diff options
| author | Clar Fon <15850505+clarfonthey@users.noreply.github.com> | 2022-10-01 13:26:33 -0400 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2022-10-02 01:26:33 +0800 |
| commit | 3d10193be2b4476d1d0d3249a9884fcc0faa64e5 (patch) | |
| tree | a94e7a09e276682f28955fcaa515d9a096254df4 /routers/private | |
| parent | 04e97b83115e7439d43c0ede5fe2d1b50d201c52 (diff) | |
| download | gitea-3d10193be2b4476d1d0d3249a9884fcc0faa64e5.tar.gz gitea-3d10193be2b4476d1d0d3249a9884fcc0faa64e5.zip | |
Allow specifying SECRET_KEY_URI, similar to INTERNAL_TOKEN_URI (#19663)
Only load SECRET_KEY and INTERNAL_TOKEN if they exist.
Never write the config file if the keys do not exist, which was only a fallback for Gitea upgraded from < 1.5
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
Diffstat (limited to 'routers/private')
| -rw-r--r-- | routers/private/internal.go | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/routers/private/internal.go b/routers/private/internal.go index 061c7f3c82..e9cc20a77d 100644 --- a/routers/private/internal.go +++ b/routers/private/internal.go @@ -24,6 +24,11 @@ func CheckInternalToken(next http.Handler) http.Handler { return http.HandlerFunc(func(w http.ResponseWriter, req *http.Request) { tokens := req.Header.Get("Authorization") fields := strings.SplitN(tokens, " ", 2) + if setting.InternalToken == "" { + log.Warn(`The INTERNAL_TOKEN setting is missing from the configuration file: %q, internal API can't work.`, setting.CustomConf) + http.Error(w, http.StatusText(http.StatusForbidden), http.StatusForbidden) + return + } if len(fields) != 2 || fields[0] != "Bearer" || fields[1] != setting.InternalToken { log.Debug("Forbidden attempt to access internal url: Authorization header: %s", tokens) http.Error(w, http.StatusText(http.StatusForbidden), http.StatusForbidden) |