feat: replace http auth with bearer auth
ci/woodpecker/push/woodpecker Pipeline failed
Details
ci/woodpecker/push/woodpecker Pipeline failed
Details
This commit is contained in:
parent
58eef6b3fa
commit
cd0589fb2e
|
@ -17,7 +17,7 @@
|
||||||
use actix_web::dev::ServiceRequest;
|
use actix_web::dev::ServiceRequest;
|
||||||
use actix_web::web;
|
use actix_web::web;
|
||||||
use actix_web::Error;
|
use actix_web::Error;
|
||||||
use actix_web_httpauth::extractors::basic::BasicAuth;
|
use actix_web_httpauth::extractors::bearer::BearerAuth;
|
||||||
|
|
||||||
use crate::errors::*;
|
use crate::errors::*;
|
||||||
use crate::AppCtx;
|
use crate::AppCtx;
|
||||||
|
@ -26,14 +26,13 @@ use crate::SETTINGS;
|
||||||
pub mod meta;
|
pub mod meta;
|
||||||
pub mod webhook;
|
pub mod webhook;
|
||||||
|
|
||||||
pub async fn httpauth(
|
pub async fn bearerauth(
|
||||||
req: ServiceRequest,
|
req: ServiceRequest,
|
||||||
credentials: BasicAuth,
|
credentials: BearerAuth,
|
||||||
) -> Result<ServiceRequest, (Error, ServiceRequest)> {
|
) -> Result<ServiceRequest, (Error, ServiceRequest)> {
|
||||||
let _ctx: &AppCtx = req.app_data().unwrap();
|
let _ctx: &AppCtx = req.app_data().unwrap();
|
||||||
let username = credentials.user_id();
|
let token = credentials.token();
|
||||||
let password = credentials.password().unwrap();
|
if SETTINGS.authenticate(token) {
|
||||||
if SETTINGS.authenticate(username, password) {
|
|
||||||
Ok(req)
|
Ok(req)
|
||||||
} else {
|
} else {
|
||||||
let e = Error::from(ServiceError::Unauthorized);
|
let e = Error::from(ServiceError::Unauthorized);
|
||||||
|
|
|
@ -24,7 +24,7 @@ use crate::errors::*;
|
||||||
use crate::AppCtx;
|
use crate::AppCtx;
|
||||||
use crate::*;
|
use crate::*;
|
||||||
|
|
||||||
use super::httpauth;
|
use super::bearerauth;
|
||||||
|
|
||||||
pub mod routes {
|
pub mod routes {
|
||||||
use super::*;
|
use super::*;
|
||||||
|
@ -47,7 +47,7 @@ pub fn services(cfg: &mut web::ServiceConfig) {
|
||||||
|
|
||||||
#[actix_web_codegen_const_routes::post(
|
#[actix_web_codegen_const_routes::post(
|
||||||
path = "API_V1_ROUTES.webhook.post_event",
|
path = "API_V1_ROUTES.webhook.post_event",
|
||||||
wrap = "HttpAuthentication::basic(httpauth)"
|
wrap = "HttpAuthentication::bearer(bearerauth)"
|
||||||
)]
|
)]
|
||||||
async fn post_event(ctx: AppCtx, payload: web::Json<EventType>) -> ServiceResult<impl Responder> {
|
async fn post_event(ctx: AppCtx, payload: web::Json<EventType>) -> ServiceResult<impl Responder> {
|
||||||
ctx.conductor.process(payload.into_inner()).await;
|
ctx.conductor.process(payload.into_inner()).await;
|
||||||
|
@ -71,10 +71,7 @@ pub mod tests {
|
||||||
.await;
|
.await;
|
||||||
|
|
||||||
let creds = settings.creds.clone();
|
let creds = settings.creds.clone();
|
||||||
let auth = format!(
|
let auth = format!("Bearer {}", creds.token,);
|
||||||
"Basic {}",
|
|
||||||
base64::encode(format!("{}:{}", creds.username.clone(), creds.password))
|
|
||||||
);
|
|
||||||
|
|
||||||
let msg = EventType::NewSite {
|
let msg = EventType::NewSite {
|
||||||
hostname: "demo.librepages.org".into(),
|
hostname: "demo.librepages.org".into(),
|
||||||
|
|
|
@ -54,8 +54,7 @@ pub enum ConductorType {
|
||||||
|
|
||||||
#[derive(Debug, Clone, Deserialize)]
|
#[derive(Debug, Clone, Deserialize)]
|
||||||
pub struct Creds {
|
pub struct Creds {
|
||||||
pub username: String,
|
pub token: String,
|
||||||
pub password: String,
|
|
||||||
}
|
}
|
||||||
|
|
||||||
#[derive(Debug, Clone, Deserialize)]
|
#[derive(Debug, Clone, Deserialize)]
|
||||||
|
@ -69,8 +68,8 @@ pub struct Settings {
|
||||||
|
|
||||||
#[cfg(not(tarpaulin_include))]
|
#[cfg(not(tarpaulin_include))]
|
||||||
impl Settings {
|
impl Settings {
|
||||||
pub fn authenticate(&self, username: &str, password: &str) -> bool {
|
pub fn authenticate(&self, token: &str) -> bool {
|
||||||
self.creds.username == username && self.creds.password == password
|
self.creds.token == token
|
||||||
}
|
}
|
||||||
|
|
||||||
pub fn new() -> Result<Self, ConfigError> {
|
pub fn new() -> Result<Self, ConfigError> {
|
||||||
|
@ -148,16 +147,13 @@ mod tests {
|
||||||
#[test]
|
#[test]
|
||||||
fn creds_works() {
|
fn creds_works() {
|
||||||
let settings = Settings::new().unwrap();
|
let settings = Settings::new().unwrap();
|
||||||
let mut creds = settings.creds.clone();
|
let creds = settings.creds.clone();
|
||||||
|
|
||||||
assert!(settings.authenticate(&creds.username, &creds.password));
|
assert!(settings.authenticate(&creds.token));
|
||||||
|
|
||||||
creds.username = "noexist".into();
|
|
||||||
assert!(!settings.authenticate(&creds.username, &creds.password));
|
|
||||||
|
|
||||||
let mut creds = settings.creds.clone();
|
let mut creds = settings.creds.clone();
|
||||||
|
|
||||||
creds.password = "noexist".into();
|
creds.token = "noexist".into();
|
||||||
assert!(!settings.authenticate(&creds.username, &creds.password));
|
assert!(!settings.authenticate(&creds.token))
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in New Issue