LibrePages/conductor
4
0
Fork 0
Code Issues 4 Pull requests 4 Projects Releases Packages Wiki Activity

fix: use only one API key per conductor deployment
All checks were successful
ci/woodpecker/push/woodpecker Pipeline was successful
Details

Browse source
This commit is contained in:
Aravinth Manivannan 2022-12-11 19:30:36 +05:30
parent a4f4903120
commit 1fa28ef9b7
Signed by: realaravinth
GPG key ID: AD9F0F08E855ED88
3 changed files with 9 additions and 11 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
config/config.toml
View file

@ -1,10 +1,10 @@
debug = true debug = true
source_code = "https://git.batsense.net/librepages/conductor" source_code = "https://git.batsense.net/librepages/conductor"
conductor = "dummy" conductor = "dummy"
api_keys = [
# CHANGE THIS!! [creds]
{ username = "librepages_api", password="longrandomlygeneratedpassword"} username = "librepages_api"
] password="longrandomlygeneratedpassword"
[server] [server]
# Please set a unique value, your mCaptcha instance's security depends on this being # Please set a unique value, your mCaptcha instance's security depends on this being

2
src/api/v1/webhook.rs
View file

@ -72,7 +72,7 @@ pub mod tests {
) )
.await; .await;
let creds = settings.api_keys.get(0).unwrap().clone(); let creds = settings.creds.clone();
let auth = format!( let auth = format!(
"Basic {}", "Basic {}",
base64::encode(format!("{}:{}", creds.username.clone(), creds.password)) base64::encode(format!("{}:{}", creds.username.clone(), creds.password))

10
src/settings.rs
View file

@ -61,7 +61,7 @@ pub struct Creds {
#[derive(Debug, Clone, Deserialize)] #[derive(Debug, Clone, Deserialize)]
pub struct Settings { pub struct Settings {
pub debug: bool, pub debug: bool,
pub api_keys: Vec<Creds>, pub creds: Creds,
pub server: Server, pub server: Server,
pub source_code: Url, pub source_code: Url,
pub conductor: ConductorType, pub conductor: ConductorType,
@ -70,9 +70,7 @@ pub struct Settings {
#[cfg(not(tarpaulin_include))] #[cfg(not(tarpaulin_include))]
impl Settings { impl Settings {
pub fn authenticate(&self, username: &str, password: &str) -> bool { pub fn authenticate(&self, username: &str, password: &str) -> bool {
self.api_keys self.creds.username == username && self.creds.password == password
.iter()
.any(|c| c.username == username && c.password == password)
} }
pub fn new() -> Result<Self, ConfigError> { pub fn new() -> Result<Self, ConfigError> {
@ -150,14 +148,14 @@ mod tests {
#[test] #[test]
fn creds_works() { fn creds_works() {
let settings = Settings::new().unwrap(); let settings = Settings::new().unwrap();
let mut creds = settings.api_keys.get(0).unwrap().clone(); let mut creds = settings.creds.clone();
assert!(settings.authenticate(&creds.username, &creds.password)); assert!(settings.authenticate(&creds.username, &creds.password));
creds.username = "noexist".into(); creds.username = "noexist".into();
assert!(!settings.authenticate(&creds.username, &creds.password)); assert!(!settings.authenticate(&creds.username, &creds.password));
let mut creds = settings.api_keys.get(0).unwrap().clone(); let mut creds = settings.creds.clone();
creds.password = "noexist".into(); creds.password = "noexist".into();
assert!(!settings.authenticate(&creds.username, &creds.password)); assert!(!settings.authenticate(&creds.username, &creds.password));