apps/core
1
0
Fork 0
mirror of https://github.com/datarhei/core.git synced 2025-10-06 08:27:08 +08:00
Code Issues Packages Projects Releases Wiki Activity

Fix basic auth, disable localhost, replace template func

Browse Source
This commit is contained in:
Ingo Oppermann
2023-02-17 17:27:39 +01:00
parent 2df83c8032
commit 8215c20ae6
6 changed files with 118 additions and 52 deletions
Download Patch File Download Diff File Expand all files Collapse all files

49
app/api/api.go
View File

@@ -459,11 +459,11 @@ func (a *api) start() error {
iam.AddPolicy("$anon", "$none", "process:*", "ANY")
iam.AddPolicy("$localhost", "$none", "api:/api/**", "ANY")
iam.AddPolicy("$localhost", "$none", "process:*", "ANY")
}
if cfg.API.Auth.DisableLocalhost {
iam.AddPolicy("$localhost", "$none", "api:/api/**", "ANY")
iam.AddPolicy("$localhost", "$none", "process:*", "ANY")
} else {
if cfg.API.Auth.DisableLocalhost {
iam.AddPolicy("$localhost", "$none", "api:/api/**", "ANY")
iam.AddPolicy("$localhost", "$none", "process:*", "ANY")
}
}
if !cfg.Storage.Memory.Auth.Enable {
@@ -471,11 +471,11 @@ func (a *api) start() error {
}
if cfg.RTMP.Enable && len(cfg.RTMP.Token) == 0 {
iam.AddPolicy("$anon", "$none", "rtmp:/**", "PUBLISH|PLAY")
iam.AddPolicy("$anon", "$none", "rtmp:/**", "ANY")
}
if cfg.SRT.Enable && len(cfg.SRT.Token) == 0 {
iam.AddPolicy("$anon", "$none", "srt:**", "PUBLISH|PLAY")
iam.AddPolicy("$anon", "$none", "srt:**", "ANY")
}
a.iam = iam
@@ -669,7 +669,15 @@ func (a *api) start() error {
}
template += "/{name}"
if identity, _ := a.iam.GetIdentity(config.Owner); identity != nil {
var identity iam.IdentityVerifier = nil
if len(config.Owner) == 0 {
identity, _ = a.iam.GetDefaultIdentity()
} else {
identity, _ = a.iam.GetIdentity(config.Owner)
}
if identity != nil {
template += "/" + identity.GetServiceToken()
}
@@ -687,7 +695,15 @@ func (a *api) start() error {
template += ",mode:publish"
}
if identity, _ := a.iam.GetIdentity(config.Owner); identity != nil {
var identity iam.IdentityVerifier = nil
if len(config.Owner) == 0 {
identity, _ = a.iam.GetDefaultIdentity()
} else {
identity, _ = a.iam.GetIdentity(config.Owner)
}
if identity != nil {
template += ",token:" + identity.GetServiceToken()
}
@@ -1102,13 +1118,14 @@ func (a *api) start() error {
Cors: http.CorsConfig{
Origins: cfg.Storage.CORS.Origins,
},
RTMP: a.rtmpserver,
SRT: a.srtserver,
Config: a.config.store,
Sessions: a.sessions,
Router: router,
ReadOnly: cfg.API.ReadOnly,
IAM: a.iam,
RTMP: a.rtmpserver,
SRT: a.srtserver,
Config: a.config.store,
Sessions: a.sessions,
Router: router,
ReadOnly: cfg.API.ReadOnly,
IAM: a.iam,
IAMDisableLocalhost: cfg.API.Auth.DisableLocalhost,
}
mainserverhandler, err := http.NewServer(serverConfig)