From 1fa28ef9b70bb04d6c76eee9e9bc5be77005b4b0 Mon Sep 17 00:00:00 2001 From: Aravinth Manivannan Date: Sun, 11 Dec 2022 19:30:36 +0530 Subject: [PATCH] fix: use only one API key per conductor deployment --- config/config.toml | 8 ++++---- src/api/v1/webhook.rs | 2 +- src/settings.rs | 10 ++++------ 3 files changed, 9 insertions(+), 11 deletions(-) diff --git a/config/config.toml b/config/config.toml index 6a55023..f420ffb 100644 --- a/config/config.toml +++ b/config/config.toml @@ -1,10 +1,10 @@ debug = true source_code = "https://git.batsense.net/librepages/conductor" conductor = "dummy" -api_keys = [ - # CHANGE THIS!! - { username = "librepages_api", password="longrandomlygeneratedpassword"} -] + +[creds] +username = "librepages_api" +password="longrandomlygeneratedpassword" [server] # Please set a unique value, your mCaptcha instance's security depends on this being diff --git a/src/api/v1/webhook.rs b/src/api/v1/webhook.rs index 8240d96..384f3c8 100644 --- a/src/api/v1/webhook.rs +++ b/src/api/v1/webhook.rs @@ -72,7 +72,7 @@ pub mod tests { ) .await; - let creds = settings.api_keys.get(0).unwrap().clone(); + let creds = settings.creds.clone(); let auth = format!( "Basic {}", base64::encode(format!("{}:{}", creds.username.clone(), creds.password)) diff --git a/src/settings.rs b/src/settings.rs index 4686acc..b3cdd01 100644 --- a/src/settings.rs +++ b/src/settings.rs @@ -61,7 +61,7 @@ pub struct Creds { #[derive(Debug, Clone, Deserialize)] pub struct Settings { pub debug: bool, - pub api_keys: Vec, + pub creds: Creds, pub server: Server, pub source_code: Url, pub conductor: ConductorType, @@ -70,9 +70,7 @@ pub struct Settings { #[cfg(not(tarpaulin_include))] impl Settings { pub fn authenticate(&self, username: &str, password: &str) -> bool { - self.api_keys - .iter() - .any(|c| c.username == username && c.password == password) + self.creds.username == username && self.creds.password == password } pub fn new() -> Result { @@ -150,14 +148,14 @@ mod tests { #[test] fn creds_works() { let settings = Settings::new().unwrap(); - let mut creds = settings.api_keys.get(0).unwrap().clone(); + let mut creds = settings.creds.clone(); assert!(settings.authenticate(&creds.username, &creds.password)); creds.username = "noexist".into(); assert!(!settings.authenticate(&creds.username, &creds.password)); - let mut creds = settings.api_keys.get(0).unwrap().clone(); + let mut creds = settings.creds.clone(); creds.password = "noexist".into(); assert!(!settings.authenticate(&creds.username, &creds.password));