mirror of
https://github.com/dani-garcia/vaultwarden.git
synced 2024-12-22 22:45:12 +01:00
allow admin token as auth header
Signed-off-by: Jan Jansen <jan.jansen@gdata.de>
This commit is contained in:
parent
da3701c0cf
commit
bb8a9b54cc
1 changed files with 28 additions and 0 deletions
|
@ -782,6 +782,34 @@ impl<'r> FromRequest<'r> for AdminToken {
|
||||||
ip,
|
ip,
|
||||||
})
|
})
|
||||||
} else {
|
} else {
|
||||||
|
let header_authorization = request.headers().get_one("authorization");
|
||||||
|
if let Some(access_token) = header_authorization {
|
||||||
|
if crate::ratelimit::check_limit_admin(&ip.ip).is_err() {
|
||||||
|
return Outcome::Error((Status::Unauthorized, "Too many requests, try again later."));
|
||||||
|
}
|
||||||
|
|
||||||
|
let access_token = access_token.trim_start_matches("Bearer").trim();
|
||||||
|
let access_token = data_encoding::BASE64.decode(access_token.as_bytes());
|
||||||
|
let access_token = match access_token {
|
||||||
|
Ok(a) => String::from_utf8(a),
|
||||||
|
Err(_) => {
|
||||||
|
return Outcome::Error((Status::Unauthorized, "Invalid admin token, please try again."));
|
||||||
|
}
|
||||||
|
};
|
||||||
|
let access_token = match access_token {
|
||||||
|
Ok(a) => a,
|
||||||
|
Err(_) => {
|
||||||
|
return Outcome::Error((Status::Unauthorized, "Invalid admin token, please try again."));
|
||||||
|
}
|
||||||
|
};
|
||||||
|
if !_validate_token(&access_token) {
|
||||||
|
error!("Invalid admin token. IP: {}", ip.ip);
|
||||||
|
return Outcome::Error((Status::Unauthorized, "Invalid admin token, please try again."));
|
||||||
|
}
|
||||||
|
return Outcome::Success(Self {
|
||||||
|
ip,
|
||||||
|
});
|
||||||
|
}
|
||||||
let cookies = request.cookies();
|
let cookies = request.cookies();
|
||||||
|
|
||||||
let access_token = match cookies.get(COOKIE_NAME) {
|
let access_token = match cookies.get(COOKIE_NAME) {
|
||||||
|
|
Loading…
Reference in a new issue