nutomic/ibis
1
0
Fork 0
mirror of https://github.com/Nutomic/ibis.git synced 2025-01-24 03:25:49 +00:00
Code Projects Releases Packages Activity

Check all auth headers and cookies for valid token

Browse source
This commit is contained in:
Felix Ableitner 2025-01-13 16:31:05 +01:00
parent 94b8444f4d
commit d81b281d18
1 changed files with 16 additions and 6 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

22
src/backend/api/mod.rs
View file

@ -37,6 +37,7 @@ use axum::{
use axum_extra::extract::CookieJar; use axum_extra::extract::CookieJar;
use axum_macros::debug_handler; use axum_macros::debug_handler;
use instance::list_remote_instances; use instance::list_remote_instances;
use std::collections::HashSet;
use user::{count_notifications, list_notifications, update_user_profile}; use user::{count_notifications, list_notifications, update_user_profile};
pub mod article; pub mod article;
@ -78,15 +79,24 @@ async fn auth(
mut request: Request<Body>, mut request: Request<Body>,
next: Next, next: Next,
) -> Result<Response, StatusCode> { ) -> Result<Response, StatusCode> {
let auth = request // Check all duplicate auth headers and cookies for the first valid one.
let auth: HashSet<_> = request
.headers() .headers()
.get(AUTH_COOKIE) .get_all(AUTH_COOKIE)
.and_then(|h| h.to_str().ok()) .into_iter()
.or(jar.get(AUTH_COOKIE).map(|c| c.value())); .filter_map(|h| h.to_str().ok())
.chain(
jar.iter()
.filter(|c| c.name() == AUTH_COOKIE)
.map(|c| c.value()),
)
.map(|s| s.to_string())
.collect();
if let Some(auth) = auth { for a in &auth {
if let Ok(user) = validate(auth, &data).await { if let Ok(user) = validate(a, &data).await {
request.extensions_mut().insert(user); request.extensions_mut().insert(user);
continue;
} }
} }
let response = next.run(request).await; let response = next.run(request).await;