overdid it with the image upload auth, making it a regular upload

2021-08-02 15:34:21 -07:00 · 2021-08-02 15:34:21 -07:00 · b3c47d6721
commit b3c47d6721
parent cad32ace74
4 changed files with 27 additions and 22 deletions
--- a/brain/controller/APIControl.inc.php
+++ b/brain/controller/APIControl.inc.php
@ -188,21 +188,30 @@ class APIControl

        break;
      case "settings":
-        $token = $request->getHeader("fipamo-access-token");
-        if (Session::verifyToken($token[0])) {
-          if (isset($body)) {
-            $postBody = $body;
-          } else {
-            $postBody = null;
-          }
-
+        if (isset($body)) {
+          $postBody = $body;
+        } else {
+          $postBody = null;
+        }
+        $task = $args["fourth"];
+        if ($task == "add-feature-background" || $task == "add-avatar") {
          $result = SettingsAPI::handleSettingsTask($request, $args, $postBody);
        } else {
-          $result = [
-            "message" => "API access denied, homie",
-            "type" => "API_ERROR",
-          ];
+          $token = $request->getHeader("fipamo-access-token");
+          if (Session::verifyToken($token[0])) {
+            $result = SettingsAPI::handleSettingsTask(
+              $request,
+              $args,
+              $postBody
+            );
+          } else {
+            $result = [
+              "message" => "API access denied, homie",
+              "type" => "API_ERROR",
+            ];
+          }
        }
+
        break;
      case "mailer":
        $result = MailerAPI::handleMail($request, $body, $response);
--- a/public/assets/scripts/dash.min.js
+++ b/public/assets/scripts/dash.min.js
--- a/src/com/controllers/MaintenanceManager.js
+++ b/src/com/controllers/MaintenanceManager.js
@ -266,8 +266,7 @@ class MaintenanceManager {
        }
      };
      if (requestType == REQUEST_TYPE_PUT || requestType == REQUEST_TYPE_POST) {
-        if (eventType === TASK_UPLOAD_FILES)
-          request.setRequestHeader("fipamo-access-token", self.token);
+        //if (eventType === TASK_UPLOAD_FILES) request.setRequestHeader("fipamo-access-token", self.token);
        switch (contentType) {
          case CONTENT_TYPE_JSON:
            request.setRequestHeader(
--- a/src/com/controllers/SettingsIndex.js
+++ b/src/com/controllers/SettingsIndex.js
@ -18,10 +18,7 @@ export default class SettingsIndex {
      null,
      "fe79df250470815bf32dcea70221384c89163cad3a827a9c3da25d87159ed55a"
    );
-    this.mm = new Maintenance(
-      null,
-      "fe79df250470815bf32dcea70221384c89163cad3a827a9c3da25d87159ed55a"
-    );
+    this.mm = new Maintenance(null, null);
  }
  //--------------------------
  // methods