Prevent non-logged in user from accessing endpoint

Prevent non-logged in user from accessing endpoint https://hostname/ip:8090/base/getSystemStatus
2026-03-02 10:20:46 +01:00 · 2021-06-09 12:30:50 +06:00
parent 5ca3ba276c
commit 7f6b63a97f
1 changed files with 3 additions and 1 deletions
--- a/baseTemplate/views.py
+++ b/baseTemplate/views.py
@@ -66,6 +66,8 @@ def getAdminStatus(request):

 def getSystemStatus(request):
    try:
+        val = request.session['userID']
+        currentACL = ACLManager.loadedACL(val)
        HTTPData = SystemInformation.getSystemInformation()
        json_data = json.dumps(HTTPData)
        return HttpResponse(json_data)
@@ -195,4 +197,4 @@ def upgradeVersion(request):
        return HttpResponse("Version upgrade OK.")
    except BaseException as msg:
        logging.CyberCPLogFileWriter.writeToFile(str(msg))
-        return HttpResponse(str(msg))
+        return HttpResponse(str(msg))