fix: proxy endpoint uses require() not requireRole(); fix JS API routes

This commit is contained in:
2026-06-08 00:37:31 +00:00
parent 0ab3d8d584
commit e2e4fa7fbf
2 changed files with 89 additions and 81 deletions
+85 -77
View File
@@ -2,99 +2,107 @@
/** /**
* Proxy endpoint — manage Nginx reverse proxy * Proxy endpoint — manage Nginx reverse proxy
* Routes: * Routes:
* GET proxy/status — nginx status + mode * GET /api/proxy/status — nginx status
* POST proxy/install — install nginx * POST /api/proxy/install — install nginx
* POST proxy/control — {action: start|stop|restart|reload} * POST /api/proxy/control — {action: start|stop|restart|reload}
* GET proxy/hosts — list proxy hosts * GET /api/proxy/hosts — list proxy hosts
* POST proxy/hosts — add proxy host * POST /api/proxy/hosts — add proxy host
* PUT proxy/hosts/{id} — update proxy host * PUT /api/proxy/host — {id, ...fields} update host
* DELETE proxy/hosts/{id} delete proxy host * DELETE /api/proxy/host{id} delete host
* POST proxy/hosts/{id}/toggle — {enabled: bool} * POST /api/proxy/toggle — {id, enabled} toggle host
* POST proxy/sync — sync hosts from accounts * POST /api/proxy/sync — sync hosts from accounts
* POST proxy/write-configs — regenerate all nginx configs * POST /api/proxy/write-configs — regenerate all nginx configs
* GET proxy/setup-script — return bash install script * GET /api/proxy/setup-script — return bash install script
*/ */
Auth::getInstance()->requireRole('admin'); Auth::getInstance()->require('admin');
require_once PANEL_ROOT . '/lib/ProxyManager.php'; $body = json_decode(file_get_contents('php://input'), true) ?? [];
$method = $_SERVER['REQUEST_METHOD']; require_once NOVACPX_LIB . '/ProxyManager.php';
$parts = $routeParts ?? [];
$subpath = implode('/', array_slice($parts, 1));
// Numeric id extraction
preg_match('|hosts/(\d+)(/.+)?|', $subpath, $m);
$hostId = isset($m[1]) ? (int)$m[1] : null;
$hostSub = $m[2] ?? '';
try { try {
// GET proxy/status $method = $_SERVER['REQUEST_METHOD'];
if ($method === 'GET' && $subpath === 'status') {
json_ok(ProxyManager::status());
// POST proxy/install match (true) {
} elseif ($method === 'POST' && $subpath === 'install') {
$result = ProxyManager::install();
json_ok(['result' => $result]);
// POST proxy/control // GET status
} elseif ($method === 'POST' && $subpath === 'control') { $action === 'status' && $method === 'GET' =>
$action = $body['action'] ?? ''; Response::json(['success' => true, 'data' => ProxyManager::status()]),
if (!in_array($action, ['start','stop','restart','reload'])) json_error('Invalid action', 400);
$result = match($action) {
'start' => ProxyManager::start(),
'stop' => ProxyManager::stop(),
'restart' => ProxyManager::restart(),
'reload' => ProxyManager::reload(),
};
json_ok(['result' => $result, 'running' => ProxyManager::isRunning()]);
// GET proxy/hosts // POST install
} elseif ($method === 'GET' && $subpath === 'hosts') { $action === 'install' && $method === 'POST' =>
json_ok(ProxyManager::listHosts()); Response::json(['success' => true, 'data' => ['result' => ProxyManager::install()]]),
// POST proxy/hosts — add // POST control
} elseif ($method === 'POST' && $subpath === 'hosts') { $action === 'control' && $method === 'POST' => (function() use ($body) {
if (empty($body['domain'])) json_error('domain required', 400); $act = $body['action'] ?? '';
if (empty($body['upstream'])) json_error('upstream required', 400); if (!in_array($act, ['start','stop','restart','reload'])) Response::error('Invalid action', 400);
$id = ProxyManager::addHost($body); $result = match($act) {
json_ok(['id' => $id]); 'start' => ProxyManager::start(),
'stop' => ProxyManager::stop(),
'restart' => ProxyManager::restart(),
'reload' => ProxyManager::reload(),
};
Response::json(['success' => true, 'data' => ['result' => $result, 'running' => ProxyManager::isRunning()]]);
})(),
// PUT proxy/hosts/{id} // GET hosts list
} elseif ($method === 'PUT' && $hostId && !$hostSub) { $action === 'hosts' && $method === 'GET' =>
ProxyManager::updateHost($hostId, $body); Response::json(['success' => true, 'data' => ProxyManager::listHosts()]),
json_ok();
// DELETE proxy/hosts/{id} // POST hosts — add
} elseif ($method === 'DELETE' && $hostId && !$hostSub) { $action === 'hosts' && $method === 'POST' => (function() use ($body) {
ProxyManager::deleteHost($hostId); if (empty($body['domain'])) Response::error('domain required', 400);
json_ok(); if (empty($body['upstream'])) Response::error('upstream required', 400);
$id = ProxyManager::addHost($body);
Response::json(['success' => true, 'data' => ['id' => $id]]);
})(),
// POST proxy/hosts/{id}/toggle // PUT host — update (body has id)
} elseif ($method === 'POST' && $hostId && $hostSub === '/toggle') { $action === 'host' && $method === 'PUT' => (function() use ($body) {
ProxyManager::toggleHost($hostId, (bool)($body['enabled'] ?? true)); if (empty($body['id'])) Response::error('id required', 400);
json_ok(); ProxyManager::updateHost((int)$body['id'], $body);
Response::json(['success' => true]);
})(),
// POST proxy/sync // DELETE host (body has id)
} elseif ($method === 'POST' && $subpath === 'sync') { $action === 'host' && $method === 'DELETE' => (function() use ($body) {
$added = ProxyManager::syncFromAccounts(); $id = (int)($body['id'] ?? $_GET['id'] ?? 0);
json_ok(['added' => $added]); if (!$id) Response::error('id required', 400);
ProxyManager::deleteHost($id);
Response::json(['success' => true]);
})(),
// POST proxy/write-configs // POST toggle
} elseif ($method === 'POST' && $subpath === 'write-configs') { $action === 'toggle' && $method === 'POST' => (function() use ($body) {
ProxyManager::writeAllConfigs(); if (empty($body['id'])) Response::error('id required', 400);
json_ok(['result' => 'configs written']); ProxyManager::toggleHost((int)$body['id'], (bool)($body['enabled'] ?? true));
Response::json(['success' => true]);
})(),
// GET proxy/setup-script // POST sync
} elseif ($method === 'GET' && $subpath === 'setup-script') { $action === 'sync' && $method === 'POST' => (function() {
header('Content-Type: text/plain'); $added = ProxyManager::syncFromAccounts();
echo ProxyManager::setupScript(); Response::json(['success' => true, 'data' => ['added' => $added]]);
exit; })(),
// POST write-configs
($action === 'write-configs' || $action === 'write_configs') && $method === 'POST' => (function() {
ProxyManager::writeAllConfigs();
Response::json(['success' => true, 'data' => ['result' => 'configs written']]);
})(),
// GET setup-script
($action === 'setup-script' || $action === 'setup_script') && $method === 'GET' => (function() {
header('Content-Type: text/plain');
echo ProxyManager::setupScript();
exit;
})(),
default => Response::error('Not found', 404),
};
} else {
json_error('Not found', 404);
}
} catch (Throwable $e) { } catch (Throwable $e) {
novacpx_log('error', 'proxy endpoint: ' . $e->getMessage()); novacpx_log('error', 'proxy endpoint: ' . $e->getMessage());
json_error($e->getMessage(), 500); Response::error($e->getMessage(), 500);
} }
+4 -4
View File
@@ -2093,9 +2093,9 @@ window.proxyEditHost = async (id) => {
<textarea id="phe-custom" rows="6" class="form-control" style="font-family:monospace;font-size:0.78rem">${Nova.escHtml(h.custom_config || '')}</textarea> <textarea id="phe-custom" rows="6" class="form-control" style="font-family:monospace;font-size:0.78rem">${Nova.escHtml(h.custom_config || '')}</textarea>
<small class="text-muted">Leave blank to use auto-generated config</small></div> <small class="text-muted">Leave blank to use auto-generated config</small></div>
`, async () => { `, async () => {
const r = await Nova.api('proxy', `hosts/${id}`, { const r = await Nova.api('proxy', 'host', {
method: 'PUT', method: 'PUT',
body: { body: { id,
domain: document.getElementById('phe-domain')?.value?.trim(), domain: document.getElementById('phe-domain')?.value?.trim(),
upstream: document.getElementById('phe-upstream')?.value?.trim(), upstream: document.getElementById('phe-upstream')?.value?.trim(),
ssl_enabled: document.getElementById('phe-ssl')?.checked ? 1 : 0, ssl_enabled: document.getElementById('phe-ssl')?.checked ? 1 : 0,
@@ -2108,14 +2108,14 @@ window.proxyEditHost = async (id) => {
}; };
window.proxyToggle = async (id, enable) => { window.proxyToggle = async (id, enable) => {
const r = await Nova.api('proxy', `hosts/${id}/toggle`, { method: 'POST', body: { enabled: enable } }); const r = await Nova.api('proxy', 'toggle', { method: 'POST', body: { id, enabled: enable } });
Nova.toast(r?.success ? (enable ? 'Enabled' : 'Disabled') : 'Failed', r?.success ? 'success' : 'error'); Nova.toast(r?.success ? (enable ? 'Enabled' : 'Disabled') : 'Failed', r?.success ? 'success' : 'error');
if (r?.success) Nova.loadPage('nginx-proxy', window._novaPages); if (r?.success) Nova.loadPage('nginx-proxy', window._novaPages);
}; };
window.proxyDeleteHost = (id, domain) => { window.proxyDeleteHost = (id, domain) => {
Nova.confirm(`Delete proxy host for ${domain}?`, async () => { Nova.confirm(`Delete proxy host for ${domain}?`, async () => {
const r = await Nova.api('proxy', `hosts/${id}`, { method: 'DELETE' }); const r = await Nova.api('proxy', 'host', { method: 'DELETE', body: { id } });
Nova.toast(r?.success ? 'Deleted' : 'Failed', r?.success ? 'success' : 'error'); Nova.toast(r?.success ? 'Deleted' : 'Failed', r?.success ? 'success' : 'error');
if (r?.success) Nova.loadPage('nginx-proxy', window._novaPages); if (r?.success) Nova.loadPage('nginx-proxy', window._novaPages);
}, true); }, true);