luxick/luxtools-client
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Use new naming for token

Browse Source
This commit is contained in:
luxick
2026-01-06 14:46:17 +01:00
parent d6f19b51cc
commit 8ae35c974c
2 changed files with 7 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
README.md
View File

@@ -128,9 +128,9 @@ Notes:
### Auth
Requests must include the token using the `X-Filetools-Token` header.
Requests must include the token using the `X-Luxtools-Token` header.
- Header: `X-Filetools-Token: <token>`
- Header: `X-Luxtools-Token: <token>`
- For `GET /open`, a `token=...` query parameter is also accepted as a fallback.
### `GET /health`
@@ -160,7 +160,7 @@ Example:
```bash
curl -sS -X POST \
-H 'Content-Type: application/json' \
-H 'X-Filetools-Token: your-shared-secret' \
-H 'X-Luxtools-Token: your-shared-secret' \
--data '{"path":"/tmp"}' \
http://127.0.0.1:8765/open
```
@@ -173,7 +173,7 @@ Example:
```bash
curl -i \
-H 'X-Filetools-Token: your-shared-secret' \
-H 'X-Luxtools-Token: your-shared-secret' \
'http://127.0.0.1:8765/open?path=/tmp'
```

6
main.go
View File

@@ -104,7 +104,7 @@ func main() {
// Allow token to be supplied via query string for GET fallback.
qt := strings.TrimSpace(r.URL.Query().Get("token"))
if qt == "" || !subtleStringEqual(qt, strings.TrimSpace(*token)) {
errLog.Printf("/open unauthorized method=%s path=%q headerToken=%t queryToken=%t dur=%s", r.Method, rawPath, strings.TrimSpace(r.Header.Get("X-Filetools-Token")) != "", qt != "", time.Since(start))
errLog.Printf("/open unauthorized method=%s path=%q headerToken=%t queryToken=%t dur=%s", r.Method, rawPath, strings.TrimSpace(r.Header.Get("X-Luxtools-Token")) != "", qt != "", time.Since(start))
writeJSON(w, http.StatusUnauthorized, openResponse{OK: false, Message: "unauthorized"})
return
}
@@ -182,7 +182,7 @@ func withCORS(w http.ResponseWriter, r *http.Request) {
w.Header().Set("Access-Control-Allow-Origin", "*")
}
w.Header().Set("Access-Control-Allow-Methods", "POST, GET, OPTIONS")
w.Header().Set("Access-Control-Allow-Headers", "Content-Type, X-Filetools-Token")
w.Header().Set("Access-Control-Allow-Headers", "Content-Type, X-Luxtools-Token")
}
func checkToken(r *http.Request, required string) bool {
@@ -190,7 +190,7 @@ func checkToken(r *http.Request, required string) bool {
if required == "" {
return true
}
got := r.Header.Get("X-Filetools-Token")
got := r.Header.Get("X-Luxtools-Token")
got = strings.TrimSpace(got)
return got != "" && subtleStringEqual(got, required)
}