Enforce read only clients

This commit is contained in:
Pierre HUBERT 2025-01-30 21:38:23 +01:00
parent 0e8b4751b4
commit 08f535c15c

View File

@ -106,8 +106,14 @@ impl APIClientAuth {
return Err(actix_web::error::ErrorBadRequest("Method mismatch!"));
}
// Check for write access
if client.readonly_client && !req.method().is_safe() {
return Err(actix_web::error::ErrorBadRequest(
"Read only client cannot perform write operations!",
));
}
// TODO : handle payload
// TODO : check read only access
// TODO : update last use (if required)
// TODO : check for IP restriction