2023-03-28 22:04:56 +02:00
|
|
|
using AutheliaMultiDomainProxy.Backend;
|
|
|
|
|
using Microsoft.AspNetCore.Mvc;
|
|
|
|
|
|
|
|
|
|
namespace AutheliaMultiDomainProxy.Controllers;
|
|
|
|
|
|
|
|
|
|
[Controller]
|
|
|
|
|
[Route("/api/verify")]
|
|
|
|
|
public class VerifyController : Controller {
|
|
|
|
|
public string Get() {
|
2023-03-28 23:12:09 +02:00
|
|
|
// Check if we are on an allowed domain
|
2023-03-28 23:46:47 +02:00
|
|
|
if (!Vars.PermittedDomains.Any(p => Request.Host.Host.EndsWith($".{p}"))) {
|
2023-03-28 23:12:09 +02:00
|
|
|
Response.StatusCode = 421;
|
|
|
|
|
return "421 Misdirected Request";
|
|
|
|
|
}
|
|
|
|
|
|
2023-03-28 22:04:56 +02:00
|
|
|
var upstreamResponse = AuthHelpers.MakeUpstreamAutheliaRequest(Request.Headers, Request.Cookies[Vars.CookieName]);
|
|
|
|
|
|
|
|
|
|
foreach (var header in upstreamResponse.Headers) {
|
|
|
|
|
if (Vars.ResponseHeaders.Contains(header.Key, StringComparer.InvariantCultureIgnoreCase))
|
|
|
|
|
foreach (var s in header.Value)
|
|
|
|
|
Response.Headers.Add(header.Key, s);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
Response.StatusCode = (int)upstreamResponse.StatusCode;
|
|
|
|
|
return upstreamResponse.Content.ReadAsStringAsync().Result;
|
|
|
|
|
}
|
|
|
|
|
}
|
