Salastil/odysseus
1
0
Fork 0
mirror of https://github.com/pewdiepie-archdaemon/odysseus.git synced 2026-06-17 10:15:27 -04:00
Code Issues Packages Projects Releases Wiki Activity

Warn when localhost auth bypass is enabled

Browse Source
This commit is contained in:
Strahil Peykov
2026-06-01 16:08:01 +02:00
committed by GitHub
parent 74dedcad37
commit 370fe6b501
1 changed files with 2 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
app.py
+2
View File
@@ -134,6 +134,8 @@ auth_manager = AuthManager()
app.state.auth_manager = auth_manager app.state.auth_manager = auth_manager
AUTH_ENABLED = os.getenv("AUTH_ENABLED", "true").lower() != "false" AUTH_ENABLED = os.getenv("AUTH_ENABLED", "true").lower() != "false"
LOCALHOST_BYPASS = os.getenv("LOCALHOST_BYPASS", "false").lower() == "true" LOCALHOST_BYPASS = os.getenv("LOCALHOST_BYPASS", "false").lower() == "true"
if LOCALHOST_BYPASS:
logger.warning("LOCALHOST_BYPASS is enabled, loopback requests bypass authentication. Do not expose this instance to a network.")
if AUTH_ENABLED: if AUTH_ENABLED:
AUTH_EXEMPT_EXACT = { AUTH_EXEMPT_EXACT = {