Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Extend public access roles for three API end-points #1487

Merged
merged 4 commits into from
Mar 3, 2025
Merged

Extend public access roles for three API end-points #1487

merged 4 commits into from
Mar 3, 2025

Conversation

melroy89
Copy link
Member

@melroy89 melroy89 commented Mar 3, 2025
edited
Loading

When the server is in "Force users to login before they can access any content" mode, still allow the following 3 API end-points to be accessible for requests. Which is also used for: https://joinmbin.org/servers

  • /api/info
  • /api/instance
  • /api/defederate

@melroy89 melroy89 added bug Something isn't working backend Backend related issues and pull requests labels Mar 3, 2025
@melroy89 melroy89 added this to the v1.8.1 milestone Mar 3, 2025
@melroy89 melroy89 requested a review from BentiGorlich March 3, 2025 11:41
BentiGorlich
BentiGorlich requested changes Mar 3, 2025
View reviewed changes
BentiGorlich
BentiGorlich previously approved these changes Mar 3, 2025
View reviewed changes
@BentiGorlich
Copy link
Member

maybe also add the federated and dead routes?

@melroy89
Copy link
Member Author

melroy89 commented Mar 3, 2025

maybe also add the federated and dead routes?

yes I think so as well.

@melroy89
Copy link
Member Author

melroy89 commented Mar 3, 2025

Your review is now auto dismissed 😢

@melroy89 melroy89 enabled auto-merge (squash) March 3, 2025 13:14
@melroy89 melroy89 merged commit cf8cce5 into main Mar 3, 2025
7 checks passed
@melroy89 melroy89 deleted the fix_api_endpoints_public_access branch March 3, 2025 13:18
@jwr1
Copy link
Member

jwr1 commented Mar 3, 2025

So, then should we make the corresponding web pages public as well? Like the about, privacy policy, faq, terms, federation page, etc.

@melroy89
Copy link
Member Author

melroy89 commented Mar 3, 2025
edited
Loading

So, then should we make the corresponding web pages public as well? Like the about, privacy policy, faq, terms, federation page, etc.

Some of these makes sense yes. Especially about, privacy policy, and terms.

@jwr1
Copy link
Member

jwr1 commented Mar 3, 2025

Well, all the ones I listed are now public through the API, right? So, the corresponding web pages should be made public as well.

@melroy89
Copy link
Member Author

melroy89 commented Mar 3, 2025

Well, all the ones I listed are now public through the API, right? So, the corresponding web pages should be made public as well.

Yes, only as long as there is a Twig caching in place for these pages. So the impact on the server-side should be minimal.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@BentiGorlich BentiGorlich BentiGorlich approved these changes

Assignees
No one assigned
Labels
backend Backend related issues and pull requests bug Something isn't working
Projects
None yet
Milestone
v1.8.1
Development

Successfully merging this pull request may close these issues.
3 participants
@melroy89 @BentiGorlich @jwr1