hrfee
/
jfa-go
mirror of https://github.com/hrfee/jfa-go.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

dont re-b64 the jwt 

pointless, and messed up swagger auth.
This commit is contained in:
Harvey Tindall 2020-11-12 21:25:52 +00:00
parent d64e98da37
commit b6f3cd7c1f
Signed by: hrfee
GPG Key ID: BBC65952848FB1A2
2 changed files with 5 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
auth.go
View File

@ -51,8 +51,7 @@ func (app *appContext) authenticate(gc *gin.Context) {
respond(401, "Unauthorized", gc)
return
}
creds, _ := base64.StdEncoding.DecodeString(header[1])
token, err := jwt.Parse(string(creds), checkToken)
token, err := jwt.Parse(string(header[1]), checkToken)
if err != nil {
app.debug.Printf("Auth denied: %s", err)
respond(401, "Unauthorized", gc)
@ -103,7 +102,7 @@ type getTokenDTO struct {
}
// @Summary Grabs an API token using username & password.
// @description Click the lock icon next to this, login with your normal jfa-go credentials. Click 'try it out', then 'execute' and an API Key will be returned, copy it (not including quotes). On any of the other routes, click the lock icon and set the API key as "Bearer <your api key>".
// @description Click the lock icon next to this, login with your normal jfa-go credentials. Click 'try it out', then 'execute' and an API Key will be returned, copy it (not including quotes). On any of the other routes, click the lock icon and set the API key as "Bearer `your api key`".
// @Produce json
// @Success 200 {object} getTokenDTO
// @Failure 401 {object} stringResponse

6
ts/modules/common.ts
View File

@ -48,7 +48,7 @@ export const _get = (url: string, data: Object, onreadystatechange: () => void):
let req = new XMLHttpRequest();
req.open("GET", url, true);
req.responseType = 'json';
req.setRequestHeader("Authorization", "Bearer " + btoa(window.token));
req.setRequestHeader("Authorization", "Bearer " + window.token);
req.setRequestHeader('Content-Type', 'application/json; charset=UTF-8');
req.onreadystatechange = onreadystatechange;
req.send(JSON.stringify(data));
@ -60,7 +60,7 @@ export const _post = (url: string, data: Object, onreadystatechange: () => void,
if (response) {
req.responseType = 'json';
}
req.setRequestHeader("Authorization", "Bearer " + btoa(window.token));
req.setRequestHeader("Authorization", "Bearer " + window.token);
req.setRequestHeader('Content-Type', 'application/json; charset=UTF-8');
req.onreadystatechange = onreadystatechange;
req.send(JSON.stringify(data));
@ -69,7 +69,7 @@ export const _post = (url: string, data: Object, onreadystatechange: () => void,
export function _delete(url: string, data: Object, onreadystatechange: () => void): void {
let req = new XMLHttpRequest();
req.open("DELETE", url, true);
req.setRequestHeader("Authorization", "Bearer " + btoa(window.token));
req.setRequestHeader("Authorization", "Bearer " + window.token);
req.setRequestHeader('Content-Type', 'application/json; charset=UTF-8');
req.onreadystatechange = onreadystatechange;
req.send(JSON.stringify(data));