Origin for api-tokens

2025-12-08 20:48:48 +00:00 · 2018-03-16 10:28:10 +01:00
parent 6ea96c769a
commit dbba54c7ad
7 changed files with 68 additions and 37 deletions
--- a/server/public/assets/js/functions.js
+++ b/server/public/assets/js/functions.js
@@ -168,6 +168,7 @@ function get_list_ajax() {
        type: "POST",
        data: {
            userpass: "",
+            token: zoff_api_token,
        },
        url: "/api/list/" + chan.toLowerCase(),
        success: function(response) {
@@ -242,7 +243,8 @@ function get_np_ajax() {
        type: "POST",
        data: {
            userpass: "",
-            fetch_song: true
+            fetch_song: true,
+            token: zoff_api_token
        },
        url: "/api/list/" + chan.toLowerCase() + "/__np__",
        success: function(response) {
@@ -269,7 +271,8 @@ function del_ajax(id) {
        type: "DELETE",
        data: {
            adminpass: "",
-            userpass: ""
+            userpass: "",
+            token: zoff_api_token
        },
        url: "/api/list/" + chan.toLowerCase() + "/" + id,
        success: function(response) {
@@ -301,6 +304,7 @@ function add_ajax(id, title, duration, playlist, num, full_num, start, end) {
            duration: duration,
            end_time: end,
            start_time: start,
+            token: zoff_api_token
        },
        url: "/api/list/" + chan.toLowerCase() + "/" + id,
        success: function(response) {
@@ -327,7 +331,8 @@ function vote_ajax(id) {
        type: "PUT",
        data: {
            adminpass: "",
-            userpass: ""
+            userpass: "",
+            token: zoff_api_token
        },
        url: "/api/list/" + chan.toLowerCase() + "/" + id,
        success: function(response) {
--- a/server/public/assets/js/listeners.js
+++ b/server/public/assets/js/listeners.js
@@ -29,6 +29,7 @@ var showDiscovery						= false;
 var player_ready 	   	  		= false;
 var viewers 			  		= 1;
 var temp_user_pass 				= "";
+var zoff_api_token = "AhmC4Yg2BhaWPZBXeoWK96DAiAVfbou8TUG2IXtD3ZQ=";
 var retry_frontpage;
 var chromecast_specs_sent = false;
 var dragging 					= false;
--- a/server/public/assets/js/token_apply.js
+++ b/server/public/assets/js/token_apply.js
@@ -16,6 +16,8 @@ $(document).ready(function() {
    $(".token-form").on("submit", function(e) {
        e.preventDefault();
        var email = $("#email_address").val();
+        var origin = $("#origin").val();
+        $("#origin").attr("readonly", true);
        $("#email_address").attr("readonly", true);
        $(".submit").toggleClass("disabled");
        $(".full-form-token").removeClass("hide");
@@ -24,6 +26,7 @@ $(document).ready(function() {
            type: "POST",
            url: "/api/apply",
            data: {
+                origin: origin,
                email: email,
                "g-recaptcha-response": captcha_response,
            },
@@ -34,6 +37,7 @@ $(document).ready(function() {
                } else {
                    $("#email_address").attr("readonly", false);
                    $(".submit").toggleClass("disabled");
+                    $("#origin").attr("readonly", false);
                    grecaptcha.reset();
                    Materialize.toast("Something went wrong. Sure that email hasn't been used for another token?", 3000, "red lighten");
                }