mirror of
https://github.com/dani-garcia/vaultwarden.git
synced 2025-01-07 01:00:08 -05:00
Improving code
This commit is contained in:
parent
c59cfe3371
commit
260ffee093
1 changed files with 27 additions and 33 deletions
|
@ -21,7 +21,7 @@ static SHOW_WEBSOCKETS_MSG: AtomicBool = AtomicBool::new(true);
|
||||||
fn websockets_err() -> EmptyResult {
|
fn websockets_err() -> EmptyResult {
|
||||||
if CONFIG.websocket_enabled() && SHOW_WEBSOCKETS_MSG.compare_and_swap(true, false, Ordering::Relaxed) {
|
if CONFIG.websocket_enabled() && SHOW_WEBSOCKETS_MSG.compare_and_swap(true, false, Ordering::Relaxed) {
|
||||||
err!(
|
err!(
|
||||||
"###########################################################
|
"###########################################################
|
||||||
'/notifications/hub' should be proxied to the websocket server or notifications won't work.
|
'/notifications/hub' should be proxied to the websocket server or notifications won't work.
|
||||||
Go to the Wiki for more info, or disable WebSockets setting WEBSOCKET_ENABLED=false.
|
Go to the Wiki for more info, or disable WebSockets setting WEBSOCKET_ENABLED=false.
|
||||||
###########################################################################################"
|
###########################################################################################"
|
||||||
|
@ -139,7 +139,6 @@ struct InitialMessage {
|
||||||
const PING_MS: u64 = 15_000;
|
const PING_MS: u64 = 15_000;
|
||||||
const PING: Token = Token(1);
|
const PING: Token = Token(1);
|
||||||
|
|
||||||
const ID_KEY: &str = "id=";
|
|
||||||
const ACCESS_TOKEN_KEY: &str = "access_token=";
|
const ACCESS_TOKEN_KEY: &str = "access_token=";
|
||||||
|
|
||||||
impl WSHandler {
|
impl WSHandler {
|
||||||
|
@ -151,37 +150,30 @@ impl WSHandler {
|
||||||
Err(ws::Error::new(ws::ErrorKind::Io(io_error), msg))
|
Err(ws::Error::new(ws::ErrorKind::Io(io_error), msg))
|
||||||
}
|
}
|
||||||
|
|
||||||
fn get_request_token(&self, hs: Handshake, token: &mut String) {
|
fn get_request_token(&self, hs: Handshake) -> Option<String> {
|
||||||
let path = hs.request.resource();
|
use std::str::from_utf8;
|
||||||
|
|
||||||
match hs.request.header("Authorization") {
|
// Verify we have a token header
|
||||||
Some(header_value) => match std::str::from_utf8(header_value) {
|
if let Some(header_value) = hs.request.header("Authorization") {
|
||||||
Ok(converted) => match converted.split("Bearer ").nth(1) {
|
if let Ok(converted) = from_utf8(header_value) {
|
||||||
Some(token_part) => token.push_str(token_part),
|
if let Some(token_part) = converted.split("Bearer ").nth(1) {
|
||||||
_ => (),
|
return Some(token_part.into());
|
||||||
},
|
}
|
||||||
_ => (),
|
}
|
||||||
},
|
};
|
||||||
_ => (),
|
|
||||||
|
// Otherwise verify the query parameter value
|
||||||
|
let path = hs.request.resource();
|
||||||
|
if let Some(params) = path.split('?').nth(1) {
|
||||||
|
let params_iter = params.split('&').take(1);
|
||||||
|
for val in params_iter {
|
||||||
|
if val.starts_with(ACCESS_TOKEN_KEY) {
|
||||||
|
return Some(val[ACCESS_TOKEN_KEY.len()..].into());
|
||||||
|
}
|
||||||
|
}
|
||||||
};
|
};
|
||||||
|
|
||||||
match token.is_empty() {
|
None
|
||||||
true => {
|
|
||||||
match path.split('?').nth(1) {
|
|
||||||
Some(params) => {
|
|
||||||
let params_iter = params.split('&').take(2);
|
|
||||||
for val in params_iter {
|
|
||||||
if val.starts_with(ACCESS_TOKEN_KEY) {
|
|
||||||
token.push_str(&val[ACCESS_TOKEN_KEY.len()..]);
|
|
||||||
break;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
_ => (),
|
|
||||||
};
|
|
||||||
}
|
|
||||||
false => (),
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -193,12 +185,14 @@ impl Handler for WSHandler {
|
||||||
// no longer seem to pass `id` (only `access_token`).
|
// no longer seem to pass `id` (only `access_token`).
|
||||||
|
|
||||||
// Get user token from header or query parameter
|
// Get user token from header or query parameter
|
||||||
let mut access_token = "".into();
|
let access_token = match self.get_request_token(hs) {
|
||||||
self.get_request_token(hs, &mut access_token);
|
Some(token) => token,
|
||||||
|
_ => return self.err("Missing access token"),
|
||||||
|
};
|
||||||
|
|
||||||
// Validate the user
|
// Validate the user
|
||||||
use crate::auth;
|
use crate::auth;
|
||||||
let claims = match auth::decode_login(&mut access_token.as_str()) {
|
let claims = match auth::decode_login(access_token.as_str()) {
|
||||||
Ok(claims) => claims,
|
Ok(claims) => claims,
|
||||||
Err(_) => return self.err("Invalid access token provided"),
|
Err(_) => return self.err("Invalid access token provided"),
|
||||||
};
|
};
|
||||||
|
|
Loading…
Reference in a new issue