diff options
author | vantezzen <hello@vantezzen.io> | 2019-10-14 18:04:25 +0200 |
---|---|---|
committer | vantezzen <hello@vantezzen.io> | 2019-10-14 18:04:25 +0200 |
commit | 5730de199a85ef735c3df7a37a755be0cadfb9f9 (patch) | |
tree | 96c87cee639f77fef2d6ac23e728815f4b20b652 /src/server | |
parent | Develop internal server (diff) | |
download | ferdium-app-5730de199a85ef735c3df7a37a755be0cadfb9f9.tar.gz ferdium-app-5730de199a85ef735c3df7a37a755be0cadfb9f9.tar.zst ferdium-app-5730de199a85ef735c3df7a37a755be0cadfb9f9.zip |
Only allow Ferdi clients to connect
Diffstat (limited to 'src/server')
-rw-r--r-- | src/server/start/routes.js | 13 |
1 files changed, 11 insertions, 2 deletions
diff --git a/src/server/start/routes.js b/src/server/start/routes.js index ec2e79a7c..d2ddfbd38 100644 --- a/src/server/start/routes.js +++ b/src/server/start/routes.js | |||
@@ -10,13 +10,22 @@ | |||
10 | const Route = use('Route'); | 10 | const Route = use('Route'); |
11 | const Env = use('Env'); | 11 | const Env = use('Env'); |
12 | 12 | ||
13 | const OnlyAllowFerdi = async ({ request, response }, next) => { | ||
14 | const user = request.header('User-Agent'); | ||
15 | if (!/Ferdi\/\d(\.\d){2}/g.test(user)) { | ||
16 | return response.status(403).redirect('/'); | ||
17 | } | ||
18 | |||
19 | await next() | ||
20 | }; | ||
21 | |||
13 | // Health: Returning if all systems function correctly | 22 | // Health: Returning if all systems function correctly |
14 | Route.get('health', ({ | 23 | Route.get('health', ({ |
15 | response, | 24 | response, |
16 | }) => response.send({ | 25 | }) => response.send({ |
17 | api: 'success', | 26 | api: 'success', |
18 | db: 'success', | 27 | db: 'success', |
19 | })); | 28 | })).middleware(OnlyAllowFerdi); |
20 | 29 | ||
21 | // API is grouped under '/v1/' route | 30 | // API is grouped under '/v1/' route |
22 | Route.group(() => { | 31 | Route.group(() => { |
@@ -55,7 +64,7 @@ Route.group(() => { | |||
55 | Route.get('news', 'StaticController.emptyArray'); | 64 | Route.get('news', 'StaticController.emptyArray'); |
56 | Route.get('payment/plans', 'StaticController.plans'); | 65 | Route.get('payment/plans', 'StaticController.plans'); |
57 | Route.get('announcements/:version', 'StaticController.announcement'); | 66 | Route.get('announcements/:version', 'StaticController.announcement'); |
58 | }).prefix('v1'); | 67 | }).prefix('v1').middleware(OnlyAllowFerdi); |
59 | 68 | ||
60 | // Franz account import | 69 | // Franz account import |
61 | Route.post('import', 'UserController.import'); | 70 | Route.post('import', 'UserController.import'); |