oss/miniflux-v2
oss/miniflux-v2
1
0
Fork 0
mirror of https://github.com/miniflux/v2.git synced 2025-09-15 18:57:04 +00:00
Code Wiki Activity

feat(api): add a preference to disable the API

Browse source
This commit is contained in:
jvoisin 2025-08-18 21:49:29 +02:00
parent 60cd7ffe88
commit 47f3ebed1d
7 changed files with 27 additions and 5 deletions
Download patch file Download diff file Expand all files Collapse all files

8
internal/config/options.go
View file

@ -90,6 +90,7 @@ const (
defaultWatchdog = true defaultWatchdog = true
defaultInvidiousInstance = "yewtu.be" defaultInvidiousInstance = "yewtu.be"
defaultWebAuthn = false defaultWebAuthn = false
defaultDisableAPI = false
) )
var defaultHTTPClientUserAgent = "Mozilla/5.0 (compatible; Miniflux/" + version.Version + "; +https://miniflux.app)" var defaultHTTPClientUserAgent = "Mozilla/5.0 (compatible; Miniflux/" + version.Version + "; +https://miniflux.app)"
@ -184,6 +185,7 @@ type options struct {
invidiousInstance string invidiousInstance string
mediaProxyPrivateKey []byte mediaProxyPrivateKey []byte
webAuthn bool webAuthn bool
API bool
} }
// NewOptions returns Options with default values. // NewOptions returns Options with default values.
@ -264,6 +266,7 @@ func NewOptions() *options {
invidiousInstance: defaultInvidiousInstance, invidiousInstance: defaultInvidiousInstance,
mediaProxyPrivateKey: crypto.GenerateRandomBytes(16), mediaProxyPrivateKey: crypto.GenerateRandomBytes(16),
webAuthn: defaultWebAuthn, webAuthn: defaultWebAuthn,
API: !defaultDisableAPI,
} }
} }
@ -677,6 +680,11 @@ func (o *options) WebAuthn() bool {
return o.webAuthn return o.webAuthn
} }
// EnableAPI returns true if API is enabled
func (o *options) EnableAPI() bool {
return o.API
}
// FilterEntryMaxAgeDays returns the number of days after which entries should be retained. // FilterEntryMaxAgeDays returns the number of days after which entries should be retained.
func (o *options) FilterEntryMaxAgeDays() int { func (o *options) FilterEntryMaxAgeDays() int {
return o.filterEntryMaxAgeDays return o.filterEntryMaxAgeDays

2
internal/config/parser.go
View file

@ -260,6 +260,8 @@ func (p *parser) parseLines(lines []string) (err error) {
p.opts.invidiousInstance = parseString(value, defaultInvidiousInstance) p.opts.invidiousInstance = parseString(value, defaultInvidiousInstance)
case "WEBAUTHN": case "WEBAUTHN":
p.opts.webAuthn = parseBool(value, defaultWebAuthn) p.opts.webAuthn = parseBool(value, defaultWebAuthn)
case "DISABLE_API":
p.opts.API = !parseBool(value, defaultDisableAPI)
} }
} }

4
internal/http/server/httpd.go
View file

@ -243,7 +243,9 @@ func setupHandler(store *storage.Storage, pool *worker.Pool) *mux.Router {
fever.Serve(subrouter, store) fever.Serve(subrouter, store)
googlereader.Serve(subrouter, store) googlereader.Serve(subrouter, store)
api.Serve(subrouter, store, pool) if config.Opts.EnableAPI() {
api.Serve(subrouter, store, pool)
}
ui.Serve(subrouter, store, pool) ui.Serve(subrouter, store, pool)
subrouter.HandleFunc("/healthcheck", readinessProbe).Name("healthcheck") subrouter.HandleFunc("/healthcheck", readinessProbe).Name("healthcheck")

2
internal/template/templates/common/settings_menu.html
View file

@ -7,9 +7,11 @@
<li> <li>
<a href="{{ route "integrations" }}">{{ icon "third-party-services" }}{{ t "menu.integrations" }}</a> <a href="{{ route "integrations" }}">{{ icon "third-party-services" }}{{ t "menu.integrations" }}</a>
</li> </li>
{{ if .apiEnabled }}
<li> <li>
<a href="{{ route "apiKeys" }}">{{ icon "api" }}{{ t "menu.api_keys" }}</a> <a href="{{ route "apiKeys" }}">{{ icon "api" }}{{ t "menu.api_keys" }}</a>
</li> </li>
{{ end }}
<li> <li>
<a href="{{ route "sessions" }}">{{ icon "sessions" }}{{ t "menu.sessions" }}</a> <a href="{{ route "sessions" }}">{{ icon "sessions" }}{{ t "menu.sessions" }}</a>
</li> </li>

10
internal/ui/ui.go
View file

@ -132,10 +132,12 @@ func Serve(router *mux.Router, store *storage.Storage, pool *worker.Pool) {
uiRouter.HandleFunc("/sessions/{sessionID}/remove", handler.removeSession).Name("removeSession").Methods(http.MethodPost) uiRouter.HandleFunc("/sessions/{sessionID}/remove", handler.removeSession).Name("removeSession").Methods(http.MethodPost)
// API Keys pages. // API Keys pages.
uiRouter.HandleFunc("/keys", handler.showAPIKeysPage).Name("apiKeys").Methods(http.MethodGet) if config.Opts.EnableAPI() {
uiRouter.HandleFunc("/keys/{keyID}/delete", handler.deleteAPIKey).Name("deleteAPIKey").Methods(http.MethodPost) uiRouter.HandleFunc("/keys", handler.showAPIKeysPage).Name("apiKeys").Methods(http.MethodGet)
uiRouter.HandleFunc("/keys/create", handler.showCreateAPIKeyPage).Name("createAPIKey").Methods(http.MethodGet) uiRouter.HandleFunc("/keys/{keyID}/delete", handler.deleteAPIKey).Name("deleteAPIKey").Methods(http.MethodPost)
uiRouter.HandleFunc("/keys/save", handler.saveAPIKey).Name("saveAPIKey").Methods(http.MethodPost) uiRouter.HandleFunc("/keys/create", handler.showCreateAPIKeyPage).Name("createAPIKey").Methods(http.MethodGet)
uiRouter.HandleFunc("/keys/save", handler.saveAPIKey).Name("saveAPIKey").Methods(http.MethodPost)
}
// OPML pages. // OPML pages.
uiRouter.HandleFunc("/export", handler.exportFeeds).Name("export").Methods(http.MethodGet) uiRouter.HandleFunc("/export", handler.exportFeeds).Name("export").Methods(http.MethodGet)

1
internal/ui/view/view.go
View file

@ -45,5 +45,6 @@ func New(tpl *template.Engine, r *http.Request, sess *session.Session) *view {
"app_js_checksum": static.JavascriptBundles["app"].Checksum, "app_js_checksum": static.JavascriptBundles["app"].Checksum,
"sw_js_checksum": static.JavascriptBundles["service-worker"].Checksum, "sw_js_checksum": static.JavascriptBundles["service-worker"].Checksum,
"webAuthnEnabled": config.Opts.WebAuthn(), "webAuthnEnabled": config.Opts.WebAuthn(),
"apiEnabled": config.Opts.EnableAPI(),
}} }}
} }

5
miniflux.1
View file

@ -235,6 +235,11 @@ Path to a secret key exposed as a file, it should contain $DATABASE_URL value\&.
.br .br
Default is empty\&. Default is empty\&.
.TP .TP
.B API
Enable or disable miniflux' API\&.
.br
Default is enabled\&.
.TP
.B DISABLE_HSTS .B DISABLE_HSTS
Disable HTTP Strict Transport Security header if \fBHTTPS\fR is set\&. Disable HTTP Strict Transport Security header if \fBHTTPS\fR is set\&.
.br .br