diff --git a/src/main.rs b/src/main.rs index 63f4d7d..f9177e2 100644 --- a/src/main.rs +++ b/src/main.rs @@ -3,7 +3,7 @@ use std::sync::Arc; use actix::Actor; use actix_identity::IdentityMiddleware; -use actix_identity::config::LogoutBehaviour; +use actix_identity::config::LogoutBehavior; use actix_remote_ip::RemoteIPConfig; use actix_session::SessionMiddleware; use actix_session::storage::CookieSessionStore; @@ -100,7 +100,7 @@ async fn main() -> std::io::Result<()> { .build(); let identity_middleware = IdentityMiddleware::builder() - .logout_behaviour(LogoutBehaviour::PurgeSession) + .logout_behavior(LogoutBehavior::PurgeSession) .visit_deadline(Some(Duration::from_secs(MAX_INACTIVITY_DURATION))) .login_deadline(Some(Duration::from_secs(MAX_SESSION_DURATION))) .build(); diff --git a/src/middlewares/auth_middleware.rs b/src/middlewares/auth_middleware.rs index 7e4238a..d4f1007 100644 --- a/src/middlewares/auth_middleware.rs +++ b/src/middlewares/auth_middleware.rs @@ -89,20 +89,22 @@ where Box::pin(async move { // Check if POST request comes from another website (block invalid origins) let origin = req.headers().get(header::ORIGIN); - if req.method() == Method::POST && req.path() != TOKEN_URI && req.path() != USERINFO_URI + if req.method() == Method::POST + && req.path() != TOKEN_URI + && req.path() != USERINFO_URI && let Some(o) = origin - && !o - .to_str() - .unwrap_or("bad") - .eq(&AppConfig::get().website_origin) - { - log::warn!("Blocked POST request from invalid origin! Origin given {o:?}"); - return Ok(req.into_response( - HttpResponse::Unauthorized() - .body("POST request from invalid origin!") - .map_into_right_body(), - )); - } + && !o + .to_str() + .unwrap_or("bad") + .eq(&AppConfig::get().website_origin) + { + log::warn!("Blocked POST request from invalid origin! Origin given {o:?}"); + return Ok(req.into_response( + HttpResponse::Unauthorized() + .body("POST request from invalid origin!") + .map_into_right_body(), + )); + } if req.path().starts_with("/.git") { return Ok(req.into_response(