mirror of
https://github.com/Dokploy/dokploy
synced 2025-06-26 18:27:59 +00:00
refactor(cloud): validate all the routes to prevent get access from private resource
This commit is contained in:
@@ -14,6 +14,7 @@ import { eq } from "drizzle-orm";
|
||||
import encode from "hi-base32";
|
||||
import { TOTP } from "otpauth";
|
||||
import QRCode from "qrcode";
|
||||
import { IS_CLOUD } from "../constants";
|
||||
|
||||
export type Auth = typeof auth.$inferSelect;
|
||||
|
||||
@@ -37,13 +38,15 @@ export const createAdmin = async (input: typeof apiCreateAdmin._type) => {
|
||||
});
|
||||
}
|
||||
|
||||
await tx
|
||||
.insert(admins)
|
||||
.values({
|
||||
authId: newAuth.id,
|
||||
serverIp: await getPublicIpWithFallback(),
|
||||
})
|
||||
.returning();
|
||||
if (!IS_CLOUD) {
|
||||
await tx
|
||||
.insert(admins)
|
||||
.values({
|
||||
authId: newAuth.id,
|
||||
serverIp: await getPublicIpWithFallback(),
|
||||
})
|
||||
.returning();
|
||||
}
|
||||
|
||||
return newAuth;
|
||||
});
|
||||
|
||||
Reference in New Issue
Block a user