feat(backend): accept auth key in query param
This commit is contained in:
parent
18608df5a3
commit
172d6cdb37
1 changed files with 22 additions and 12 deletions
|
@ -138,22 +138,32 @@ fn check_auth(req: &HttpRequest, state: &State) -> Result<Option<String>, actix_
|
||||||
return Ok(None);
|
return Ok(None);
|
||||||
}
|
}
|
||||||
|
|
||||||
let key = if let Some(value) = req.headers().get("Authorization") {
|
let header_key = req.headers().get("Authorization").and_then(|value| {
|
||||||
let value = value.to_str().map_err(|err| {
|
value.to_str().ok().and_then(|value| {
|
||||||
ErrorBadRequest(format!("Invalid value in Authorization header: {err:?}"))
|
if value.starts_with("Bearer ") {
|
||||||
})?;
|
|
||||||
if !value.starts_with("Bearer ") {
|
|
||||||
return Err(ErrorUnauthorized("Invalid token type."));
|
|
||||||
}
|
|
||||||
Some(value.trim_start_matches("Bearer ").to_string())
|
Some(value.trim_start_matches("Bearer ").to_string())
|
||||||
} else if let Ok(cookies) = req.cookies() {
|
} else {
|
||||||
|
None
|
||||||
|
}
|
||||||
|
})
|
||||||
|
});
|
||||||
|
|
||||||
|
let cookie_key = req.cookies().ok().and_then(|cookies| {
|
||||||
cookies
|
cookies
|
||||||
.iter()
|
.iter()
|
||||||
.find(|c| c.name() == "key")
|
.find(|c| c.name() == "key")
|
||||||
.map(|cookie| cookie.value().to_string())
|
.map(|cookie| cookie.value().to_string())
|
||||||
} else {
|
});
|
||||||
None
|
|
||||||
};
|
let query_key = req.query_string().split('&').find_map(|pair| {
|
||||||
|
let parts = pair.split('=').collect::<Vec<&str>>();
|
||||||
|
match parts[..] {
|
||||||
|
["auth_key", value] => Some(value.to_string()),
|
||||||
|
_ => None,
|
||||||
|
}
|
||||||
|
});
|
||||||
|
|
||||||
|
let key = header_key.or(cookie_key).or(query_key);
|
||||||
|
|
||||||
if let Some(key) = key {
|
if let Some(key) = key {
|
||||||
let token = jsonwebtoken::decode::<JwtClaims>(
|
let token = jsonwebtoken::decode::<JwtClaims>(
|
||||||
|
|
Loading…
Reference in a new issue