From fab489d2649c8230be5c4b259a6ffd96944037a1 Mon Sep 17 00:00:00 2001 From: Dane Everitt Date: Sun, 3 May 2020 21:30:07 -0700 Subject: [PATCH] Check for server existence when connecting to a websocket --- router/middleware.go | 2 +- router/router.go | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/router/middleware.go b/router/middleware.go index 9aad61c..45c50f8 100644 --- a/router/middleware.go +++ b/router/middleware.go @@ -58,7 +58,7 @@ func ServerExists(c *gin.Context) { u, err := uuid.Parse(c.Param("server")) if err != nil || GetServer(u.String()) == nil { c.AbortWithStatusJSON(http.StatusNotFound, gin.H{ - "error": "The requested server does not exist.", + "error": "The resource you requested does not exist.", }) return } diff --git a/router/router.go b/router/router.go index 93af8b2..99d9d1f 100644 --- a/router/router.go +++ b/router/router.go @@ -20,12 +20,12 @@ func Configure() *gin.Engine { // This route is special it sits above all of the other requests because we are // using a JWT to authorize access to it, therefore it needs to be publicly // accessible. - router.GET("/api/servers/:server/ws", getServerWebsocket) + router.GET("/api/servers/:server/ws", ServerExists, getServerWebsocket) // This request is called by another daemon when a server is going to be transferred out. // This request does not need the AuthorizationMiddleware as the panel should never call it // and requests are authenticated through a JWT the panel issues to the other daemon. - router.GET("/api/servers/:server/archive", getServerArchive) + router.GET("/api/servers/:server/archive", ServerExists, getServerArchive) // All of the routes beyond this mount will use an authorization middleware // and will not be accessible without the correct Authorization header provided.