forked from platypush/platypush
The /execute endpoint should require authentication as well
This commit is contained in:
parent
dea547a491
commit
229b2de566
3 changed files with 4 additions and 10 deletions
|
@ -1,4 +1,4 @@
|
|||
from flask import Blueprint, request, render_template
|
||||
from flask import Blueprint, render_template
|
||||
|
||||
from platypush.backend.http.app import template_folder
|
||||
from platypush.backend.http.app.utils import authenticate, get_websocket_port
|
||||
|
@ -12,9 +12,10 @@ __routes__ = [
|
|||
]
|
||||
|
||||
|
||||
# noinspection PyUnusedLocal
|
||||
@dashboard.route('/dashboard/<name>', methods=['GET'])
|
||||
@authenticate()
|
||||
def render_dashboard(*_, **__):
|
||||
def render_dashboard(name):
|
||||
""" Route for the dashboard """
|
||||
return render_template('index.html',
|
||||
utils=HttpUtils,
|
||||
|
|
|
@ -14,7 +14,7 @@ __routes__ = [
|
|||
|
||||
|
||||
@execute.route('/execute', methods=['POST'])
|
||||
@authenticate(skip_auth_methods=['session'])
|
||||
@authenticate()
|
||||
def execute():
|
||||
""" Endpoint to execute commands """
|
||||
try:
|
||||
|
|
|
@ -15,13 +15,6 @@ export default {
|
|||
request['type'] = 'request'
|
||||
}
|
||||
|
||||
// TODO Proper auth/token management
|
||||
// if (window.config.token) {
|
||||
// opts.headers = {
|
||||
// 'X-Token': window.config.token
|
||||
// }
|
||||
// }
|
||||
|
||||
if (timeout) {
|
||||
opts.timeout = timeout
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue