Loading CHANGELOG.md +4 −1 Original line number Diff line number Diff line Loading @@ -4,6 +4,9 @@ All notable changes to this project are documented below. The format is based on [keep a changelog](http://keepachangelog.com) and this project uses [semantic versioning](http://semver.org). ## [Unreleased] ### Added - Allow HTTP key to be read from an HTTP request's Basic auth header if present. ### Changed - Use Steam partner API instead of public API for Steam profiles and friends requests. - Add create_time and update_time to returned storage engine writes acks. Loading @@ -11,7 +14,7 @@ The format is based on [keep a changelog](http://keepachangelog.com) and this pr - Add caller id param to storage listing and storage index listing runtime APIs. ### Fixed - Fix linter-found test issue. - Fixed multiple issues found by linter. - Fix storage index listing results sometimes being returned with incorrect order. - Fixes calculation of leaderboard and tournament times for rare types of CRON expressions that don't execute at a fixed interval. - Improved how start and end times are calculated for tournaments occuring in the future. Loading server/api_rpc.go +23 −10 Original line number Diff line number Diff line Loading @@ -63,6 +63,18 @@ func (s *ApiServer) RpcFuncHttp(w http.ResponseWriter, r *http.Request) { return } } else if auth := r.Header["Authorization"]; len(auth) >= 1 { if httpKey, _, ok := parseBasicAuth(auth[0]); ok { if httpKey != s.config.GetRuntime().HTTPKey { // HTTP key did not match. w.Header().Set("content-type", "application/json") w.WriteHeader(http.StatusUnauthorized) _, err := w.Write(httpKeyInvalidBytes) if err != nil { s.logger.Debug("Error writing response to client", zap.Error(err)) } return } } else { var token string userID, username, vars, expiry, token, isTokenAuth = parseBearerAuth([]byte(s.config.GetSession().EncryptionKey), auth[0]) if !isTokenAuth || !s.sessionCache.IsValidSession(userID, expiry, token) { Loading @@ -75,6 +87,7 @@ func (s *ApiServer) RpcFuncHttp(w http.ResponseWriter, r *http.Request) { } return } } } else { // No authentication present. w.Header().Set("content-type", "application/json") Loading Loading
CHANGELOG.md +4 −1 Original line number Diff line number Diff line Loading @@ -4,6 +4,9 @@ All notable changes to this project are documented below. The format is based on [keep a changelog](http://keepachangelog.com) and this project uses [semantic versioning](http://semver.org). ## [Unreleased] ### Added - Allow HTTP key to be read from an HTTP request's Basic auth header if present. ### Changed - Use Steam partner API instead of public API for Steam profiles and friends requests. - Add create_time and update_time to returned storage engine writes acks. Loading @@ -11,7 +14,7 @@ The format is based on [keep a changelog](http://keepachangelog.com) and this pr - Add caller id param to storage listing and storage index listing runtime APIs. ### Fixed - Fix linter-found test issue. - Fixed multiple issues found by linter. - Fix storage index listing results sometimes being returned with incorrect order. - Fixes calculation of leaderboard and tournament times for rare types of CRON expressions that don't execute at a fixed interval. - Improved how start and end times are calculated for tournaments occuring in the future. Loading
server/api_rpc.go +23 −10 Original line number Diff line number Diff line Loading @@ -63,6 +63,18 @@ func (s *ApiServer) RpcFuncHttp(w http.ResponseWriter, r *http.Request) { return } } else if auth := r.Header["Authorization"]; len(auth) >= 1 { if httpKey, _, ok := parseBasicAuth(auth[0]); ok { if httpKey != s.config.GetRuntime().HTTPKey { // HTTP key did not match. w.Header().Set("content-type", "application/json") w.WriteHeader(http.StatusUnauthorized) _, err := w.Write(httpKeyInvalidBytes) if err != nil { s.logger.Debug("Error writing response to client", zap.Error(err)) } return } } else { var token string userID, username, vars, expiry, token, isTokenAuth = parseBearerAuth([]byte(s.config.GetSession().EncryptionKey), auth[0]) if !isTokenAuth || !s.sessionCache.IsValidSession(userID, expiry, token) { Loading @@ -75,6 +87,7 @@ func (s *ApiServer) RpcFuncHttp(w http.ResponseWriter, r *http.Request) { } return } } } else { // No authentication present. w.Header().Set("content-type", "application/json") Loading
