Support denying a JWT JTI via the API
This commit is contained in:
parent
65664b63e7
commit
08d1efb475
|
@ -70,6 +70,7 @@ func Configure() *gin.Engine {
|
|||
server.POST("/commands", postServerCommands)
|
||||
server.POST("/install", postServerInstall)
|
||||
server.POST("/reinstall", postServerReinstall)
|
||||
server.POST("/ws/deny", postServerDenyWSTokens)
|
||||
|
||||
// This archive request causes the archive to start being created
|
||||
// this should only be triggered by the panel.
|
||||
|
|
|
@ -6,6 +6,7 @@ import (
|
|||
"github.com/apex/log"
|
||||
"github.com/gin-gonic/gin"
|
||||
"github.com/pkg/errors"
|
||||
"github.com/pterodactyl/wings/router/tokens"
|
||||
"github.com/pterodactyl/wings/server"
|
||||
"net/http"
|
||||
"os"
|
||||
|
@ -241,3 +242,20 @@ func deleteServer(c *gin.Context) {
|
|||
|
||||
c.Status(http.StatusNoContent)
|
||||
}
|
||||
|
||||
// Adds any of the JTIs passed through in the body to the deny list for the websocket
|
||||
// preventing any JWT generated before the current time from being used to connect to
|
||||
// the socket or send along commands.
|
||||
func postServerDenyWSTokens(c *gin.Context) {
|
||||
var data struct{ JTIs []string `json:"jtis"` }
|
||||
|
||||
if err := c.BindJSON(&data); err != nil {
|
||||
return
|
||||
}
|
||||
|
||||
for _, jti := range data.JTIs {
|
||||
tokens.DenyJTI(jti)
|
||||
}
|
||||
|
||||
c.Status(http.StatusNoContent)
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue
Block a user