swissmakers_gmbh/fail2ban-ui
12
1
Fork 0
mirror of https://github.com/swissmakers/fail2ban-ui.git synced 2026-04-15 05:03:14 +02:00
Code Issues Actions Packages Projects Releases Wiki Activity

Implement X-Callback-Secret for validating API requests

Browse Source
This commit is contained in:
Michael Reber
2025-12-15 23:16:48 +01:00
parent c57322e38d
commit 53bb0eb79d
14 changed files with 159 additions and 16 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
pkg/web/static/js/core.js
View File

@@ -60,7 +60,7 @@ function showBanEventToast(event) {
+ ' <i class="fas fa-shield-alt text-red-500"></i>'
+ ' </div>'
+ ' <div class="flex-1 min-w-0">'
+ ' <div class="font-semibold text-sm">New Block Detected</div>'
+ ' <div class="font-semibold text-sm">New block occurred</div>'
+ ' <div class="text-sm mt-1">'
+ ' <span class="font-mono font-semibold">' + escapeHtml(ip) + '</span>'
+ ' <span> banned in </span>'

26
pkg/web/static/js/settings.js
View File

@@ -48,6 +48,19 @@ function loadSettings() {
// Set callback URL and add auto-update listener for port changes
const callbackURLInput = document.getElementById('callbackURL');
callbackURLInput.value = data.callbackUrl || '';
const callbackSecretInput = document.getElementById('callbackSecret');
const toggleLink = document.getElementById('toggleCallbackSecretLink');
if (callbackSecretInput) {
callbackSecretInput.value = data.callbackSecret || '';
// Reset to password type when loading
if (callbackSecretInput.type === 'text') {
callbackSecretInput.type = 'password';
}
// Update link text
if (toggleLink) {
toggleLink.textContent = 'show secret';
}
}
// Auto-update callback URL when port changes (if using default localhost pattern)
function updateCallbackURLIfDefault() {
@@ -159,6 +172,7 @@ function saveSettings(event) {
debug: document.getElementById('debugMode').checked,
destemail: document.getElementById('destEmail').value.trim(),
callbackUrl: callbackUrl,
callbackSecret: document.getElementById('callbackSecret').value.trim(),
alertCountries: selectedCountries.length > 0 ? selectedCountries : ["ALL"],
bantimeIncrement: document.getElementById('bantimeIncrement').checked,
defaultJailEnable: document.getElementById('defaultJailEnable').checked,
@@ -428,3 +442,15 @@ if (advancedIntegrationSelect) {
advancedIntegrationSelect.addEventListener('change', updateAdvancedIntegrationFields);
}
// Toggle callback secret visibility
function toggleCallbackSecretVisibility() {
const input = document.getElementById('callbackSecret');
const link = document.getElementById('toggleCallbackSecretLink');
if (!input || !link) return;
const isPassword = input.type === 'password';
input.type = isPassword ? 'text' : 'password';
link.textContent = isPassword ? 'hide secret' : 'show secret';
}