mirror of
https://gitea.phreedom.club/localhost_frssoft/bloat.git
synced 2024-12-22 11:23:33 +02:00
Restrict instance domain in single_instance mode
This commit is contained in:
parent
ad38855261
commit
e50f12b615
2 changed files with 7 additions and 3 deletions
|
@ -4,6 +4,7 @@ import (
|
|||
"context"
|
||||
"encoding/base64"
|
||||
"encoding/json"
|
||||
"errors"
|
||||
"net/http"
|
||||
"strings"
|
||||
"time"
|
||||
|
@ -68,7 +69,7 @@ func (c *client) redirect(url string) {
|
|||
c.w.WriteHeader(http.StatusFound)
|
||||
}
|
||||
|
||||
func (c *client) authenticate(t int) (err error) {
|
||||
func (c *client) authenticate(t int, instance string) (err error) {
|
||||
csrf := c.r.FormValue("csrf_token")
|
||||
ref := c.r.URL.RequestURI()
|
||||
defer func() {
|
||||
|
@ -98,6 +99,9 @@ func (c *client) authenticate(t int) (err error) {
|
|||
return err
|
||||
}
|
||||
c.s = sess
|
||||
if len(instance) > 0 && c.s.Instance != instance {
|
||||
return errors.New("invalid instance")
|
||||
}
|
||||
c.Client = mastodon.NewClient(&mastodon.Config{
|
||||
Server: "https://" + c.s.Instance,
|
||||
ClientID: c.s.ClientID,
|
||||
|
|
|
@ -64,7 +64,7 @@ func NewHandler(s *service, verbose bool, staticDir string) http.Handler {
|
|||
}
|
||||
c.w.Header().Add("Content-Type", ct)
|
||||
|
||||
err = c.authenticate(at)
|
||||
err = c.authenticate(at, s.instance)
|
||||
if err != nil {
|
||||
writeError(c, err, rt, req.Method == http.MethodGet)
|
||||
return
|
||||
|
@ -79,7 +79,7 @@ func NewHandler(s *service, verbose bool, staticDir string) http.Handler {
|
|||
}
|
||||
|
||||
rootPage := handle(func(c *client) error {
|
||||
err := c.authenticate(SESSION)
|
||||
err := c.authenticate(SESSION, "")
|
||||
if err != nil {
|
||||
if err == errInvalidSession {
|
||||
c.redirect("/signin")
|
||||
|
|
Loading…
Reference in a new issue