Skip to content

Commit

Permalink
disable admin routes entirely if config not set
Browse files Browse the repository at this point in the history
  • Loading branch information
@sethetter
sethetter committed Feb 23, 2025
1 parent 00f30f9 commit da8537c
Show file tree
Hide file tree
Showing 2 changed files with 14 additions and 12 deletions.
4 changes: 2 additions & 2 deletions pkg/config/config.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -16,8 +16,8 @@ type Config struct {
Email *EmailConfig
Twitter *TwitterConfig
SlackHook string `envconfig:"SLACK_HOOK"`
AdminUser string `envconfig:"ADMIN_USER" required:"true" default:"admin"`
AdminPassword string `envconfig:"ADMIN_PASSWORD" require:"true" default:"password"`
AdminUser string `envconfig:"ADMIN_USER"`
AdminPassword string `envconfig:"ADMIN_PASSWORD"`
}

type EmailConfig struct {
Expand Down
22 changes: 12 additions & 10 deletions pkg/server/server.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -80,16 +80,18 @@ func NewServer(c *ServerConfig) (http.Server, error) {
authorized.POST("/jobs/:id/delete", ctrl.DeleteJob)
}

// Admin routes
admin := router.Group("/admin")
admin.Use(gin.BasicAuth(gin.Accounts{
c.Config.AdminUser: c.Config.AdminPassword,
}))
{
admin.GET("", ctrl.AdminIndex)
admin.GET("/jobs/:id/edit", ctrl.EditJob)
admin.POST("/jobs/:id", ctrl.UpdateJob)
admin.POST("/jobs/:id/delete", ctrl.DeleteJob)
if c.Config.AdminUser != "" {
// Admin routes
admin := router.Group("/admin")
admin.Use(gin.BasicAuth(gin.Accounts{
c.Config.AdminUser: c.Config.AdminPassword,
}))
{
admin.GET("", ctrl.AdminIndex)
admin.GET("/jobs/:id/edit", ctrl.EditJob)
admin.POST("/jobs/:id", ctrl.UpdateJob)
admin.POST("/jobs/:id/delete", ctrl.DeleteJob)
}
}

return http.Server{
Expand Down

0 comments on commit da8537c

Please sign in to comment.