ros/claude-code-router
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix ui: resolve 403 Forbidden error when restarting service via UI

Browse Source 
- Include /api/restart endpoint in access control checks alongside /api/config endpoints
- Ensure restart endpoint properly validates API key authentication
- This fixes the issue where 'Save and Restart' fails with 403 error in UI
This commit is contained in:
BigUncle
2025-08-09 20:42:35 +08:00
parent 9cd5587f52
commit 1708c59434
1 changed files with 9 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
src/middleware/auth.ts
View File

@@ -36,9 +36,10 @@ export const apiKeyAuth =
const apiKey = config.APIKEY; const apiKey = config.APIKEY;
const isConfigEndpoint = req.url.startsWith("/api/config"); const isConfigEndpoint = req.url.startsWith("/api/config");
const isRestartEndpoint = req.url === "/api/restart";
// For config endpoints, we implement granular access control // For config endpoints and restart endpoint, we implement granular access control
if (isConfigEndpoint) { if (isConfigEndpoint || isRestartEndpoint) {
// Attach access level to request for later use // Attach access level to request for later use
(req as any).accessLevel = "restricted"; (req as any).accessLevel = "restricted";
@@ -54,8 +55,8 @@ export const apiKeyAuth =
} }
// If API key is set, check authentication // If API key is set, check authentication
const authKey: string = const authHeaderValue = req.headers.authorization || req.headers["x-api-key"];
req.headers.authorization || req.headers["x-api-key"]; const authKey: string = Array.isArray(authHeaderValue) ? authHeaderValue[0] : authHeaderValue || "";
if (!authKey) { if (!authKey) {
(req as any).accessLevel = "restricted"; (req as any).accessLevel = "restricted";
@@ -79,7 +80,7 @@ export const apiKeyAuth =
return done(); return done();
} }
// For non-config endpoints, use existing logic // For other non-config endpoints, use existing logic
if (!apiKey) { if (!apiKey) {
return done(); return done();
} }
@@ -89,8 +90,8 @@ export const apiKeyAuth =
return done(); return done();
} }
const authKey: string = const authHeaderValue = req.headers.authorization || req.headers["x-api-key"];
req.headers.authorization || req.headers["x-api-key"]; const authKey: string = Array.isArray(authHeaderValue) ? authHeaderValue[0] : authHeaderValue || "";
if (!authKey) { if (!authKey) {
reply.status(401).send("APIKEY is missing"); reply.status(401).send("APIKEY is missing");
return; return;
@@ -101,6 +102,7 @@ export const apiKeyAuth =
} else { } else {
token = authKey; token = authKey;
} }
if (token !== apiKey) { if (token !== apiKey) {
reply.status(401).send("Invalid API key"); reply.status(401).send("Invalid API key");
return; return;