Enforce read only clients

src/extractors/client_auth.rs

@@ -106,8 +106,14 @@ impl APIClientAuth {
             return Err(actix_web::error::ErrorBadRequest("Method mismatch!"));
         }
 
+        // Check for write access
+        if client.readonly_client && !req.method().is_safe() {
+            return Err(actix_web::error::ErrorBadRequest(
+                "Read only client cannot perform write operations!",
+            ));
+        }
+
         // TODO : handle payload
-        // TODO : check read only access
         // TODO : update last use (if required)
         // TODO : check for IP restriction