Include API port access authentication

This commit is contained in:
cryptoguard 2025-04-01 14:55:33 -04:00
parent 01b97b6967
commit 0a706df907

View file

@ -641,11 +641,16 @@ class HttpHandler(BaseHTTPRequestHandler):
url_split = parsed.path.split("/")
page = url_split[1] if len(url_split) > 1 else ""
exempt_pages = ["login", "static", "json", "error", "info"]
exempt_pages = ["login", "static", "error", "info"]
if page not in exempt_pages:
if not self.is_authenticated():
self.send_response(302)
self.send_header("Location", "/login")
if page == "json":
self.putHeaders(401, "application/json")
self.wfile.write(json.dumps({"error": "Unauthorized"}).encode("utf-8"))
return
else:
self.send_response(302)
self.send_header("Location", "/login")
clear_cookie_header = self._clear_session_cookie()
self.send_header(clear_cookie_header[0], clear_cookie_header[1])
self.end_headers()