matty/peertube-plugin-livechat
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Protecting some APIs with an APIKEY.

Browse Source
This commit is contained in:
John Livingston
2021-05-05 17:06:19 +02:00
parent 787fed19d0
commit 6b77c3585d
4 changed files with 46 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
server/lib/prosody/config.ts
View File

@ -3,6 +3,7 @@ import * as path from 'path'
import { pluginName, getBaseRouter } from '../helpers'
import { ProsodyFilePaths } from './config/paths'
import { ProsodyConfigContent } from './config/content'
import { getAPIKey } from '../apikey'
async function getWorkingDir ({ peertubeHelpers, storageManager }: RegisterServerOptions): Promise<string> {
const logger = peertubeHelpers.logger
@ -94,11 +95,12 @@ async function getProsodyConfig (options: RegisterServerOptions): Promise<Prosod
const peertubeDomain = 'localhost'
const paths = await getProsodyFilePaths(options)
const apikey = await getAPIKey(options)
const baseApiUrl = options.peertubeHelpers.config.getWebserverUrl() +
getBaseRouter() +
'api/'
const authApiUrl = baseApiUrl + 'user'
const roomApiUrl = baseApiUrl + 'room?jid={room.jid|jid_node}'
const authApiUrl = baseApiUrl + 'user' // FIXME: should be protected by apikey, but mod_auth_http cant handle params
const roomApiUrl = baseApiUrl + 'room?apikey=' + apikey + '&jid={room.jid|jid_node}'
const config = new ProsodyConfigContent(paths)
config.useHttpAuthentication(authApiUrl)