2017-04-18 22:45:01 -05:00
// Copyright 2017 The Gitea Authors. All rights reserved.
// Use of this source code is governed by a MIT-style
// license that can be found in the LICENSE file.
// Package private includes all internal routes. The package name internal is ideal but Golang is not allowed, so we use private as package name instead.
package private
import (
"strings"
2019-12-23 19:11:12 -05:00
"code.gitea.io/gitea/modules/log"
2019-12-26 06:29:45 -05:00
"code.gitea.io/gitea/modules/private"
2017-04-18 22:45:01 -05:00
"code.gitea.io/gitea/modules/setting"
2017-05-04 00:42:02 -05:00
2019-12-26 06:29:45 -05:00
"gitea.com/macaron/binding"
2019-08-23 11:40:30 -05:00
"gitea.com/macaron/macaron"
2017-04-18 22:45:01 -05:00
)
// CheckInternalToken check internal token is set
func CheckInternalToken ( ctx * macaron . Context ) {
tokens := ctx . Req . Header . Get ( "Authorization" )
fields := strings . Fields ( tokens )
if len ( fields ) != 2 || fields [ 0 ] != "Bearer" || fields [ 1 ] != setting . InternalToken {
2019-12-23 19:11:12 -05:00
log . Debug ( "Forbidden attempt to access internal url: Authorization header: %s" , tokens )
2017-04-18 22:45:01 -05:00
ctx . Error ( 403 )
}
}
// RegisterRoutes registers all internal APIs routes to web application.
// These APIs will be invoked by internal commands for example `gitea serv` and etc.
func RegisterRoutes ( m * macaron . Macaron ) {
2019-12-26 06:29:45 -05:00
bind := binding . Bind
2017-04-18 22:45:01 -05:00
m . Group ( "/" , func ( ) {
2019-12-16 20:49:07 -05:00
m . Post ( "/ssh/authorized_keys" , AuthorizedPublicKeyByContent )
2019-06-01 10:00:21 -05:00
m . Post ( "/ssh/:id/update/:repoid" , UpdatePublicKeyInRepo )
2019-12-26 06:29:45 -05:00
m . Post ( "/hook/pre-receive/:owner/:repo" , bind ( private . HookOptions { } ) , HookPreReceive )
m . Post ( "/hook/post-receive/:owner/:repo" , bind ( private . HookOptions { } ) , HookPostReceive )
m . Post ( "/hook/set-default-branch/:owner/:repo/:branch" , SetDefaultBranch )
2019-06-01 10:00:21 -05:00
m . Get ( "/serv/none/:keyid" , ServNoCommand )
m . Get ( "/serv/command/:keyid/:owner/:repo" , ServCommand )
2020-01-28 20:01:06 -05:00
m . Post ( "/manager/shutdown" , Shutdown )
m . Post ( "/manager/restart" , Restart )
m . Post ( "/manager/flush-queues" , bind ( private . FlushOptions { } ) , FlushQueues )
2020-07-05 19:07:07 -05:00
m . Post ( "/manager/pause-logging" , PauseLogging )
m . Post ( "/manager/resume-logging" , ResumeLogging )
m . Post ( "/manager/release-and-reopen-logging" , ReleaseReopenLogging )
m . Post ( "/manager/add-logger" , bind ( private . LoggerOptions { } ) , AddLogger )
m . Post ( "/manager/remove-logger/:group/:name" , RemoveLogger )
2020-10-24 15:38:14 -05:00
m . Post ( "/mail/send" , SendEmail )
2017-04-18 22:45:01 -05:00
} , CheckInternalToken )
}