Remove authentication from version info resource

Add new line at end of server_config.json
2019-04-23 11:54:51 +03:00 · 2019-04-23 11:54:51 +03:00 · 8523075494
parent d486471fb2
commit 8523075494
3 changed files with 5 additions and 5 deletions
--- a/monkey/monkey_island/cc/resources/version_update.py
+++ b/monkey/monkey_island/cc/resources/version_update.py
@ -14,7 +14,8 @@ class VersionUpdate(flask_restful.Resource):
    def __init__(self):
        super(VersionUpdate, self).__init__()

-    @jwt_required()
+    # We don't secure this since it doesn't give out any private info and we want UI to know version
+    # even when not authenticated
    def get(self):
        return {
            'current_version': env.get_version(),
--- a/monkey/monkey_island/cc/server_config.json
+++ b/monkey/monkey_island/cc/server_config.json
@ -2,4 +2,4 @@
  "server_config": "standard",
  "deployment": "develop",
  "monkey_version": "1.6.2"
-}
+}
--- a/monkey/monkey_island/cc/ui/src/components/side-menu/VersionComponent.js
+++ b/monkey/monkey_island/cc/ui/src/components/side-menu/VersionComponent.js
@ -1,8 +1,7 @@
 import React from 'react';
-import AuthComponent from "../AuthComponent";
 import {Icon} from 'react-fa';

-class VersionComponent extends AuthComponent {
+class VersionComponent extends React.Component {
  constructor(props) {
    super(props);
    this.state = {
@ -13,7 +12,7 @@ class VersionComponent extends AuthComponent {
  }

  componentDidMount() {
-    this.authFetch('/api/version-update')
+    this.fetch('/api/version-update') // This is not authenticated on purpose
      .then(res => res.json())
      .then(res => {
        this.setState({