aboutsummaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
Diffstat (limited to 'src')
-rw-r--r--src/server/ApiManagers/SessionManager.ts7
-rw-r--r--src/server/RouteManager.ts2
2 files changed, 4 insertions, 5 deletions
diff --git a/src/server/ApiManagers/SessionManager.ts b/src/server/ApiManagers/SessionManager.ts
index a99aa05e0..f1629b8f0 100644
--- a/src/server/ApiManagers/SessionManager.ts
+++ b/src/server/ApiManagers/SessionManager.ts
@@ -8,16 +8,15 @@ const permissionError = "You are not authorized!";
export default class SessionManager extends ApiManager {
- private secureSubscriber = (root: string, ...params: string[]) => new RouteSubscriber(root).add("sessionKey", ...params);
+ private secureSubscriber = (root: string, ...params: string[]) => new RouteSubscriber(root).add("session_key", ...params);
private authorizedAction = (handler: SecureHandler) => {
return (core: AuthorizedCore) => {
- const { req, res, isRelease } = core;
- const { sessionKey } = req.params;
+ const { req: { params }, res, isRelease } = core;
if (!isRelease) {
return res.send("This can be run only on the release server.");
}
- if (sessionKey !== process.env.session_key) {
+ if (params.session_key !== process.env.session_key) {
return _permission_denied(res, permissionError);
}
return handler(core);
diff --git a/src/server/RouteManager.ts b/src/server/RouteManager.ts
index 5afd607fd..f9ffdaa80 100644
--- a/src/server/RouteManager.ts
+++ b/src/server/RouteManager.ts
@@ -197,5 +197,5 @@ export function _permission_denied(res: express.Response, message?: string) {
if (message) {
res.statusMessage = message;
}
- res.status(STATUS.BAD_REQUEST).send("Permission Denied!");
+ res.status(STATUS.PERMISSION_DENIED).send("Permission Denied!");
}
generated by cgit v1.2.3-70-g09d2 (git 2.46.0) at 2025-10-06 13:05:50 +0000