- Encapsulate API routes into APIServer methods (api.go)
- Split large handleUserConnection into smaller methods (user.go)
Signed-off-by: Jianhui Zhao <zhaojh329@gmail.com>
- Move empty password check from httpLogin to httpAuth
- httpLogin now only validates actual password comparison
- httpAuth handles empty password as authentication bypass
- This ensures consistent authentication behavior across all endpoints
Previously, empty password would always return true in httpLogin,
now it's properly handled at the authentication middleware level.
Signed-off-by: Jianhui Zhao <zhaojh329@gmail.com>
- Forward all original HTTP headers plus custom rttys headers:
- X-Rttys-Hook: true
- X-Original-Method: original request method
- X-Original-URL: original request URL
- Hook must return HTTP 200 to allow API access.
This enables external services to validate and control user API access
by receiving the complete original request context through HTTP hooks.
Signed-off-by: Jianhui Zhao <zhaojh329@gmail.com>
To solve a major problem: when there are many devices connected,
the broker will blocked in processing messages.
By the way, I've rewritten and reorganized the entire code architecture,
improved performance.
Some new features has been added:
* support device grouping.
* support show device's IP address.
Change-Id: I250e18091be7fd42028c82767b6edef50b3f6d8f
Signed-off-by: Jianhui Zhao <zhaojh329@gmail.com>
* feat: Separate SSL configurations for device and web UI
* config: Add configuration template
for web UI SSL
* fix: parse bool
* fix: fix compatibility with old configuration files
* config: update template
Before, the download was started after all file data were sent from the device to the browser.
Now, the download starts when the file data begins to transfer.
Signed-off-by: Jianhui Zhao <zhaojh329@gmail.com>
