feat: added access token verification

This commit is contained in:
antifallobst 2023-11-11 21:01:38 +01:00
parent 29ea2629b8
commit 1a6466fdfb
Signed by: antifallobst
GPG Key ID: 2B4F402172791BAF
1 changed files with 11 additions and 1 deletions

View File

@ -1,5 +1,6 @@
use crate::api::{data::*, handlers, State}; use crate::api::{data::*, handlers, State};
use actix_web::{get, post, web, HttpResponse, Responder}; use actix_web::{get, post, web, HttpResponse, Responder};
use actix_web_httpauth::extractors::bearer::BearerAuth;
use log::error; use log::error;
// #[post("/backup/create")] // #[post("/backup/create")]
@ -21,8 +22,13 @@ use log::error;
#[post("/backup/preset")] #[post("/backup/preset")]
async fn backup_preset_post( async fn backup_preset_post(
data: web::Data<State>, data: web::Data<State>,
auth: BearerAuth,
body: web::Json<BackupPreset>, body: web::Json<BackupPreset>,
) -> impl Responder { ) -> impl Responder {
if auth.token() != data.token {
return HttpResponse::Unauthorized().finish();
}
match handlers::backup_preset_post(&data.pool, body.into_inner()).await { match handlers::backup_preset_post(&data.pool, body.into_inner()).await {
Ok(resp) => match resp { Ok(resp) => match resp {
BackupPresetPostResponse::Success => HttpResponse::Ok().finish(), BackupPresetPostResponse::Success => HttpResponse::Ok().finish(),
@ -36,7 +42,11 @@ async fn backup_preset_post(
} }
#[get("/backup/preset")] #[get("/backup/preset")]
async fn backup_preset_get(data: web::Data<State>) -> impl Responder { async fn backup_preset_get(data: web::Data<State>, auth: BearerAuth) -> impl Responder {
if auth.token() != data.token {
return HttpResponse::Unauthorized().finish();
}
match handlers::backup_preset_get(&data.pool).await { match handlers::backup_preset_get(&data.pool).await {
Ok(resp) => HttpResponse::Ok().json(&resp), Ok(resp) => HttpResponse::Ok().json(&resp),
Err(e) => { Err(e) => {