mirror of
https://github.com/TwiN/gatus.git
synced 2024-11-07 08:34:15 +01:00
fix(api): Define unprotected routes first
This is because fiber does not work the same way that mux did wrt groups (mux referred to them as subrouters). I could not apply a middleware to a specific fiber Group due to the groups being prefix-based. In other words, the only other way to apply middlewares to specific endpoints without changing the path is by applying the security middleware after the routes that did not need to be protected and before the routes that did need to be protected
This commit is contained in:
parent
0e33556775
commit
6a8c308af7
46
api/api.go
46
api/api.go
@ -47,32 +47,23 @@ func (a *API) createRouter(cfg *config.Config) *fiber.App {
|
||||
AllowCredentials: true,
|
||||
}))
|
||||
}
|
||||
apiRouter := app.Group("/api")
|
||||
protectedAPIRouter := apiRouter.Group("/")
|
||||
unprotectedAPIRouter := apiRouter.Group("/")
|
||||
// Middlewares
|
||||
app.Use(recover.New())
|
||||
app.Use(compress.New())
|
||||
// Define metrics handler, if necessary
|
||||
if cfg.Metrics {
|
||||
metricsHandler := promhttp.InstrumentMetricHandler(prometheus.DefaultRegisterer, promhttp.HandlerFor(prometheus.DefaultGatherer, promhttp.HandlerOpts{
|
||||
DisableCompression: true,
|
||||
}))
|
||||
app.Get("/metrics", adaptor.HTTPHandler(metricsHandler))
|
||||
}
|
||||
// Security (ORDER IS IMPORTANT: middlewares must be applied before the routes are registered)
|
||||
if cfg.Security != nil {
|
||||
if err := cfg.Security.RegisterHandlers(app); err != nil {
|
||||
panic(err)
|
||||
}
|
||||
if err := cfg.Security.ApplySecurityMiddleware(protectedAPIRouter); err != nil {
|
||||
panic(err)
|
||||
}
|
||||
}
|
||||
// Middlewares
|
||||
app.Use(recover.New())
|
||||
app.Use(compress.New())
|
||||
// Routes
|
||||
handler := ConfigHandler{securityConfig: cfg.Security}
|
||||
unprotectedAPIRouter.Get("/v1/config", handler.GetConfig)
|
||||
protectedAPIRouter.Get("/v1/endpoints/statuses", EndpointStatuses(cfg))
|
||||
protectedAPIRouter.Get("/v1/endpoints/:key/statuses", EndpointStatus)
|
||||
// Define main router
|
||||
apiRouter := app.Group("/api")
|
||||
////////////////////////
|
||||
// UNPROTECTED ROUTES //
|
||||
////////////////////////
|
||||
unprotectedAPIRouter := apiRouter.Group("/")
|
||||
unprotectedAPIRouter.Get("/v1/config", ConfigHandler{securityConfig: cfg.Security}.GetConfig)
|
||||
unprotectedAPIRouter.Get("/v1/endpoints/:key/health/badge.svg", HealthBadge)
|
||||
unprotectedAPIRouter.Get("/v1/endpoints/:key/uptimes/:duration/badge.svg", UptimeBadge)
|
||||
unprotectedAPIRouter.Get("/v1/endpoints/:key/response-times/:duration/badge.svg", ResponseTimeBadge(cfg))
|
||||
@ -102,5 +93,20 @@ func (a *API) createRouter(cfg *config.Config) *fiber.App {
|
||||
Index: "index.html",
|
||||
Browse: true,
|
||||
}))
|
||||
//////////////////////
|
||||
// PROTECTED ROUTES //
|
||||
//////////////////////
|
||||
// ORDER IS IMPORTANT: all routes applied AFTER the security middleware will require authn
|
||||
protectedAPIRouter := apiRouter.Group("/")
|
||||
if cfg.Security != nil {
|
||||
if err := cfg.Security.RegisterHandlers(app); err != nil {
|
||||
panic(err)
|
||||
}
|
||||
if err := cfg.Security.ApplySecurityMiddleware(protectedAPIRouter); err != nil {
|
||||
panic(err)
|
||||
}
|
||||
}
|
||||
protectedAPIRouter.Get("/v1/endpoints/statuses", EndpointStatuses(cfg))
|
||||
protectedAPIRouter.Get("/v1/endpoints/:key/statuses", EndpointStatus)
|
||||
return app
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user