mleku @mleku - 4h
#realy v1.2.19 now has HTTP Basic Authentication on the admin listener, and a simple setting for admin username and password, and uses standard procedure of comparing hashes and use of a constant time comparison function to prevent side channel attacks i probably will later on make a default web page to see when you request on the websocket using http like for a browser, but for now it will just give you a 404 because the handler isn't written for the `/` path #devstr #relay #progressreport
ahaha oops it looks like it's not handling websockets properly anymore... ok, time to fix that
ok, no, i think i have bypassed the "servemux" though, but that had nothing on it before, if it fell through there before it returned 404... maybe i just need to add a clause to return a 404 for unrecognised path
anyhow, found it... v1.2.20 now is the tag, it just was falling through to the web handler even if it was being served by the websocket handler... easy fixed, just add some return statements after the nip-11 and normal nostr json websocket handling i think it was making the client cranky, but anyway, fixed, the prior logic was all gated in if/elseif/elseif/else and i removed the last default clause without adding returns to terminate the first two conditions (was removing the distinction between admin port and regular http service, which is now the one thing (yes, has a bad name, will change later)
