lukas.pupkalipinski/BanGUI
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat(security): add CSRF header constants and security-headers endpoint

Browse Source 
Move X-BanGUI-Request header name/value to backend/app/utils/constants.py as single source of truth. Add GET /api/v1/config/security-headers endpoint. Update csrf middleware, frontend api client, and docs to use shared constants.
This commit is contained in:
Lukas
2026-05-03 22:06:43 +02:00
parent cee3daffc1
commit dafe8d61e2
7 changed files with 109 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
backend/app/models/config.py
View File

@@ -884,3 +884,21 @@ class ServiceStatusResponse(BanGuiBaseModel):
total_failures: int = Field(default=0, ge=0, description="Aggregated current failure count across all jails.")
log_level: str = Field(default="UNKNOWN", description="Current fail2ban log level.")
log_target: str = Field(default="UNKNOWN", description="Current fail2ban log target.")
# ---------------------------------------------------------------------------
# Security headers
# ---------------------------------------------------------------------------
class SecurityHeadersResponse(BanGuiBaseModel):
"""Security-relevant header names and values used by the frontend."""
csrf_header_name: str = Field(
...,
description="Name of the custom header required for state-mutating requests.",
)
csrf_header_value: str = Field(
...,
description="Required value of the CSRF header to pass validation.",
)