GithubBackup/cloudflare_temp_email
1
0
Fork 0
mirror of https://github.com/dreamhunter2333/cloudflare_temp_email.git synced 2026-06-21 07:24:41 +08:00
Code Issues Packages Projects Releases Wiki Activity

feat: enhance webhook security with configurable allow list (#719)

Browse Source 
- Add enableAllowList flag to webhook settings for flexible access control
- Update frontend UI with toggle switch and improved user experience
- Maintain backward compatibility with default allow-all behavior
- Add input validation hints and better form controls across admin panels

🤖 Generated with [Claude Code](https://claude.ai/code)

Co-authored-by: Claude <noreply@anthropic.com>
This commit is contained in:
Dream Hunter
2025-09-05 17:24:30 +08:00
committed by GitHub
parent 3fbace871c
commit 37cf0776b5
12 changed files with 142 additions and 51 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
worker/src/admin_api/webhook_settings.ts
View File

@@ -4,7 +4,7 @@ import { AdminWebhookSettings } from "../models";
async function getWebhookSettings(c: Context<HonoCustomType>): Promise<Response> {
const settings = await c.env.KV.get<AdminWebhookSettings>(CONSTANTS.WEBHOOK_KV_SETTINGS_KEY, "json");
return c.json(settings || new AdminWebhookSettings([]));
return c.json(settings || new AdminWebhookSettings(false, []));
}
async function saveWebhookSettings(c: Context<HonoCustomType>): Promise<Response> {

2
worker/src/common.ts
View File

@@ -480,7 +480,7 @@ export async function triggerWebhook(
// user mail webhook
const adminSettings = await c.env.KV.get<AdminWebhookSettings>(CONSTANTS.WEBHOOK_KV_SETTINGS_KEY, "json");
if (adminSettings?.allowList.includes(address)) {
if (!adminSettings?.enableAllowList || adminSettings?.allowList.includes(address)) {
const settings = await c.env.KV.get<WebhookSettings>(
`${CONSTANTS.WEBHOOK_KV_USER_SETTINGS_KEY}:${address}`, "json"
);

4
worker/src/mails_api/webhook_settings.ts
View File

@@ -7,7 +7,7 @@ import { commonParseMail, sendWebhook } from "../common";
async function getWebhookSettings(c: Context<HonoCustomType>): Promise<Response> {
const { address } = c.get("jwtPayload")
const adminSettings = await c.env.KV.get<AdminWebhookSettings>(CONSTANTS.WEBHOOK_KV_SETTINGS_KEY, "json");
if (!adminSettings?.allowList.includes(address)) {
if (adminSettings?.enableAllowList && !adminSettings?.allowList.includes(address)) {
return c.text("Webhook settings is not allowed for this user", 403);
}
const settings = await c.env.KV.get<WebhookSettings>(
@@ -20,7 +20,7 @@ async function getWebhookSettings(c: Context<HonoCustomType>): Promise<Response>
async function saveWebhookSettings(c: Context<HonoCustomType>): Promise<Response> {
const { address } = c.get("jwtPayload")
const adminSettings = await c.env.KV.get<AdminWebhookSettings>(CONSTANTS.WEBHOOK_KV_SETTINGS_KEY, "json");
if (!adminSettings?.allowList.includes(address)) {
if (adminSettings?.enableAllowList && !adminSettings?.allowList.includes(address)) {
return c.text("Webhook settings is not allowed for this user", 403);
}
const settings = await c.req.json<WebhookSettings>();

4
worker/src/models/index.ts
View File

@@ -14,9 +14,11 @@ export type Passkey = {
};
export class AdminWebhookSettings {
enableAllowList: boolean;
allowList: string[];
constructor(allowList: string[]) {
constructor(enableAllowList: boolean, allowList: string[]) {
this.enableAllowList = enableAllowList;
this.allowList = allowList;
}
}