mirror of
https://github.com/amigan/rustypaste-pretty.git
synced 2024-11-21 03:49:47 -05:00
refactor(server): use .env for auth token
This commit is contained in:
parent
4c988a446d
commit
181c8c602c
7 changed files with 13 additions and 5 deletions
1
.env
Normal file
1
.env
Normal file
|
@ -0,0 +1 @@
|
|||
AUTH_TOKEN=
|
7
Cargo.lock
generated
7
Cargo.lock
generated
|
@ -614,6 +614,12 @@ version = "1.0.4"
|
|||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "212d0f5754cb6769937f4501cc0e67f4f4483c8d2c3e1e922ee9edbe4ab4c7c0"
|
||||
|
||||
[[package]]
|
||||
name = "dotenv"
|
||||
version = "0.15.0"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "77c90badedccf4105eca100756a0b1289e191f6fcbdadd3cee1d2f614f97da8f"
|
||||
|
||||
[[package]]
|
||||
name = "either"
|
||||
version = "1.6.1"
|
||||
|
@ -1232,6 +1238,7 @@ dependencies = [
|
|||
"actix-web",
|
||||
"byte-unit",
|
||||
"config",
|
||||
"dotenv",
|
||||
"env_logger",
|
||||
"futures-util",
|
||||
"log",
|
||||
|
|
|
@ -16,6 +16,7 @@ futures-util = "0.3.15"
|
|||
config = "0.11.0"
|
||||
petname = "1.1.0"
|
||||
rand = "0.8.4"
|
||||
dotenv = "0.15.0"
|
||||
|
||||
[dependencies.byte-unit]
|
||||
version = "4.0.12"
|
||||
|
|
|
@ -3,7 +3,6 @@ address="127.0.0.1:8000"
|
|||
#workers=4
|
||||
max_content_length="10MB"
|
||||
upload_path="./upload"
|
||||
#auth_token="" # OOPS_SERVER__AUTH_TOKEN=
|
||||
|
||||
[paste]
|
||||
pet_names = { enabled = true, words = 2, separator = "-" }
|
||||
|
|
|
@ -22,8 +22,6 @@ pub struct ServerConfig {
|
|||
pub max_content_length: Byte,
|
||||
/// Storage path.
|
||||
pub upload_path: PathBuf,
|
||||
/// Authentication token.
|
||||
pub auth_token: Option<String>,
|
||||
}
|
||||
|
||||
/// Paste configuration.
|
||||
|
|
|
@ -7,6 +7,7 @@ use std::io::Result as IoResult;
|
|||
|
||||
#[actix_web::main]
|
||||
async fn main() -> IoResult<()> {
|
||||
dotenv::dotenv().ok();
|
||||
env_logger::init_from_env(env_logger::Env::new().default_filter_or("info"));
|
||||
let config = Config::parse("config").expect("failed to parse config");
|
||||
let server_config = config.server.clone();
|
||||
|
|
|
@ -8,6 +8,7 @@ use actix_web::{error, get, post, web, Error, HttpRequest, HttpResponse, Respond
|
|||
use byte_unit::Byte;
|
||||
use futures_util::stream::StreamExt;
|
||||
use std::convert::TryFrom;
|
||||
use std::env;
|
||||
|
||||
/// Shows the landing page.
|
||||
#[get("/")]
|
||||
|
@ -39,13 +40,13 @@ async fn upload(
|
|||
) -> Result<HttpResponse, Error> {
|
||||
let connection = request.connection_info();
|
||||
let host = connection.remote_addr().unwrap_or("unknown host");
|
||||
if let Some(token) = &config.server.auth_token {
|
||||
if let Ok(token) = env::var("AUTH_TOKEN") {
|
||||
let auth_header = request
|
||||
.headers()
|
||||
.get(AUTHORIZATION)
|
||||
.map(|v| v.to_str().unwrap_or_default())
|
||||
.map(|v| v.split_whitespace().last().unwrap_or_default());
|
||||
if auth_header != Some(token) {
|
||||
if auth_header.unwrap_or_default() != token {
|
||||
log::warn!(
|
||||
"authorization failure for {} (header: {})",
|
||||
host,
|
||||
|
|
Loading…
Reference in a new issue