validation system
// Health endpoint is exempt from authentication requirement
if (strcmp(path, "/health") != 0) {
if (!is_authenticated || !validated_pubkey) {
send_json_error(401, "admin_auth_required", "Valid admin authentication required");
return;
}
// Verify the authenticated pubkey has admin privileges
if (!verify_admin_pubkey(validated_pubkey)) {
send_json_error(403, "admin_forbidden", "Admin privileges required");
return;
}
}
// Route to appropriate handler
if (strcmp(method, "GET") == 0) {