allow admin token as auth header

Signed-off-by: Jan Jansen <jan.jansen@gdata.de>
This commit is contained in:
Jan Jansen 2024-11-27 11:35:53 +01:00
parent da3701c0cf
commit bb8a9b54cc

View file

@ -782,6 +782,34 @@ impl<'r> FromRequest<'r> for AdminToken {
ip,
})
} else {
let header_authorization = request.headers().get_one("authorization");
if let Some(access_token) = header_authorization {
if crate::ratelimit::check_limit_admin(&ip.ip).is_err() {
return Outcome::Error((Status::Unauthorized, "Too many requests, try again later."));
}
let access_token = access_token.trim_start_matches("Bearer").trim();
let access_token = data_encoding::BASE64.decode(access_token.as_bytes());
let access_token = match access_token {
Ok(a) => String::from_utf8(a),
Err(_) => {
return Outcome::Error((Status::Unauthorized, "Invalid admin token, please try again."));
}
};
let access_token = match access_token {
Ok(a) => a,
Err(_) => {
return Outcome::Error((Status::Unauthorized, "Invalid admin token, please try again."));
}
};
if !_validate_token(&access_token) {
error!("Invalid admin token. IP: {}", ip.ip);
return Outcome::Error((Status::Unauthorized, "Invalid admin token, please try again."));
}
return Outcome::Success(Self {
ip,
});
}
let cookies = request.cookies();
let access_token = match cookies.get(COOKIE_NAME) {