Read host header
This commit is contained in:
parent
9c94cafe95
commit
4087345323
2 changed files with 21 additions and 12 deletions
|
|
@ -131,16 +131,29 @@ pub const ApiSource = struct {
|
|||
};
|
||||
}
|
||||
|
||||
pub fn connectUnauthorized(self: *ApiSource, alloc: std.mem.Allocator) !Conn {
|
||||
pub fn connectUnauthorized(self: *ApiSource, host: ?[]const u8, alloc: std.mem.Allocator) !Conn {
|
||||
const community_id = blk: {
|
||||
if (host) |h| {
|
||||
const community = try self.db.getBy(models.Community, .host, h, alloc);
|
||||
if (community) |c| break :blk c.id;
|
||||
}
|
||||
|
||||
break :blk null;
|
||||
};
|
||||
|
||||
return Conn{
|
||||
.db = self.db,
|
||||
.internal_alloc = self.internal_alloc,
|
||||
.as_user = null,
|
||||
.on_community = community_id,
|
||||
.arena = std.heap.ArenaAllocator.init(alloc),
|
||||
};
|
||||
}
|
||||
|
||||
pub fn connectToken(self: *ApiSource, token: []const u8, alloc: std.mem.Allocator) !Conn {
|
||||
pub fn connectToken(self: *ApiSource, host: ?[]const u8, token: []const u8, alloc: std.mem.Allocator) !Conn {
|
||||
var conn = try self.connectUnauthorized(host, alloc);
|
||||
errdefer conn.close();
|
||||
|
||||
const decoded_len = std.base64.standard.Decoder.calcSizeForSlice(token) catch return error.InvalidToken;
|
||||
if (decoded_len != token_len) return error.InvalidToken;
|
||||
|
||||
|
|
@ -150,16 +163,11 @@ pub const ApiSource = struct {
|
|||
var hash: models.ByteArray(models.Token.hash_len) = undefined;
|
||||
models.Token.HashFn.hash(&decoded, &hash.data, .{});
|
||||
|
||||
var arena = std.heap.ArenaAllocator.init(alloc);
|
||||
const db_token = (try self.db.getBy(models.Token, .hash, hash, conn.arena.allocator())) orelse return error.InvalidToken;
|
||||
|
||||
const db_token = (try self.db.getBy(models.Token, .hash, hash, arena.allocator())) orelse return error.InvalidToken;
|
||||
conn.as_user = db_token.user_id;
|
||||
|
||||
return Conn{
|
||||
.db = self.db,
|
||||
.internal_alloc = self.internal_alloc,
|
||||
.as_user = db_token.user_id,
|
||||
.arena = arena,
|
||||
};
|
||||
return conn;
|
||||
}
|
||||
};
|
||||
|
||||
|
|
@ -170,6 +178,7 @@ fn ApiConn(comptime DbConn: type) type {
|
|||
db: DbConn,
|
||||
internal_alloc: std.mem.Allocator, // used *only* for large, internal buffers
|
||||
as_user: ?Uuid,
|
||||
on_community: ?Uuid,
|
||||
arena: std.heap.ArenaAllocator,
|
||||
|
||||
pub fn close(self: *Self) void {
|
||||
|
|
|
|||
|
|
@ -65,7 +65,7 @@ pub const utils = struct {
|
|||
|
||||
pub fn getApiConn(srv: *RequestServer, ctx: *http.server.Context) !api.ApiSource.Conn {
|
||||
return authorizeApiConn(srv, ctx) catch |err| switch (err) {
|
||||
error.NoToken => srv.api.connectUnauthorized(ctx.alloc),
|
||||
error.NoToken => srv.api.connectUnauthorized(ctx.request.headers.get("Host"), ctx.alloc),
|
||||
error.InvalidToken => return error.InvalidToken,
|
||||
else => @panic("TODO"), // doing this to resolve some sort of compiler analysis dependency issue
|
||||
};
|
||||
|
|
@ -77,7 +77,7 @@ pub const utils = struct {
|
|||
if (header.len < ("bearer ").len) return error.InvalidToken;
|
||||
const token = header[("bearer ").len..];
|
||||
|
||||
return try srv.api.connectToken(token, ctx.alloc);
|
||||
return try srv.api.connectToken(ctx.request.headers.get("Host"), token, ctx.alloc);
|
||||
}
|
||||
};
|
||||
|
||||
|
|
|
|||
Loading…
Reference in a new issue