Update API endpoints and handlers

2025-09-09 13:54:52 +00:00 · 2020-12-31 00:00:48 +01:00 · 2020-12-31 00:00:48 +01:00 · 72c7592cdd
commit 72c7592cdd
parent 3d2cbdd4e6
7 changed files with 182 additions and 72 deletions
--- a/firewall/api.go
+++ b/firewall/api.go
@ -59,21 +59,24 @@ func startAPIAuth() {
 	log.Tracef("filter: api port set to %d", apiPort)
 }

-func apiAuthenticator(ctx context.Context, s *http.Server, r *http.Request) (err error) {
+func apiAuthenticator(ctx context.Context, s *http.Server, r *http.Request) (token *api.AuthToken, err error) {
 	if devMode() {
-		return nil
+		return &api.AuthToken{
+			Read:  api.PermitSelf,
+			Write: api.PermitSelf,
+		}, nil
 	}

 	// get local IP/Port
 	localIP, localPort, err := parseHostPort(s.Addr)
 	if err != nil {
-		return fmt.Errorf("failed to get local IP/Port: %s", err)
+		return nil, fmt.Errorf("failed to get local IP/Port: %s", err)
 	}

 	// get remote IP/Port
 	remoteIP, remotePort, err := parseHostPort(r.RemoteAddr)
 	if err != nil {
-		return fmt.Errorf("failed to get remote IP/Port: %s", err)
+		return nil, fmt.Errorf("failed to get remote IP/Port: %s", err)
 	}

 	log.Tracer(r.Context()).Tracef("filter: authenticating API request from %s", r.RemoteAddr)
@ -94,14 +97,20 @@ func apiAuthenticator(ctx context.Context, s *http.Server, r *http.Request) (err
 			},
 		)
 		if !retry {
-			return err
+			break
 		}

 		// wait a little
 		time.Sleep(250 * time.Millisecond)
 	}
+	if err != nil {
+		return nil, err
+	}

-	return err
+	return &api.AuthToken{
+		Read:  api.PermitSelf,
+		Write: api.PermitSelf,
+	}, nil
 }

 func authenticateAPIRequest(ctx context.Context, pktInfo *packet.Info) (retry bool, err error) {