From 9f527a4cb11705eda75764b59332b3babf4019ce Mon Sep 17 00:00:00 2001
From: Stephan Yelle <syelle@noreply.localhost>
Date: Sat, 20 Dec 2025 12:45:24 -0500
Subject: [PATCH] Update samy.ps1

---
 samy.ps1 | 22 +++++++++++++++++++---
 1 file changed, 19 insertions(+), 3 deletions(-)

diff --git a/samy.ps1 b/samy.ps1
index a98b4af..c6b8892 100644
--- a/samy.ps1
+++ b/samy.ps1
@@ -1826,13 +1826,29 @@ function Invoke-GetPrinters {
             return
         }
 
-        $password = $body.password
-        if (-not $password) {
+        # Read JSON body: { "password": "..." }
+        $rawBody = (New-Object IO.StreamReader $Context.Request.InputStream).ReadToEnd()
+        if (-not $rawBody) {
             $Context.Response.StatusCode = 400
-            Send-Text $Context 'Password is required.'
+            Send-Text $Context 'Missing request body.'
             return
         }
 
+        try {
+            $body = $rawBody | ConvertFrom-Json
+        } catch {
+            $Context.Response.StatusCode = 400
+            Send-Text $Context 'Invalid JSON body.'
+            return
+        }
+
+        # Allow blank password (IP allowlist handled server-side)
+        $password = [string]$body.password   # $null -> ''
+        if ($password -eq '') {
+            Write-LogHybrid "Printer password is blank; relying on allowlisted IP (server-side)." Info Printers -LogToEvent
+        }
+
+
         $uri = 'https://bananas.svstools.ca/getprinters'
         Write-LogHybrid "Fetching printers from $uri" Info Printers -LogToEvent