diff --git a/maubot/management/api/auth.py b/maubot/management/api/auth.py
index b813a7c..fe3fe40 100644
--- a/maubot/management/api/auth.py
+++ b/maubot/management/api/auth.py
@@ -22,7 +22,7 @@ from mautrix.types import UserID
from mautrix.util.signed_token import sign_token, verify_token
from .base import routes, get_config
-from .responses import ErrBadAuth, ErrBodyNotJSON
+from .responses import ErrBadAuth, ErrBodyNotJSON, ErrNoToken, ErrInvalidToken
def is_valid_token(token: str) -> bool:
@@ -38,7 +38,24 @@ def create_token(user: UserID) -> str:
})
-@routes.post("/login")
+@routes.post("/auth/ping")
+async def ping(request: web.Request) -> web.Response:
+ token = request.headers.get("Authorization", "")
+ if not token or not token.startswith("Bearer "):
+ return ErrNoToken
+
+ data = verify_token(get_config()["server.unshared_secret"], token[len("Bearer "):])
+ if not data:
+ return ErrInvalidToken
+ user = data.get("user_id", None)
+ if not get_config().is_admin(user):
+ return ErrInvalidToken
+ return web.json_response({
+ "username": user,
+ })
+
+
+@routes.post("/auth/login")
async def login(request: web.Request) -> web.Response:
try:
data = await request.json()
diff --git a/maubot/management/api/middleware.py b/maubot/management/api/middleware.py
index fa5b93a..27185c0 100644
--- a/maubot/management/api/middleware.py
+++ b/maubot/management/api/middleware.py
@@ -24,7 +24,7 @@ Handler = Callable[[web.Request], Awaitable[web.Response]]
@web.middleware
async def auth(request: web.Request, handler: Handler) -> web.Response:
- if request.path.endswith("/login"):
+ if "/auth/" in request.path:
return await handler(request)
token = request.headers.get("Authorization", "")
if not token or not token.startswith("Bearer "):
diff --git a/maubot/management/api/spec.yaml b/maubot/management/api/spec.yaml
index e89f18b..75ec865 100644
--- a/maubot/management/api/spec.yaml
+++ b/maubot/management/api/spec.yaml
@@ -12,7 +12,7 @@ servers:
- url: /_matrix/maubot/v1
paths:
- /login:
+ /auth/login:
post:
operationId: login
summary: Log in with the unshared secret or username+password
@@ -45,6 +45,23 @@ paths:
type: string
401:
description: Invalid credentials
+ /auth/ping:
+ post:
+ operationId: ping
+ summary: Check if the given token is valid
+ tags: [Authentication]
+ responses:
+ 200:
+ description: Token is OK
+ content:
+ application/json:
+ schema:
+ type: object
+ properties:
+ username:
+ type: string
+ 401:
+ description: Token is not OK
/plugins:
get:
diff --git a/maubot/management/frontend/package.json b/maubot/management/frontend/package.json
index e02b7a0..c5cf653 100644
--- a/maubot/management/frontend/package.json
+++ b/maubot/management/frontend/package.json
@@ -21,5 +21,6 @@
"last 3 and_chr versions",
"last 2 safari versions",
"last 2 ios_saf versions"
- ]
+ ],
+ "proxy": "http://localhost:29316"
}
diff --git a/maubot/management/frontend/public/favicon.ico b/maubot/management/frontend/public/favicon.ico
deleted file mode 100644
index c74a967..0000000
Binary files a/maubot/management/frontend/public/favicon.ico and /dev/null differ
diff --git a/maubot/management/frontend/public/index.html b/maubot/management/frontend/public/index.html
index e9dd13f..932bd2e 100644
--- a/maubot/management/frontend/public/index.html
+++ b/maubot/management/frontend/public/index.html
@@ -19,7 +19,7 @@ along with this program. If not, see .
-
+