🔑 bypass unkey (#635) · openstatus.dev/openstatus@3e54505

openstatus.dev / openstatus

fork atom

Openstatus www.openstatus.dev

fork atom

🔑 bypass unkey (#635)

* 🔑 bypass unkey

* 🧹 fix

authored by

Thibault Le Ouay and committed by

GitHub 2 years ago 3e545051 6aa605e6

+25 -22

1 changed file

expand all

apps

checker

cmd

main.go

+25 -22

apps/checker/cmd/main.go

··· 101 101 if !statusCode.IsSuccessful() && req.Status == "active" { 102 102 // Q: Why here we do not check if the status was previously active? 103 103 checker.UpdateStatus(ctx, checker.UpdateData{ 104 - MonitorId: req.MonitorID, 105 - Status: "error", 106 - StatusCode: res.StatusCode, 107 - Region: flyRegion, 108 - Message: res.Message, 104 + MonitorId: req.MonitorID, 105 + Status: "error", 106 + StatusCode: res.StatusCode, 107 + Region: flyRegion, 108 + Message: res.Message, 109 109 CronTimestamp: req.CronTimestamp, 110 110 }) 111 111 } ··· 113 113 if req.Status == "error" && statusCode.IsSuccessful() { 114 114 // Q: Why here we check the data before updating the status in this scenario? 115 115 checker.UpdateStatus(ctx, checker.UpdateData{ 116 - MonitorId: req.MonitorID, 117 - Status: "active", 118 - Region: flyRegion, 119 - StatusCode: res.StatusCode, 116 + MonitorId: req.MonitorID, 117 + Status: "active", 118 + Region: flyRegion, 119 + StatusCode: res.StatusCode, 120 120 CronTimestamp: req.CronTimestamp, 121 - 122 121 }) 123 122 } 124 123 if err := tinybirdClient.SendEvent(ctx, res); err != nil { ··· 143 142 144 143 if req.Status == "active" { 145 144 checker.UpdateStatus(ctx, checker.UpdateData{ 146 - MonitorId: req.MonitorID, 147 - Status: "error", 148 - Message: err.Error(), 149 - Region: flyRegion, 145 + MonitorId: req.MonitorID, 146 + Status: "error", 147 + Message: err.Error(), 148 + Region: flyRegion, 150 149 CronTimestamp: req.CronTimestamp, 151 150 }) 152 151 } ··· 170 169 fmt.Printf("Start of /ping/%s\n", region) 171 170 172 171 apiKey := c.GetHeader("x-openstatus-key") 173 - if apiKey == "" { 174 - c.JSON(http.StatusUnauthorized, gin.H{"error": "unauthorized"}) 175 - return 176 - } 177 172 178 - response, err := unkey.KeyVerify(apiKey) 179 - if err != nil { 173 + if c.GetHeader("Authorization") != fmt.Sprintf("Basic %s", cronSecret) && apiKey == "" { 180 174 c.JSON(http.StatusUnauthorized, gin.H{"error": "unauthorized"}) 181 175 return 182 176 } 177 + if apiKey != "" { 178 + response, err := unkey.KeyVerify(apiKey) 179 + if err != nil { 180 + c.JSON(http.StatusUnauthorized, gin.H{"error": "unauthorized"}) 181 + return 182 + } 183 183 184 - if !response.Valid { 185 - fmt.Println("Key is valid") 184 + if !response.Valid { 185 + fmt.Println("Key is not valid valid") 186 + c.JSON(http.StatusUnauthorized, gin.H{"error": "unauthorized"}) 187 + 188 + } 186 189 } 187 190 188 191 if region != flyRegion {