aunix/ZLMediaKit
1
0
Fork 0
mirror of https://gitee.com/xia-chu/ZLMediaKit.git synced 2026-06-24 15:47:49 +08:00
Code Issues Actions Packages Projects Releases Wiki Activity

Restore secret requirement for HTTP API auth

Browse Source
This commit is contained in:
YuLi 2026-06-13 01:38:44 -07:00
parent 0f704cca47
commit 899ab77bb0
1 changed files with 3 additions and 25 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

28
server/WebApi.cpp
View File

@ -741,31 +741,9 @@ void check_secret(toolkit::SockInfo &sender, mediakit::HttpSession::KeyValue &he
throw AuthException("Your ip is not allowed to access the service."); throw AuthException("Your ip is not allowed to access the service.");
} }
try { CHECK_ARGS("secret");
auto logined_cookie = HttpCookieManager::Instance().getCookie(kLoginedCookieName, allArgs.getParser().getHeader()); if (api_secret != allArgs["secret"]) {
if (!logined_cookie) { throw AuthException("Incorrect secret");
auto unlogin_cookie = HttpCookieManager::Instance().getCookie(kUnLoginCookieName, allArgs.getParser().getHeader());
if (!unlogin_cookie) {
unlogin_cookie = HttpCookieManager::Instance().addCookie(kUnLoginCookieName, "", kUnLoginCookieLifeSeconds);
headerOut["Set-Cookie"] = unlogin_cookie->getCookie(kLoginCookiePath);
}
val["cookie"] = unlogin_cookie->getCookie();
throw AuthException("Please login first", headerOut, val);
}
// 优先cookie登陆鉴权
} catch (...) {
try {
// cookie登陆鉴权失败了再比对secret
CHECK_ARGS("secret");
if (api_secret != allArgs["secret"]) {
throw AuthException("Incorrect secret");
}
return;
} catch (...) {
// 未提供secret或secret不匹配这个异常隐藏
}
// secret鉴权模式失败抛出要求cookie登录的异常
throw;
} }
} }