Firepup650/bitbot-3.11-fork
2
0
Fork 0
Code Issues Pull requests Activity Actions

major security fix: adding api keys should be admin-only

Browse source
This commit is contained in:
jesopo 2019-10-18 15:17:04 +01:00
parent f7d34e16bb
commit 4391176c7f
1 changed files with 1 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
modules/rest_api.py
View file

@ -193,6 +193,7 @@ class Module(ModuleManager.BaseModule):
@utils.kwarg("usage", "add <alias> [endpoint [endpoint ...]]")
@utils.kwarg("usage", "remove <alias>")
@utils.kwarg("usage", "info <alias>")
@utils.kwarg("permission", "apikey")
def apikey(self, event):
subcommand = event["args_split"][0].lower()
alias = None