ros/claude-code-router
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge pull request #506 from BigUncle/fix/ui-restart-authentication

Browse Source 
fix ui: resolve 403 Forbidden error when restarting service via UI
This commit is contained in:
musi
2025-08-10 07:51:11 +08:00
committed by GitHub
parent 9cd5587f52 1708c59434
commit 6510d3aac9
1 changed files with 9 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
src/middleware/auth.ts
View File

@@ -36,9 +36,10 @@ export const apiKeyAuth =
const apiKey = config.APIKEY; const apiKey = config.APIKEY;
const isConfigEndpoint = req.url.startsWith("/api/config"); const isConfigEndpoint = req.url.startsWith("/api/config");
const isRestartEndpoint = req.url === "/api/restart";
// For config endpoints, we implement granular access control // For config endpoints and restart endpoint, we implement granular access control
if (isConfigEndpoint) { if (isConfigEndpoint || isRestartEndpoint) {
// Attach access level to request for later use // Attach access level to request for later use
(req as any).accessLevel = "restricted"; (req as any).accessLevel = "restricted";
@@ -54,8 +55,8 @@ export const apiKeyAuth =
} }
// If API key is set, check authentication // If API key is set, check authentication
const authKey: string = const authHeaderValue = req.headers.authorization || req.headers["x-api-key"];
req.headers.authorization || req.headers["x-api-key"]; const authKey: string = Array.isArray(authHeaderValue) ? authHeaderValue[0] : authHeaderValue || "";
if (!authKey) { if (!authKey) {
(req as any).accessLevel = "restricted"; (req as any).accessLevel = "restricted";
@@ -79,7 +80,7 @@ export const apiKeyAuth =
return done(); return done();
} }
// For non-config endpoints, use existing logic // For other non-config endpoints, use existing logic
if (!apiKey) { if (!apiKey) {
return done(); return done();
} }
@@ -89,8 +90,8 @@ export const apiKeyAuth =
return done(); return done();
} }
const authKey: string = const authHeaderValue = req.headers.authorization || req.headers["x-api-key"];
req.headers.authorization || req.headers["x-api-key"]; const authKey: string = Array.isArray(authHeaderValue) ? authHeaderValue[0] : authHeaderValue || "";
if (!authKey) { if (!authKey) {
reply.status(401).send("APIKEY is missing"); reply.status(401).send("APIKEY is missing");
return; return;
@@ -101,6 +102,7 @@ export const apiKeyAuth =
} else { } else {
token = authKey; token = authKey;
} }
if (token !== apiKey) { if (token !== apiKey) {
reply.status(401).send("Invalid API key"); reply.status(401).send("Invalid API key");
return; return;