mirror of
https://github.com/umami-software/umami.git
synced 2026-02-10 15:47:13 +01:00
Added checks for CLOUD_MODE.
This commit is contained in:
Mike Cao
parent
5657a64c77
commit
3ac560dc0f
24 changed files with 175 additions and 60 deletions
|
|
@ -8,9 +8,9 @@ import {
|
|||
getRandomChars,
|
||||
} from 'next-basics';
|
||||
import redis from '@umami/redis-client';
|
||||
import { getUser, User } from 'queries';
|
||||
import { getUser } from 'queries';
|
||||
import { secret } from 'lib/crypto';
|
||||
import { NextApiRequestQueryBody } from 'lib/types';
|
||||
import { NextApiRequestQueryBody, User } from 'lib/types';
|
||||
import { NextApiResponse } from 'next';
|
||||
|
||||
export interface LoginRequestBody {
|
||||
|
|
|
|||
|
|
@ -7,6 +7,7 @@ export interface ConfigResponse {
|
|||
updatesDisabled: boolean;
|
||||
telemetryDisabled: boolean;
|
||||
adminDisabled: boolean;
|
||||
cloudMode: boolean;
|
||||
}
|
||||
|
||||
export default async (req: NextApiRequest, res: NextApiResponse<ConfigResponse>) => {
|
||||
|
|
@ -17,6 +18,7 @@ export default async (req: NextApiRequest, res: NextApiResponse<ConfigResponse>)
|
|||
updatesDisabled: !!process.env.DISABLE_UPDATES,
|
||||
telemetryDisabled: !!process.env.DISABLE_TELEMETRY,
|
||||
adminDisabled: !!process.env.DISABLE_ADMIN,
|
||||
cloudMode: true, //!!process.env.CLOUD_MODE,
|
||||
});
|
||||
}
|
||||
|
||||
|
|
|
|||
13
pages/api/me/index.ts
Normal file
13
pages/api/me/index.ts
Normal file
|
|
@ -0,0 +1,13 @@
|
|||
import { NextApiResponse } from 'next';
|
||||
import { useAuth } from 'lib/middleware';
|
||||
import { NextApiRequestQueryBody, User } from 'lib/types';
|
||||
import { ok } from 'next-basics';
|
||||
|
||||
export default async (
|
||||
req: NextApiRequestQueryBody<unknown, unknown>,
|
||||
res: NextApiResponse<User>,
|
||||
) => {
|
||||
await useAuth(req, res);
|
||||
|
||||
return ok(res, req.auth.user);
|
||||
};
|
||||
|
|
@ -1,4 +1,4 @@
|
|||
import { NextApiRequestQueryBody } from 'lib/types';
|
||||
import { NextApiRequestQueryBody, User } from 'lib/types';
|
||||
import { canUpdateUser } from 'lib/auth';
|
||||
import { useAuth } from 'lib/middleware';
|
||||
import { NextApiResponse } from 'next';
|
||||
|
|
@ -7,10 +7,11 @@ import {
|
|||
checkPassword,
|
||||
hashPassword,
|
||||
methodNotAllowed,
|
||||
forbidden,
|
||||
ok,
|
||||
unauthorized,
|
||||
} from 'next-basics';
|
||||
import { getUser, updateUser, User } from 'queries';
|
||||
import { getUser, updateUser } from 'queries';
|
||||
|
||||
export interface UserPasswordRequestQuery {
|
||||
id: string;
|
||||
|
|
@ -25,6 +26,10 @@ export default async (
|
|||
req: NextApiRequestQueryBody<UserPasswordRequestQuery, UserPasswordRequestBody>,
|
||||
res: NextApiResponse<User>,
|
||||
) => {
|
||||
if (process.env.CLOUD_MODE) {
|
||||
return forbidden(res);
|
||||
}
|
||||
|
||||
await useAuth(req, res);
|
||||
|
||||
const { currentPassword, newPassword } = req.body;
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue