Comunic/comunicapiv3
1
0
Fork 0
mirror of https://gitlab.com/comunic/comunicapiv3 synced 2025-06-21 00:45:18 +00:00
Code Issues Projects Releases Wiki Activity

Check client tokens

Browse Source
This commit is contained in:
Pierre HUBERT
2020-05-23 14:08:22 +02:00
parent 665aa1683c
commit 505fa5adb3
7 changed files with 99 additions and 34 deletions
Download Patch File Download Diff File Expand all files Collapse all files

27
src/data/http_error.rs
View File

@ -3,36 +3,45 @@ use serde::Serialize;
/// HTTP request error
///
/// @author Pierre Hubert
#[derive(Serialize)]
pub struct HttpError {
pub struct InnerHTTPError {
pub code: u16,
pub message: String,
}
impl HttpError {
#[derive(Serialize)]
pub struct HttpError {
pub error: InnerHTTPError
}
impl HttpError {
/// Generate a 404 error
pub fn not_found(message: &str) -> HttpError {
HttpError {
code: 404,
message: message.to_string()
error: InnerHTTPError {
code: 404,
message: message.to_string(),
}
}
}
/// Generate a 500 error
pub fn internal_error(message: &str) -> HttpError {
HttpError {
code: 500,
message: message.to_string()
error: InnerHTTPError {
code: 500,
message: message.to_string(),
}
}
}
/// Generate a 401 error
pub fn bad_request(message: &str) -> HttpError {
HttpError {
code: 401,
message: message.to_string()
error: InnerHTTPError {
code: 401,
message: message.to_string(),
}
}
}
}

48
src/data/http_request_handler.rs
View File

@ -6,6 +6,10 @@ use serde::Serialize;
use crate::data::error::{ResultBoxError, ExecError};
use std::collections::HashMap;
use crate::helpers::api_helper;
use actix_web::http::{HeaderName, HeaderValue};
use std::str::FromStr;
use crate::data::config::conf;
use crate::data::api_client::APIClient;
/// Http request handler
///
@ -34,6 +38,8 @@ pub struct HttpRequestHandler {
request: web::HttpRequest,
body: HashMap<String, RequestValue>,
response: Option<web::HttpResponse>,
headers: HashMap<String, String>,
client: Option<APIClient>,
}
impl HttpRequestHandler {
@ -43,6 +49,8 @@ impl HttpRequestHandler {
request: req,
body,
response: None,
headers: HashMap::new(),
client: None,
}
}
@ -57,8 +65,17 @@ impl HttpRequestHandler {
}
/// Take the response from this struct
pub fn response(self) -> HttpResponse {
self.response.unwrap()
pub fn response(self) -> ResultBoxError<HttpResponse> {
let mut response = self.response.unwrap();
// Put additional headers if required
for (k, v) in &self.headers {
response.headers_mut().insert(HeaderName::from_str(k)?,
HeaderValue::from_str(v)?,
);
}
Ok(response)
}
/// Success message
@ -91,7 +108,7 @@ impl HttpRequestHandler {
println!("Error leading to bad request: {}", err);
self.bad_request(msg.to_string())?;
unreachable!()
},
}
}
}
@ -133,11 +150,30 @@ impl HttpRequestHandler {
let client = self.ok_or_bad_request(
api_helper::get_client(&api_name, &api_token),
"Client not recognized!"
"Client not recognized!",
)?;
// TODO : continue here
println!("{:#?}", client);
if let Some(domain) = &client.domain {
let allowed_origin = match conf().force_https {
true => format!("https://{}", domain),
false => format!("http://{}", domain)
};
match self.request.headers().get("Referer") {
None => self.bad_request("Unknown origin!".to_string())?,
Some(s) => {
if !s.to_str()?.starts_with(&allowed_origin) {
self.bad_request("Use of this client is prohibited from this domain!".to_string())?;
}
},
}
self.headers.insert("Access-Control-Allow-Origin".to_string(), allowed_origin);
}
self.client = Some(client);
Ok(())
}
}