heartles/fediglam
1
1
Fork 0
Code Issues 64 Pull requests Projects Releases Packages Wiki Activity

Read host header

Browse source
This commit is contained in:
jaina heartles 2022-08-01 23:35:56 -07:00
parent 9c94cafe95
commit 4087345323
2 changed files with 21 additions and 12 deletions
Download patch file Download diff file Expand all files Collapse all files

29
src/main/api.zig
View file

@ -131,16 +131,29 @@ pub const ApiSource = struct {
}; };
} }
pub fn connectUnauthorized(self: *ApiSource, alloc: std.mem.Allocator) !Conn { pub fn connectUnauthorized(self: *ApiSource, host: ?[]const u8, alloc: std.mem.Allocator) !Conn {
const community_id = blk: {
if (host) |h| {
const community = try self.db.getBy(models.Community, .host, h, alloc);
if (community) |c| break :blk c.id;
}
break :blk null;
};
return Conn{ return Conn{
.db = self.db, .db = self.db,
.internal_alloc = self.internal_alloc, .internal_alloc = self.internal_alloc,
.as_user = null, .as_user = null,
.on_community = community_id,
.arena = std.heap.ArenaAllocator.init(alloc), .arena = std.heap.ArenaAllocator.init(alloc),
}; };
} }
pub fn connectToken(self: *ApiSource, token: []const u8, alloc: std.mem.Allocator) !Conn { pub fn connectToken(self: *ApiSource, host: ?[]const u8, token: []const u8, alloc: std.mem.Allocator) !Conn {
var conn = try self.connectUnauthorized(host, alloc);
errdefer conn.close();
const decoded_len = std.base64.standard.Decoder.calcSizeForSlice(token) catch return error.InvalidToken; const decoded_len = std.base64.standard.Decoder.calcSizeForSlice(token) catch return error.InvalidToken;
if (decoded_len != token_len) return error.InvalidToken; if (decoded_len != token_len) return error.InvalidToken;
@ -150,16 +163,11 @@ pub const ApiSource = struct {
var hash: models.ByteArray(models.Token.hash_len) = undefined; var hash: models.ByteArray(models.Token.hash_len) = undefined;
models.Token.HashFn.hash(&decoded, &hash.data, .{}); models.Token.HashFn.hash(&decoded, &hash.data, .{});
var arena = std.heap.ArenaAllocator.init(alloc); const db_token = (try self.db.getBy(models.Token, .hash, hash, conn.arena.allocator())) orelse return error.InvalidToken;
const db_token = (try self.db.getBy(models.Token, .hash, hash, arena.allocator())) orelse return error.InvalidToken; conn.as_user = db_token.user_id;
return Conn{ return conn;
.db = self.db,
.internal_alloc = self.internal_alloc,
.as_user = db_token.user_id,
.arena = arena,
};
} }
}; };
@ -170,6 +178,7 @@ fn ApiConn(comptime DbConn: type) type {
db: DbConn, db: DbConn,
internal_alloc: std.mem.Allocator, // used *only* for large, internal buffers internal_alloc: std.mem.Allocator, // used *only* for large, internal buffers
as_user: ?Uuid, as_user: ?Uuid,
on_community: ?Uuid,
arena: std.heap.ArenaAllocator, arena: std.heap.ArenaAllocator,
pub fn close(self: *Self) void { pub fn close(self: *Self) void {

4
src/main/controllers.zig
View file

@ -65,7 +65,7 @@ pub const utils = struct {
pub fn getApiConn(srv: *RequestServer, ctx: *http.server.Context) !api.ApiSource.Conn { pub fn getApiConn(srv: *RequestServer, ctx: *http.server.Context) !api.ApiSource.Conn {
return authorizeApiConn(srv, ctx) catch |err| switch (err) { return authorizeApiConn(srv, ctx) catch |err| switch (err) {
error.NoToken => srv.api.connectUnauthorized(ctx.alloc), error.NoToken => srv.api.connectUnauthorized(ctx.request.headers.get("Host"), ctx.alloc),
error.InvalidToken => return error.InvalidToken, error.InvalidToken => return error.InvalidToken,
else => @panic("TODO"), // doing this to resolve some sort of compiler analysis dependency issue else => @panic("TODO"), // doing this to resolve some sort of compiler analysis dependency issue
}; };
@ -77,7 +77,7 @@ pub const utils = struct {
if (header.len < ("bearer ").len) return error.InvalidToken; if (header.len < ("bearer ").len) return error.InvalidToken;
const token = header[("bearer ").len..]; const token = header[("bearer ").len..];
return try srv.api.connectToken(token, ctx.alloc); return try srv.api.connectToken(ctx.request.headers.get("Host"), token, ctx.alloc);
} }
}; };