pierre/BasicOIDC
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Add IP location service
All checks were successful
continuous-integration/drone/push Build is passing
Details

Browse Source
This commit is contained in:
Pierre HUBERT
2022-11-12 17:01:45 +01:00
parent 42d2c20ce3
commit bfe65b0216
278 changed files with 119 additions and 34 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
src/middlewares/auth_middleware.rs
View File

@ -9,7 +9,7 @@ use actix_web::body::EitherBody;
use actix_web::http::{header, Method};
use actix_web::{
dev::{forward_ready, Service, ServiceRequest, ServiceResponse, Transform},
web, Error, HttpResponse,
Error, HttpResponse,
};
use crate::constants::{
@ -87,14 +87,16 @@ where
// Forward request
Box::pin(async move {
let config: &web::Data<AppConfig> = req.app_data().expect("AppData undefined!");
// Check if POST request comes from another website (block invalid origins)
let origin = req.headers().get(header::ORIGIN);
if req.method() == Method::POST && req.path() != TOKEN_URI && req.path() != USERINFO_URI
{
if let Some(o) = origin {
if !o.to_str().unwrap_or("bad").eq(&config.website_origin) {
if !o
.to_str()
.unwrap_or("bad")
.eq(&AppConfig::get().website_origin)
{
log::warn!(
"Blocked POST request from invalid origin! Origin given {:?}",
o