Check for server existence when connecting to a websocket

This commit is contained in:
Dane Everitt 2020-05-03 21:30:07 -07:00
parent 7f93e5f9d5
commit fab489d264
No known key found for this signature in database
GPG Key ID: EEA66103B3D71F53
2 changed files with 3 additions and 3 deletions

View File

@ -58,7 +58,7 @@ func ServerExists(c *gin.Context) {
u, err := uuid.Parse(c.Param("server")) u, err := uuid.Parse(c.Param("server"))
if err != nil || GetServer(u.String()) == nil { if err != nil || GetServer(u.String()) == nil {
c.AbortWithStatusJSON(http.StatusNotFound, gin.H{ c.AbortWithStatusJSON(http.StatusNotFound, gin.H{
"error": "The requested server does not exist.", "error": "The resource you requested does not exist.",
}) })
return return
} }

View File

@ -20,12 +20,12 @@ func Configure() *gin.Engine {
// This route is special it sits above all of the other requests because we are // This route is special it sits above all of the other requests because we are
// using a JWT to authorize access to it, therefore it needs to be publicly // using a JWT to authorize access to it, therefore it needs to be publicly
// accessible. // accessible.
router.GET("/api/servers/:server/ws", getServerWebsocket) router.GET("/api/servers/:server/ws", ServerExists, getServerWebsocket)
// This request is called by another daemon when a server is going to be transferred out. // This request is called by another daemon when a server is going to be transferred out.
// This request does not need the AuthorizationMiddleware as the panel should never call it // This request does not need the AuthorizationMiddleware as the panel should never call it
// and requests are authenticated through a JWT the panel issues to the other daemon. // and requests are authenticated through a JWT the panel issues to the other daemon.
router.GET("/api/servers/:server/archive", getServerArchive) router.GET("/api/servers/:server/archive", ServerExists, getServerArchive)
// All of the routes beyond this mount will use an authorization middleware // All of the routes beyond this mount will use an authorization middleware
// and will not be accessible without the correct Authorization header provided. // and will not be accessible without the correct Authorization header provided.