gui, lib/api: Use effective listen address for no auth warning

This adds a field `guiAddressUsed` to the system status response, that holds the current listening address actually in use. This may be different from the one stored in the config because it may have been overridden by environment or command line flag. The GUI now checks this field to see if we are listening on localhost. If we are not, the authentication required warning is displayed, regardless of the *configured* listening address.
2024-11-08 22:31:04 +00:00 · 2019-09-20 15:22:24 +01:00 · 2019-09-20 15:22:24 +01:00 · db0ba2555a
commit db0ba2555a
parent 1398fbb681
2 changed files with 24 additions and 9 deletions
--- a/gui/default/syncthing/core/syncthingController.js
+++ b/gui/default/syncthing/core/syncthingController.js
@ -386,15 +386,7 @@ angular.module('syncthing.core')
                });
            });

-            // If we're not listening on localhost, and there is no
-            // authentication configured, and the magic setting to silence the
-            // warning isn't set, then yell at the user.
-            var guiCfg = $scope.config.gui;
-            $scope.openNoAuth = guiCfg.address.substr(0, 4) !== "127."
-                && guiCfg.address.substr(0, 6) !== "[::1]:"
-                && (!guiCfg.user || !guiCfg.password)
-                && guiCfg.authMode !== 'ldap'
-                && !guiCfg.insecureAdminAccess;
+            refreshNoAuthWarning();

            if (!hasConfig) {
                $scope.$emit('ConfigLoaded');
@ -427,10 +419,32 @@ angular.module('syncthing.core')
                    }
                }
                $scope.discoveryFailed = discoveryFailed;
+
+                refreshNoAuthWarning();
+
                console.log("refreshSystem", data);
            }).error($scope.emitHTTPError);
        }

+        function refreshNoAuthWarning() {
+            if (!$scope.system || !$scope.config) {
+                // We need both to be able to determine the state.
+                return
+            }
+
+            // If we're not listening on localhost, and there is no
+            // authentication configured, and the magic setting to silence the
+            // warning isn't set, then yell at the user.
+            var addr = $scope.system.guiAddressUsed;
+            var guiCfg = $scope.config.gui;
+            $scope.openNoAuth = addr.substr(0, 4) !== "127."
+                && addr.substr(0, 6) !== "[::1]:"
+                && (!guiCfg.user || !guiCfg.password)
+                && guiCfg.authMode !== 'ldap'
+                && !guiCfg.insecureAdminAccess;
+        }
+
+
        function refreshDiscoveryCache() {
            $http.get(urlbase + '/system/discovery').success(function (data) {
                for (var device in data) {
--- a/lib/api/api.go
+++ b/lib/api/api.go
@ -913,6 +913,7 @@ func (s *service) getSystemStatus(w http.ResponseWriter, r *http.Request) {
 	res["uptime"] = s.urService.UptimeS()
 	res["startTime"] = ur.StartTime
 	res["guiAddressOverridden"] = s.cfg.GUI().IsOverridden()
+	res["guiAddressUsed"] = s.cfg.GUI().Address()

 	sendJSON(w, res)
 }