code002lover/IPost
1
0
Fork 0
Code Issues Pull Requests 1 Packages Projects Releases Wiki Activity

add a config for an api endpoint

Browse Source 
to decide if `getotheruser` should be allowed to be called without a 
cookie
This commit is contained in:
Mystikfluu 2022-06-21 23:21:58 +02:00
parent 3cf533cc0a
commit 285c31d58b
2 changed files with 12 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
server.js
View File

@ -365,8 +365,19 @@ router.options("/api/post",async function(req,res,next) {
res.status(200).send("") res.status(200).send("")
}) })
router.options("/api/getotheruser",async function(req,res,next) {
res.set("Access-Control-Allow-Origin","*") //we'll allow it for now
res.set("Access-Control-Allow-Methods","GET")
res.set("Access-Control-Allow-Headers","Content-Type")
res.status(200).send("")
})
router.use("/api/*",async function(req,res,next) { router.use("/api/*",async function(req,res,next) {
res.set("Access-Control-Allow-Origin","*") //we'll allow it for now res.set("Access-Control-Allow-Origin","*") //we'll allow it for now
if(config["allow_getotheruser_without_cookie"] && req.url == "/api/getotheruser") {
next()
return
}
if(!increaseAPICall(req,res))return; if(!increaseAPICall(req,res))return;
let unsigned; let unsigned;
if(req.body.user == undefined || req.body.pass == undefined) { if(req.body.user == undefined || req.body.pass == undefined) {

1
server_config.json
View File

@ -1,4 +1,5 @@
{ {
"allow_getotheruser_without_cookie": true,
"mysql": { "mysql": {
"connections":1000, "connections":1000,
"host":"localhost", "host":"localhost",