Relaxed image upload auth.

# Conflicts:
#	src/com/controllers/MaintenanceManager.js
#	src/com/controllers/SettingsIndex.js
This commit is contained in:
Ro 2021-08-02 15:35:57 -07:00
commit b1c884689e
2 changed files with 25 additions and 16 deletions

View file

@ -188,21 +188,30 @@ class APIControl
break; break;
case "settings": case "settings":
$token = $request->getHeader("fipamo-access-token"); if (isset($body)) {
if (Session::verifyToken($token[0])) { $postBody = $body;
if (isset($body)) { } else {
$postBody = $body; $postBody = null;
} else { }
$postBody = null; $task = $args["fourth"];
} if ($task == "add-feature-background" || $task == "add-avatar") {
$result = SettingsAPI::handleSettingsTask($request, $args, $postBody); $result = SettingsAPI::handleSettingsTask($request, $args, $postBody);
} else { } else {
$result = [ $token = $request->getHeader("fipamo-access-token");
"message" => "API access denied, homie", if (Session::verifyToken($token[0])) {
"type" => "API_ERROR", $result = SettingsAPI::handleSettingsTask(
]; $request,
$args,
$postBody
);
} else {
$result = [
"message" => "API access denied, homie",
"type" => "API_ERROR",
];
}
} }
break; break;
case "mailer": case "mailer":
$result = MailerAPI::handleMail($request, $body, $response); $result = MailerAPI::handleMail($request, $body, $response);

File diff suppressed because one or more lines are too long