From 52851787329c48c1e70f98a3610ad52fe1fa4aa4 Mon Sep 17 00:00:00 2001 From: FxQnLr Date: Mon, 8 Apr 2024 15:14:21 +0200 Subject: Closes #25. Apikey not required anymore --- src/auth.rs | 35 +++++++++++++++++++++++++++++++++++ src/config.rs | 10 +++++++++- src/extractors.rs | 24 ------------------------ src/main.rs | 4 ++-- src/routes/start.rs | 2 +- 5 files changed, 47 insertions(+), 28 deletions(-) create mode 100644 src/auth.rs delete mode 100644 src/extractors.rs (limited to 'src') diff --git a/src/auth.rs b/src/auth.rs new file mode 100644 index 0000000..1f4518a --- /dev/null +++ b/src/auth.rs @@ -0,0 +1,35 @@ +use crate::AppState; +use axum::{ + extract::{Request, State}, + http::{HeaderMap, StatusCode}, + middleware::Next, + response::Response, +}; +use serde::Deserialize; + +#[derive(Debug, Clone, Deserialize)] +pub enum Methods { + Key, + None, +} + +pub async fn auth( + State(state): State, + headers: HeaderMap, + request: Request, + next: Next, +) -> Result { + let auth = state.config.auth; + match auth.method { + Methods::Key => { + if let Some(secret) = headers.get("authorization") { + if !(auth.secret.as_str() == secret) { return Err(StatusCode::UNAUTHORIZED); }; + let response = next.run(request).await; + Ok(response) + } else { + return Err(StatusCode::UNAUTHORIZED); + } + } + Methods::None => Ok(next.run(request).await), + } +} diff --git a/src/config.rs b/src/config.rs index 9605361..9636af4 100644 --- a/src/config.rs +++ b/src/config.rs @@ -1,14 +1,22 @@ use config::File; use serde::Deserialize; +use crate::auth; + #[derive(Debug, Clone, Deserialize)] pub struct Config { pub database_url: String, - pub apikey: String, pub serveraddr: String, pub pingtimeout: i64, pub pingthreshold: i64, pub timeoffset: i8, + pub auth: Auth, +} + +#[derive(Debug, Clone, Deserialize)] +pub struct Auth { + pub method: auth::Methods, + pub secret: String, } impl Config { diff --git a/src/extractors.rs b/src/extractors.rs deleted file mode 100644 index 4d441e9..0000000 --- a/src/extractors.rs +++ /dev/null @@ -1,24 +0,0 @@ -use axum::{ - extract::{Request, State}, - http::{HeaderMap, StatusCode}, - middleware::Next, - response::Response, -}; - -use crate::AppState; - -pub async fn auth( - State(state): State, - headers: HeaderMap, - request: Request, - next: Next, -) -> Result { - let secret = headers.get("authorization"); - match secret { - Some(token) if token == state.config.apikey.as_str() => { - let response = next.run(request).await; - Ok(response) - } - _ => Err(StatusCode::UNAUTHORIZED), - } -} diff --git a/src/main.rs b/src/main.rs index 75f491a..43957ff 100644 --- a/src/main.rs +++ b/src/main.rs @@ -29,7 +29,7 @@ use utoipa_swagger_ui::SwaggerUi; mod config; mod db; mod error; -mod extractors; +mod auth; mod routes; mod services; mod wol; @@ -126,7 +126,7 @@ async fn main() -> color_eyre::eyre::Result<()> { ) .route("/device/:id", get(device::get)) .route("/status", get(status::status)) - .route_layer(from_fn_with_state(shared_state.clone(), extractors::auth)) + .route_layer(from_fn_with_state(shared_state.clone(), auth::auth)) .merge(SwaggerUi::new("/swagger-ui").url("/api-docs/openapi.json", ApiDoc::openapi())) .with_state(Arc::new(shared_state)); diff --git a/src/routes/start.rs b/src/routes/start.rs index fa226d8..c61d5a3 100644 --- a/src/routes/start.rs +++ b/src/routes/start.rs @@ -63,7 +63,7 @@ pub async fn start_payload( #[utoipa::path( post, path = "/start/{id}", - request_body = Payload, + request_body = Option, responses( (status = 200, description = "Start the device with the given id", body = [Response]) ), -- cgit v1.2.3