nahakubuilder/gobsidian
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

added setting to turn off login/edits - LOGIN_AND_EDITS

Browse Source
This commit is contained in:
BlobTheBuilder
2026-04-23 06:19:45 +00:00
parent 3c70cb99a3
commit a30eb4d42d
6 changed files with 33 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files
internal/server/server.go
+6 -6
View File
@@ -105,15 +105,15 @@ func (s *Server) setupRoutes() {
r.GET("/view_text/*path", h.ViewTextHandler)
// Auth routes
r.GET("/editor/login", h.LoginPage)
r.POST("/editor/login", s.CSRFRequire(), h.LoginPost)
r.GET("/editor/login", s.RequireLoginAndEdits(), h.LoginPage)
r.POST("/editor/login", s.RequireLoginAndEdits(), s.CSRFRequire(), h.LoginPost)
r.POST("/editor/logout", s.RequireAuth(), s.CSRFRequire(), h.LogoutPost)
// MFA challenge routes (no auth yet, but CSRF)
r.GET("/editor/mfa", s.CSRFRequire(), h.MFALoginPage)
r.POST("/editor/mfa", s.CSRFRequire(), h.MFALoginVerify)
r.GET("/editor/mfa", s.RequireLoginAndEdits(), s.CSRFRequire(), h.MFALoginPage)
r.POST("/editor/mfa", s.RequireLoginAndEdits(), s.CSRFRequire(), h.MFALoginVerify)
// New /editor group protected by auth + CSRF
editor := r.Group("/editor", s.RequireAuth(), s.CSRFRequire())
// New /editor group protected by auth + CSRF + LoginAndEdits
editor := r.Group("/editor", s.RequireLoginAndEdits(), s.RequireAuth(), s.CSRFRequire())
{
editor.GET("/create", h.CreateNotePageHandler)
editor.POST("/create", h.CreateNoteHandler)