commit 260ffee093b8c7bea084a338ec8abb4544d0086d
parent c59cfe33717c19caef913d35181bf3108b7b93f3
Author: aaxdev <aaxdev@pm.me>
Date: Mon, 31 Aug 2020 22:20:21 +0200
Improving code
Diffstat:
1 file changed, 27 insertions(+), 33 deletions(-)
diff --git a/src/api/notifications.rs b/src/api/notifications.rs
@@ -21,7 +21,7 @@ static SHOW_WEBSOCKETS_MSG: AtomicBool = AtomicBool::new(true);
fn websockets_err() -> EmptyResult {
if CONFIG.websocket_enabled() && SHOW_WEBSOCKETS_MSG.compare_and_swap(true, false, Ordering::Relaxed) {
err!(
- "###########################################################
+ "###########################################################
'/notifications/hub' should be proxied to the websocket server or notifications won't work.
Go to the Wiki for more info, or disable WebSockets setting WEBSOCKET_ENABLED=false.
###########################################################################################"
@@ -139,7 +139,6 @@ struct InitialMessage {
const PING_MS: u64 = 15_000;
const PING: Token = Token(1);
-const ID_KEY: &str = "id=";
const ACCESS_TOKEN_KEY: &str = "access_token=";
impl WSHandler {
@@ -151,37 +150,30 @@ impl WSHandler {
Err(ws::Error::new(ws::ErrorKind::Io(io_error), msg))
}
- fn get_request_token(&self, hs: Handshake, token: &mut String) {
- let path = hs.request.resource();
+ fn get_request_token(&self, hs: Handshake) -> Option<String> {
+ use std::str::from_utf8;
- match hs.request.header("Authorization") {
- Some(header_value) => match std::str::from_utf8(header_value) {
- Ok(converted) => match converted.split("Bearer ").nth(1) {
- Some(token_part) => token.push_str(token_part),
- _ => (),
- },
- _ => (),
- },
- _ => (),
+ // Verify we have a token header
+ if let Some(header_value) = hs.request.header("Authorization") {
+ if let Ok(converted) = from_utf8(header_value) {
+ if let Some(token_part) = converted.split("Bearer ").nth(1) {
+ return Some(token_part.into());
+ }
+ }
};
-
- match token.is_empty() {
- true => {
- match path.split('?').nth(1) {
- Some(params) => {
- let params_iter = params.split('&').take(2);
- for val in params_iter {
- if val.starts_with(ACCESS_TOKEN_KEY) {
- token.push_str(&val[ACCESS_TOKEN_KEY.len()..]);
- break;
- }
- }
- }
- _ => (),
- };
+
+ // Otherwise verify the query parameter value
+ let path = hs.request.resource();
+ if let Some(params) = path.split('?').nth(1) {
+ let params_iter = params.split('&').take(1);
+ for val in params_iter {
+ if val.starts_with(ACCESS_TOKEN_KEY) {
+ return Some(val[ACCESS_TOKEN_KEY.len()..].into());
+ }
}
- false => (),
- }
+ };
+
+ None
}
}
@@ -193,12 +185,14 @@ impl Handler for WSHandler {
// no longer seem to pass `id` (only `access_token`).
// Get user token from header or query parameter
- let mut access_token = "".into();
- self.get_request_token(hs, &mut access_token);
+ let access_token = match self.get_request_token(hs) {
+ Some(token) => token,
+ _ => return self.err("Missing access token"),
+ };
// Validate the user
use crate::auth;
- let claims = match auth::decode_login(&mut access_token.as_str()) {
+ let claims = match auth::decode_login(access_token.as_str()) {
Ok(claims) => claims,
Err(_) => return self.err("Invalid access token provided"),
};
