MCorange/wings
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Support denying a JWT JTI via the API

Browse Source
This commit is contained in:
Dane Everitt 2020-11-03 21:01:50 -08:00
parent 65664b63e7
commit 08d1efb475
No known key found for this signature in database
GPG Key ID: EEA66103B3D71F53
2 changed files with 19 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
router/router.go
View File

@ -70,6 +70,7 @@ func Configure() *gin.Engine {
server.POST("/commands", postServerCommands) server.POST("/commands", postServerCommands)
server.POST("/install", postServerInstall) server.POST("/install", postServerInstall)
server.POST("/reinstall", postServerReinstall) server.POST("/reinstall", postServerReinstall)
server.POST("/ws/deny", postServerDenyWSTokens)
// This archive request causes the archive to start being created // This archive request causes the archive to start being created
// this should only be triggered by the panel. // this should only be triggered by the panel.

18
router/router_server.go
View File

@ -6,6 +6,7 @@ import (
"github.com/apex/log" "github.com/apex/log"
"github.com/gin-gonic/gin" "github.com/gin-gonic/gin"
"github.com/pkg/errors" "github.com/pkg/errors"
"github.com/pterodactyl/wings/router/tokens"
"github.com/pterodactyl/wings/server" "github.com/pterodactyl/wings/server"
"net/http" "net/http"
"os" "os"
@ -241,3 +242,20 @@ func deleteServer(c *gin.Context) {
c.Status(http.StatusNoContent) c.Status(http.StatusNoContent)
} }
// Adds any of the JTIs passed through in the body to the deny list for the websocket
// preventing any JWT generated before the current time from being used to connect to
// the socket or send along commands.
func postServerDenyWSTokens(c *gin.Context) {
var data struct{ JTIs []string `json:"jtis"` }
if err := c.BindJSON(&data); err != nil {
return
}
for _, jti := range data.JTIs {
tokens.DenyJTI(jti)
}
c.Status(http.StatusNoContent)
}