v2.8.4

minor changes
bug fix
2025-10-26 10:04:41 +00:00 · 2025-09-24 11:47:43 +02:00 · 2025-09-24 11:47:14 +02:00 · 2025-09-24 11:44:02 +02:00 · 2025-09-24 11:29:55 +02:00
7 changed files with 23 additions and 13 deletions
--- a/config/version
+++ b/config/version
@ -1 +1 @@
-2.8.3
+2.8.4
--- a/go.mod
+++ b/go.mod
@ -95,7 +95,7 @@ require (
 	golang.org/x/tools v0.37.0 // indirect
 	golang.zx2c4.com/wintun v0.0.0-20230126152724-0fa3db229ce2 // indirect
 	golang.zx2c4.com/wireguard v0.0.0-20250521234502-f333402bd9cb // indirect
-	google.golang.org/genproto/googleapis/rpc v0.0.0-20250908214217-97024824d090 // indirect
+	google.golang.org/genproto/googleapis/rpc v0.0.0-20250922171735-9219d122eba9 // indirect
 	google.golang.org/protobuf v1.36.9 // indirect
 	gvisor.dev/gvisor v0.0.0-20250503011706-39ed1f5ac29c // indirect
 	lukechampine.com/blake3 v1.4.1 // indirect
--- a/go.sum
+++ b/go.sum
@ -236,6 +236,8 @@ gonum.org/v1/gonum v0.16.0 h1:5+ul4Swaf3ESvrOnidPp4GZbzf0mxVQpDCYUQE7OJfk=
 gonum.org/v1/gonum v0.16.0/go.mod h1:fef3am4MQ93R2HHpKnLk4/Tbh/s0+wqD5nfa6Pnwy4E=
 google.golang.org/genproto/googleapis/rpc v0.0.0-20250908214217-97024824d090 h1:/OQuEa4YWtDt7uQWHd3q3sUMb+QOLQUg1xa8CEsRv5w=
 google.golang.org/genproto/googleapis/rpc v0.0.0-20250908214217-97024824d090/go.mod h1:GmFNa4BdJZ2a8G+wCe9Bg3wwThLrJun751XstdJt5Og=
 google.golang.org/genproto/googleapis/rpc v0.0.0-20250922171735-9219d122eba9 h1:V1jCN2HBa8sySkR5vLcCSqJSTMv093Rw9EJefhQGP7M=
 google.golang.org/genproto/googleapis/rpc v0.0.0-20250922171735-9219d122eba9/go.mod h1:HSkG/KdJWusxU1F6CNrwNDjBMgisKxGnc5dAZfT0mjQ=
 google.golang.org/grpc v1.75.1 h1:/ODCNEuf9VghjgO3rqLcfg8fiOP0nSluljWFlDxELLI=
 google.golang.org/grpc v1.75.1/go.mod h1:JtPAzKiq4v1xcAB2hydNlWI2RnF85XXcV0mhKXr2ecQ=
 google.golang.org/protobuf v1.36.9 h1:w2gp2mA27hUeUzj9Ex9FBjsBm40zfaDtEWow293U7Iw=
--- a/web/controller/api.go
+++ b/web/controller/api.go
@ -1,7 +1,10 @@
 package controller
 import (
 	"net/http"
 	"github.com/mhsanaei/3x-ui/v2/web/service"
 	"github.com/mhsanaei/3x-ui/v2/web/session"
 	"github.com/gin-gonic/gin"
 )
@ -21,11 +24,21 @@ func NewAPIController(g *gin.RouterGroup) *APIController {
 	return a
 }
 // checkAPIAuth is a middleware that returns 404 for unauthenticated API requests
 // to hide the existence of API endpoints from unauthorized users
 func (a *APIController) checkAPIAuth(c *gin.Context) {
 	if !session.IsLogin(c) {
 		c.AbortWithStatus(http.StatusNotFound)
 		return
 	}
 	c.Next()
 }
 // initRouter sets up the API routes for inbounds, server, and other endpoints.
 func (a *APIController) initRouter(g *gin.RouterGroup) {
 	// Main API group
 	api := g.Group("/panel/api")
-	api.Use(a.checkLogin)
+	api.Use(a.checkAPIAuth)
 	// Inbounds API
 	inbounds := api.Group("/inbounds")
--- a/web/controller/index.go
+++ b/web/controller/index.go
@ -39,8 +39,9 @@ func NewIndexController(g *gin.RouterGroup) *IndexController {
 // initRouter sets up the routes for index, login, logout, and two-factor authentication.
 func (a *IndexController) initRouter(g *gin.RouterGroup) {
 	g.GET("/", a.index)
 	g.POST("/login", a.login)
 	g.GET("/logout", a.logout)
 	g.POST("/login", a.login)
 	g.POST("/getTwoFactorEnable", a.getTwoFactorEnable)
 }
--- a/web/controller/xui.go
+++ b/web/controller/xui.go
@ -8,8 +8,6 @@ import (
 type XUIController struct {
 	BaseController
 	inboundController     *InboundController
 	serverController      *ServerController
 	settingController     *SettingController
 	xraySettingController *XraySettingController
 }
@ -31,8 +29,6 @@ func (a *XUIController) initRouter(g *gin.RouterGroup) {
 	g.GET("/settings", a.settings)
 	g.GET("/xray", a.xraySettings)
 	a.inboundController = NewInboundController(g)
 	a.serverController = NewServerController(g)
 	a.settingController = NewSettingController(g)
 	a.xraySettingController = NewXraySettingController(g)
 }
--- a/web/web.go
+++ b/web/web.go
@ -95,10 +95,9 @@ type Server struct {
 	httpServer *http.Server
 	listener   net.Listener
-	index  *controller.IndexController
+	index *controller.IndexController
-	server *controller.ServerController
+	panel *controller.XUIController
-	panel  *controller.XUIController
+	api   *controller.APIController
 	api    *controller.APIController
 	xrayService    service.XrayService
 	settingService service.SettingService
@ -264,7 +263,6 @@ func (s *Server) initRouter() (*gin.Engine, error) {
 	g := engine.Group(basePath)
 	s.index = controller.NewIndexController(g)
 	s.server = controller.NewServerController(g)
 	s.panel = controller.NewXUIController(g)
 	s.api = controller.NewAPIController(g)
Author	SHA1	Message	Date
mhsanaei	104526aab2	v2.8.4 Some checks are pending Release 3X-UI / build (386) (push) Waiting to run Details Release 3X-UI / build (amd64) (push) Waiting to run Details Release 3X-UI / build (arm64) (push) Waiting to run Details Release 3X-UI / build (armv5) (push) Waiting to run Details Release 3X-UI / build (armv6) (push) Waiting to run Details Release 3X-UI / build (armv7) (push) Waiting to run Details Release 3X-UI / build (s390x) (push) Waiting to run Details Release 3X-UI / Build for Windows (push) Waiting to run Details	2025-09-24 11:47:43 +02:00
mhsanaei	a0c07241c0	minor changes	2025-09-24 11:47:14 +02:00
mhsanaei	adf3242602	bug fix	2025-09-24 11:44:02 +02:00
mhsanaei	3f62592e4b	API improve security: returns 404 for unauthenticated API requests	2025-09-24 11:29:55 +02:00