mirror/prysm-pulse
1
0
Fork 0
mirror of https://gitlab.com/pulsechaincom/prysm-pulse.git synced 2024-12-22 03:30:35 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

fixing jwt auth checks (#13565)

Browse Source
This commit is contained in:
james-prysm 2024-02-01 09:13:52 -06:00 committed by GitHub
parent 73ce28c356
commit 2cddb5ca86
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
2 changed files with 7 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
api/constants.go
View File

@ -1,3 +1,7 @@
package api package api
const WebUrlPrefix = "/v2/validator/" const (
WebUrlPrefix = "/v2/validator/"
WebApiUrlPrefix = "/api/v2/validator/"
KeymanagerApiPrefix = "/eth/v1"
)

4
validator/rpc/intercepter.go
View File

@ -39,8 +39,8 @@ func (s *Server) JWTInterceptor() grpc.UnaryServerInterceptor {
func (s *Server) JwtHttpInterceptor(next http.Handler) http.Handler { func (s *Server) JwtHttpInterceptor(next http.Handler) http.Handler {
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
// if it's not initialize or has a web prefix // if it's not initialize or has a web prefix
if !strings.Contains(r.URL.Path, api.WebUrlPrefix+"initialize") && // ignore some routes if strings.Contains(r.URL.Path, api.WebApiUrlPrefix) || strings.Contains(r.URL.Path, api.KeymanagerApiPrefix) {
!strings.Contains(r.URL.Path, api.WebUrlPrefix+"health/logs") { // ignore some routes
reqToken := r.Header.Get("Authorization") reqToken := r.Header.Get("Authorization")
if reqToken == "" { if reqToken == "" {
http.Error(w, "unauthorized: no Authorization header passed. Please use an Authorization header with the jwt created in the prysm wallet", http.StatusUnauthorized) http.Error(w, "unauthorized: no Authorization header passed. Please use an Authorization header with the jwt created in the prysm wallet", http.StatusUnauthorized)