admin/raven
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Browse Source
This commit is contained in:
John Cardinal
2020-05-17 20:46:30 +00:00
parent 5c4aa0b5d5
commit 2292342d8e
2 changed files with 1 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
devdocs/todo.txt
View File

@@ -1,8 +1,6 @@
PRIORITY - ALWAYS Lowest level stuff first PRIORITY - ALWAYS Lowest level stuff first
=-=-=-=- =-=-=-=-
todo: auth controller authenticate wont allow if old jwt sent with request, should ignore on auth
todo: API root controller todo: API root controller
build mode and server info should be authorized shoudln't they? Unauthorized people have no need to see that stuff build mode and server info should be authorized shoudln't they? Unauthorized people have no need to see that stuff
todo: api / server landing page is shitty on a mobile todo: api / server landing page is shitty on a mobile

2
server/AyaNova/Startup.cs
View File

@@ -398,7 +398,7 @@ namespace AyaNova
context.Request.HttpContext.Items["AY_TRANSLATION_ID"] = u.translationId; context.Request.HttpContext.Items["AY_TRANSLATION_ID"] = u.translationId;
//CHECK JWT //CHECK JWT
if (!context.Request.Path.Value.EndsWith("/Auth") && u.currentAuthToken != JWT)//except "/api/v8/Auth" so user can login May need other routes later? if (!context.Request.Path.Value.EndsWith("/auth") && u.currentAuthToken != JWT)//except "/api/v8/auth" so user can login
{ {
context.Response.StatusCode = 401; context.Response.StatusCode = 401;
context.Response.Headers.Add("X-AyaNova-Authorization-Error", "E2006 - Authorization token replaced by more recent login"); context.Response.Headers.Add("X-AyaNova-Authorization-Error", "E2006 - Authorization token replaced by more recent login");