oab key fix

master
veypi 1 year ago
parent b5e03278e1
commit c187b078b0

@ -37,14 +37,18 @@ pub async fn get(
"select access.name, access.rid, access.level from access, user_role, role WHERE user_role.user_id = ? && access.role_id=user_role.role_id && role.id=user_role.role_id && role.app_id = ?", "select access.name, access.rid, access.level from access, user_role, role WHERE user_role.user_id = ? && access.role_id=user_role.role_id && role.id=user_role.role_id && role.app_id = ?",
) )
.bind(&t.id) .bind(&t.id)
.bind(n) .bind(&n)
.fetch_all(stat.sqlx()) .fetch_all(stat.sqlx())
.await?; .await?;
let appobj = models::app::Entity::find_by_id(&n)
.one(stat.db())
.await?
.unwrap();
let u = models::user::Entity::find_by_id(&t.id) let u = models::user::Entity::find_by_id(&t.id)
.one(stat.db()) .one(stat.db())
.await? .await?
.unwrap(); .unwrap();
let str = u.token(result).to_string()?; let str = u.token(result).to_string(&appobj.key)?;
// tokio::spawn(async move { // tokio::spawn(async move {
// let mut interval = tokio::time::interval(Duration::from_secs(5)); // let mut interval = tokio::time::interval(Duration::from_secs(5));
// interval.tick().await; // interval.tick().await;

@ -143,7 +143,7 @@ pub async fn login(
.fetch_all(stat.sqlx()) .fetch_all(stat.sqlx())
.await?; .await?;
Ok(HttpResponse::build(http::StatusCode::OK) Ok(HttpResponse::build(http::StatusCode::OK)
.insert_header(("auth_token", u.token(result).to_string()?)) .insert_header(("auth_token", u.token(result).to_string(&stat.key)?))
.body("".to_string())) .body("".to_string()))
} else { } else {
Ok(HttpResponse::build(http::StatusCode::FORBIDDEN) Ok(HttpResponse::build(http::StatusCode::FORBIDDEN)

@ -26,6 +26,7 @@ lazy_static! {
pub static ref CLI: AppCli = AppCli::new(); pub static ref CLI: AppCli = AppCli::new();
} }
pub static mut KEY: String = String::new();
// lazy_static! { // lazy_static! {
// pub static ref CONFIG: ApplicationConfig = ApplicationConfig::new(); // pub static ref CONFIG: ApplicationConfig = ApplicationConfig::new();
// } // }
@ -135,6 +136,9 @@ impl AppState {
Ok(f) => f, Ok(f) => f,
Err(ref e) if e.kind() == io::ErrorKind::NotFound => { Err(ref e) if e.kind() == io::ErrorKind::NotFound => {
// res.connect_sqlx().unwrap(); // res.connect_sqlx().unwrap();
unsafe {
KEY = res.key.clone();
}
return res; return res;
} }
Err(e) => panic!("{}", e), Err(e) => panic!("{}", e),
@ -150,7 +154,9 @@ impl AppState {
} else { } else {
println!("release_mode is enable!") println!("release_mode is enable!")
} }
info!("asd"); unsafe {
KEY = res.key.clone();
}
res res
} }
pub fn defaut() -> Self { pub fn defaut() -> Self {

@ -21,7 +21,9 @@ use tracing::warn;
use crate::models; use crate::models;
// custom request auth middleware // custom request auth middleware
pub struct Auth; pub struct Auth {
pub key: String,
}
impl<S, B> Transform<S, ServiceRequest> for Auth impl<S, B> Transform<S, ServiceRequest> for Auth
where where
@ -37,6 +39,7 @@ where
fn new_transform(&self, service: S) -> Self::Future { fn new_transform(&self, service: S) -> Self::Future {
ok(AuthMiddleware { ok(AuthMiddleware {
key: self.key.clone(),
service: Rc::new(RefCell::new(service)), service: Rc::new(RefCell::new(service)),
}) })
} }
@ -44,6 +47,7 @@ where
pub struct AuthMiddleware<S> { pub struct AuthMiddleware<S> {
service: Rc<RefCell<S>>, service: Rc<RefCell<S>>,
key: String,
} }
impl<S, B> Service<ServiceRequest> for AuthMiddleware<S> impl<S, B> Service<ServiceRequest> for AuthMiddleware<S>
@ -62,18 +66,17 @@ where
fn call(&self, req: ServiceRequest) -> Self::Future { fn call(&self, req: ServiceRequest) -> Self::Future {
let svc = self.service.clone(); let svc = self.service.clone();
let key = self.key.clone();
Box::pin(async move { Box::pin(async move {
match req.headers().get("auth_token") { match req.headers().get("auth_token") {
Some(h) => { Some(h) => match models::Token::from(h.to_str().unwrap_or(""), &key) {
match models::Token::from(h.to_str().unwrap_or("")){ Ok(t) => {
Ok(t) => { req.extensions_mut().insert(t.id.clone());
req.extensions_mut().insert(t.id.clone()); req.extensions_mut().insert(t);
req.extensions_mut().insert(t); }
} Err(e) => warn!("{}", e),
Err(e) => warn!("{}", e), },
}
}
None => {} None => {}
} }
// let value = HeaderValue::from_str("").unwrap(); // let value = HeaderValue::from_str("").unwrap();

@ -131,7 +131,7 @@ async fn handle_file(req: &DavRequest, stat: web::Data<AppState>) -> Result<Stri
None => "", None => "",
}; };
match auth_token { match auth_token {
Some(t) => match models::Token::from(t.to_str().unwrap_or("")) { Some(t) => match models::Token::from(t.to_str().unwrap_or(""), &stat.key) {
Ok(t) => { Ok(t) => {
if t.is_valid() { if t.is_valid() {
if app_id != "" { if app_id != "" {

@ -74,7 +74,9 @@ async fn web(data: AppState) -> Result<()> {
ErrorHandlers::new() ErrorHandlers::new()
.handler(StatusCode::INTERNAL_SERVER_ERROR, add_error_header), .handler(StatusCode::INTERNAL_SERVER_ERROR, add_error_header),
) )
.wrap(libs::auth::Auth) .wrap(libs::auth::Auth {
key: data.key.clone(),
})
.app_data(json_config) .app_data(json_config)
.configure(api::routes), .configure(api::routes),
) )

@ -178,10 +178,10 @@ pub struct Token {
} }
impl Token { impl Token {
pub fn from(t: &str) -> Result<Self> { pub fn from(t: &str, key: &str) -> Result<Self> {
let token = decode::<Self>( let token = decode::<Self>(
t, t,
&DecodingKey::from_secret("secret".as_ref()), &DecodingKey::from_secret(key.as_ref()),
&Validation::default(), &Validation::default(),
)?; )?;
if token.claims.is_valid() { if token.claims.is_valid() {
@ -197,14 +197,22 @@ impl Token {
false false
} }
} }
pub fn to_string(&self) -> Result<String> { pub fn to_string(&self, key: &str) -> Result<String> {
let token = encode( let token = encode(
&Header::default(), &Header::default(),
self, self,
&EncodingKey::from_secret("secret".as_ref()), &EncodingKey::from_secret(key.as_ref()),
)?; )?;
Ok(token) Ok(token)
} }
// pub fn to_string(&self) -> Result<String> {
// let token = encode(
// &Header::default(),
// self,
// &EncodingKey::from_secret(self._key.as_ref()),
// )?;
// Ok(token)
// }
fn check(&self, domain: &str, did: &str, l: AccessLevel) -> bool { fn check(&self, domain: &str, did: &str, l: AccessLevel) -> bool {
match &self.access { match &self.access {

Loading…
Cancel
Save