pierre/MatrixGW
1
0
Fork 0
Code Issues Pull Requests 3 Actions Packages Projects Releases Wiki Activity

Create & list tokens

Browse Source
This commit is contained in:
Pierre HUBERT
2025-11-11 21:19:54 +01:00
parent b10ec9ce92
commit 8fdf1d57eb
8 changed files with 202 additions and 22 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
matrixgw_backend/src/extractors/auth_extractor.rs
View File

@@ -34,6 +34,12 @@ pub struct AuthExtractor {
pub payload: Option<Vec<u8>>,
}
impl AsRef<User> for AuthExtractor {
fn as_ref(&self) -> &User {
&self.user
}
}
impl AuthExtractor {
pub fn decode_json_body<E: DeserializeOwned + Send>(&self) -> anyhow::Result<E> {
let payload = self
@@ -156,8 +162,9 @@ impl AuthExtractor {
}
// Check IP restriction
if let Some(net) = token.network
&& !net.contains(&remote_ip)
if let Some(nets) = &token.base.networks
&& !nets.is_empty()
&& !nets.iter().any(|n| n.contains(&remote_ip))
{
log::error!(
"Trying to use token {:?} from unauthorized IP address: {remote_ip:?}",
@@ -169,7 +176,7 @@ impl AuthExtractor {
}
// Check for write access
if token.read_only && !req.method().is_safe() {
if token.base.read_only && !req.method().is_safe() {
return Err(actix_web::error::ErrorBadRequest(
"Read only token cannot perform write operations!",
));