fixed messing with invalid api key
Signed-off-by: tracer <tracer@24unix.net>
This commit is contained in:
parent
d1182c6243
commit
2e779ed606
@ -99,13 +99,18 @@ class RequestController
|
||||
} else {
|
||||
[$prefix,] = explode(separator: '.', string: $apiKey);
|
||||
$apiUsers = new ApiKeys(databaseConnection: $this->databaseConnection);
|
||||
$apiResult = $apiUsers->findByPrefix(prefix: $prefix);
|
||||
$storedHash = $apiResult['api_token'];
|
||||
|
||||
if (!password_verify(password: $apiKey, hash: $storedHash)) {
|
||||
if ($apiResult = $apiUsers->findByPrefix(prefix: $prefix)) {
|
||||
$storedHash = $apiResult['api_token'];
|
||||
if (!password_verify(password: $apiKey, hash: $storedHash)) {
|
||||
$this->header = "401 Unauthorized";
|
||||
$this->status = "401 Unauthorized";
|
||||
$this->message = "API key mismatch.";
|
||||
return false;
|
||||
}
|
||||
} else {
|
||||
$this->header = "401 Unauthorized";
|
||||
$this->status = "401 Unauthorized";
|
||||
$this->message = "API key mismatch.";
|
||||
$this->message = "API key not found.";
|
||||
return false;
|
||||
}
|
||||
}
|
||||
@ -137,18 +142,21 @@ class RequestController
|
||||
public function handleDomainPostRequest(): void
|
||||
{
|
||||
$name = $_POST['name'] ?? '';
|
||||
$panelID = $_POST['panel_id'] ?? '';
|
||||
$panelID = intval(value: $_POST['panel_id'] ?? 0);
|
||||
$a = $_POST['a'] ?? '';
|
||||
$aaaa = $_POST['aaaa'] ?? '';
|
||||
if (empty($name)) {
|
||||
$this->header = "400 Bad Request";
|
||||
$this->status = "400 Bad Request";
|
||||
$this->message = "A name is required";
|
||||
} else {
|
||||
if (empty($a) && empty($aaaa)) {
|
||||
if (empty($a) && empty($aaaa) && empty($panelID)) {
|
||||
$this->header = "400 Bad Request";
|
||||
$this->status = "400 Bad Request";
|
||||
$this->message = "At least one IP address is required.";
|
||||
$this->message = "At least one IP address or panel ID is required.";
|
||||
} else {
|
||||
if ($this->domainController->findByName(name: $name)) {
|
||||
$this->header = "400 Bad request";
|
||||
$this->status = "400 Bad request";
|
||||
$this->message = "Domain: $name already exists.";
|
||||
} else {
|
||||
|
Loading…
Reference in New Issue
Block a user