diff options
| author | Ryan Mehri <[email protected]> | 2020-05-11 20:41:16 -0600 |
|---|---|---|
| committer | Ryan Mehri <[email protected]> | 2020-05-11 20:41:16 -0600 |
| commit | d892cad72c1eb4ae20c1b7f1c5b9451650454c28 (patch) | |
| tree | 4563ceb597cda8339a6f49b4a3ff05c53fc67017 /backend/api | |
| parent | Merge pull request #15 from jackyzha0/readme (diff) | |
| download | ctrl-v-d892cad72c1eb4ae20c1b7f1c5b9451650454c28.tar.xz ctrl-v-d892cad72c1eb4ae20c1b7f1c5b9451650454c28.zip | |
Add password check on post hash
Diffstat (limited to 'backend/api')
| -rw-r--r-- | backend/api/api.go | 1 | ||||
| -rw-r--r-- | backend/api/routes.go | 15 |
2 files changed, 15 insertions, 1 deletions
diff --git a/backend/api/api.go b/backend/api/api.go index 59242ef..59fecba 100644 --- a/backend/api/api.go +++ b/backend/api/api.go @@ -32,6 +32,7 @@ func Serve(port int) { r.HandleFunc("/health", healthCheckFunc) r.HandleFunc("/api", insertFunc).Methods("POST", "OPTIONS") r.HandleFunc("/api/{hash}", getHashFunc).Methods("GET", "OPTIONS") + r.HandleFunc("/api/{hash}", getHashWithPasswordFunc).Methods("POST", "OPTIONS") http.Handle("/", r) diff --git a/backend/api/routes.go b/backend/api/routes.go index 7fb2114..6b9ba43 100644 --- a/backend/api/routes.go +++ b/backend/api/routes.go @@ -52,12 +52,25 @@ func insertFunc(w http.ResponseWriter, r *http.Request) { } func getHashFunc(w http.ResponseWriter, r *http.Request) { + // no password given for get + handleGetHash(w, r, "") +} + +func getHashWithPasswordFunc(w http.ResponseWriter, r *http.Request) { + // get password from form + _ = r.ParseMultipartForm(0) + gotPassword := r.FormValue("password") + + handleGetHash(w, r, gotPassword) + +} +func handleGetHash(w http.ResponseWriter, r *http.Request, gotPassword string) { // Allow CORS w.Header().Set("Access-Control-Allow-Origin", "*") hash := mux.Vars(r)["hash"] - paste, err := cache.C.Get(hash) + paste, err := cache.C.Get(hash, gotPassword) // if hash was not found if err == cache.PasteNotFound { |