Martchus
/
syncthing
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

lib/api: Add /rest/noauth/health health-check (fixes #8430) (#8585)

This commit is contained in:
Eric P 2022-10-06 21:28:49 +02:00 committed by GitHub
parent c791dba392
commit 7a402409f1
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 18 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
lib/api/api.go
View File

@ -258,6 +258,7 @@ func (s *service) Serve(ctx context.Context) error {
restMux.HandlerFunc(http.MethodGet, "/rest/folder/pullerrors", s.getFolderErrors) // folder (deprecated)
restMux.HandlerFunc(http.MethodGet, "/rest/events", s.getIndexEvents) // [since] [limit] [timeout] [events]
restMux.HandlerFunc(http.MethodGet, "/rest/events/disk", s.getDiskEvents) // [since] [limit] [timeout]
restMux.HandlerFunc(http.MethodGet, "/rest/noauth/health", s.getHealth) // -
restMux.HandlerFunc(http.MethodGet, "/rest/stats/device", s.getDeviceStats) // -
restMux.HandlerFunc(http.MethodGet, "/rest/stats/folder", s.getFolderStats) // -
restMux.HandlerFunc(http.MethodGet, "/rest/svc/deviceid", s.getDeviceID) // id
@ -1565,6 +1566,10 @@ func (s *service) postDBPrio(w http.ResponseWriter, r *http.Request) {
s.getDBNeed(w, r)
}
func (*service) getHealth(w http.ResponseWriter, _ *http.Request) {
sendJSON(w, map[string]string{"status": "OK"})
}
func (*service) getQR(w http.ResponseWriter, r *http.Request) {
var qs = r.URL.Query()
var text = qs.Get("text")

6
lib/api/api_auth.go
View File

@ -44,6 +44,12 @@ func basicAuthAndSessionMiddleware(cookieName string, guiCfg config.GUIConfigura
return
}
// Exception for REST calls that don't require authentication.
if strings.HasPrefix(r.URL.Path, "/rest/noauth") {
next.ServeHTTP(w, r)
return
}
cookie, err := r.Cookie(cookieName)
if err == nil && cookie != nil {
sessionsMut.Lock()

7
lib/api/api_csrf.go
View File

@ -74,6 +74,13 @@ func (m *csrfManager) ServeHTTP(w http.ResponseWriter, r *http.Request) {
return
}
if strings.HasPrefix(r.URL.Path, "/rest/noauth") {
// REST calls that don't require authentication also do not
// need a CSRF token.
m.next.ServeHTTP(w, r)
return
}
// Allow requests for anything not under the protected path prefix,
// and set a CSRF cookie if there isn't already a valid one.
if !strings.HasPrefix(r.URL.Path, m.prefix) {