luxick/luxtools-client
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Use new naming for token

Browse Source
This commit is contained in:
luxick
2026-01-06 14:46:17 +01:00
parent d6f19b51cc
commit 8ae35c974c
2 changed files with 7 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
README.md
View File

@@ -128,9 +128,9 @@ Notes:
### Auth ### Auth
Requests must include the token using the `X-Filetools-Token` header. Requests must include the token using the `X-Luxtools-Token` header.
- Header: `X-Filetools-Token: <token>` - Header: `X-Luxtools-Token: <token>`
- For `GET /open`, a `token=...` query parameter is also accepted as a fallback. - For `GET /open`, a `token=...` query parameter is also accepted as a fallback.
### `GET /health` ### `GET /health`
@@ -160,7 +160,7 @@ Example:
```bash ```bash
curl -sS -X POST \ curl -sS -X POST \
-H 'Content-Type: application/json' \ -H 'Content-Type: application/json' \
-H 'X-Filetools-Token: your-shared-secret' \ -H 'X-Luxtools-Token: your-shared-secret' \
--data '{"path":"/tmp"}' \ --data '{"path":"/tmp"}' \
http://127.0.0.1:8765/open http://127.0.0.1:8765/open
``` ```
@@ -173,7 +173,7 @@ Example:
```bash ```bash
curl -i \ curl -i \
-H 'X-Filetools-Token: your-shared-secret' \ -H 'X-Luxtools-Token: your-shared-secret' \
'http://127.0.0.1:8765/open?path=/tmp' 'http://127.0.0.1:8765/open?path=/tmp'
``` ```

6
main.go
View File

@@ -104,7 +104,7 @@ func main() {
// Allow token to be supplied via query string for GET fallback. // Allow token to be supplied via query string for GET fallback.
qt := strings.TrimSpace(r.URL.Query().Get("token")) qt := strings.TrimSpace(r.URL.Query().Get("token"))
if qt == "" || !subtleStringEqual(qt, strings.TrimSpace(*token)) { if qt == "" || !subtleStringEqual(qt, strings.TrimSpace(*token)) {
errLog.Printf("/open unauthorized method=%s path=%q headerToken=%t queryToken=%t dur=%s", r.Method, rawPath, strings.TrimSpace(r.Header.Get("X-Filetools-Token")) != "", qt != "", time.Since(start)) errLog.Printf("/open unauthorized method=%s path=%q headerToken=%t queryToken=%t dur=%s", r.Method, rawPath, strings.TrimSpace(r.Header.Get("X-Luxtools-Token")) != "", qt != "", time.Since(start))
writeJSON(w, http.StatusUnauthorized, openResponse{OK: false, Message: "unauthorized"}) writeJSON(w, http.StatusUnauthorized, openResponse{OK: false, Message: "unauthorized"})
return return
} }
@@ -182,7 +182,7 @@ func withCORS(w http.ResponseWriter, r *http.Request) {
w.Header().Set("Access-Control-Allow-Origin", "*") w.Header().Set("Access-Control-Allow-Origin", "*")
} }
w.Header().Set("Access-Control-Allow-Methods", "POST, GET, OPTIONS") w.Header().Set("Access-Control-Allow-Methods", "POST, GET, OPTIONS")
w.Header().Set("Access-Control-Allow-Headers", "Content-Type, X-Filetools-Token") w.Header().Set("Access-Control-Allow-Headers", "Content-Type, X-Luxtools-Token")
} }
func checkToken(r *http.Request, required string) bool { func checkToken(r *http.Request, required string) bool {
@@ -190,7 +190,7 @@ func checkToken(r *http.Request, required string) bool {
if required == "" { if required == "" {
return true return true
} }
got := r.Header.Get("X-Filetools-Token") got := r.Header.Get("X-Luxtools-Token")
got = strings.TrimSpace(got) got = strings.TrimSpace(got)
return got != "" && subtleStringEqual(got, required) return got != "" && subtleStringEqual(got, required)
} }