feat(lander): re-add authentication using LNM
ci/woodpecker/push/build Pipeline was successful Details

lnm
Jef Roosens 2023-12-06 18:16:52 +01:00
parent 8dc8ef8e2d
commit 1a7686003c
Signed by: Jef Roosens
GPG Key ID: B75D4F293C7052DB
4 changed files with 41 additions and 6 deletions

View File

@ -83,6 +83,8 @@ lnm_err lnm_http_loop_route_add(lnm_http_loop *hl, lnm_http_route *route);
lnm_err lnm_http_loop_run(lnm_http_loop *hl, uint16_t port); lnm_err lnm_http_loop_run(lnm_http_loop *hl, uint16_t port);
void lnm_http_loop_set_api_key(lnm_http_loop *hl, const char *api_key);
/** /**
* Represents what state an HTTP loop request is currently in. * Represents what state an HTTP loop request is currently in.
*/ */
@ -115,6 +117,7 @@ typedef struct lnm_http_loop_gctx {
lnm_http_ctx_init_fn ctx_init; lnm_http_ctx_init_fn ctx_init;
lnm_http_ctx_reset_fn ctx_reset; lnm_http_ctx_reset_fn ctx_reset;
lnm_http_ctx_free_fn ctx_free; lnm_http_ctx_free_fn ctx_free;
const char *api_key;
void *c; void *c;
} lnm_http_loop_gctx; } lnm_http_loop_gctx;
@ -130,4 +133,6 @@ typedef struct lnm_http_loop_ctx {
lnm_http_step_err lnm_http_loop_step_body_to_buf(lnm_http_conn *conn); lnm_http_step_err lnm_http_loop_step_body_to_buf(lnm_http_conn *conn);
lnm_http_step_err lnm_http_loop_step_auth(lnm_http_conn *conn);
#endif #endif

View File

@ -126,3 +126,8 @@ lnm_err lnm_http_loop_run(lnm_http_loop *hl, uint16_t port) {
LNM_RES(lnm_loop_setup(hl, port)); LNM_RES(lnm_loop_setup(hl, port));
return lnm_loop_run(hl); return lnm_loop_run(hl);
} }
void lnm_http_loop_set_api_key(lnm_http_loop *hl, const char *api_key) {
lnm_http_loop_gctx *gctx = hl->gctx;
gctx->api_key = api_key;
}

View File

@ -1,5 +1,6 @@
#include <string.h> #include <string.h>
#include "lnm/http/consts.h"
#include "lnm/http/loop.h" #include "lnm/http/loop.h"
#include "lnm/loop.h" #include "lnm/loop.h"
@ -22,3 +23,22 @@ lnm_http_step_err lnm_http_loop_step_body_to_buf(lnm_http_conn *conn) {
? lnm_http_step_err_done ? lnm_http_step_err_done
: lnm_http_step_err_io_needed; : lnm_http_step_err_io_needed;
} }
lnm_http_step_err lnm_http_loop_step_auth(lnm_http_conn *conn) {
lnm_http_loop_ctx *ctx = conn->ctx;
// If there's no API key, requests are always authorized
bool authorized = ctx->g->api_key == NULL;
const char *value;
size_t value_len;
if (!authorized && lnm_http_req_header_get_s(&value, &value_len, &ctx->req,
"X-Api-Key") == lnm_err_ok) {
authorized = (value_len == strlen(ctx->g->api_key)) &&
(memcmp(value, ctx->g->api_key, value_len) == 0);
}
ctx->res.status = authorized ? ctx->res.status : lnm_http_status_unauthorized;
return authorized ? lnm_http_step_err_done : lnm_http_step_err_res;
}

View File

@ -7,13 +7,14 @@
#include "lander.h" #include "lander.h"
#include "log.h" #include "log.h"
lnm_http_loop *loop_init(lander_gctx *gctx) { lnm_http_loop *loop_init(lander_gctx *gctx, const char *api_key) {
lnm_http_loop *hl; lnm_http_loop *hl;
lnm_http_step *step = NULL; lnm_http_step *step = NULL;
lnm_http_route *route; lnm_http_route *route;
lnm_http_loop_init(&hl, gctx, lander_ctx_init, lnm_http_loop_init(&hl, gctx, lander_ctx_init,
(lnm_http_ctx_reset_fn)lander_ctx_reset, (lnm_http_ctx_reset_fn)lander_ctx_reset,
(lnm_http_ctx_free_fn)lander_ctx_free); (lnm_http_ctx_free_fn)lander_ctx_free);
lnm_http_loop_set_api_key(hl, api_key);
lnm_http_step_init(&step, lander_get_index); lnm_http_step_init(&step, lander_get_index);
lnm_http_route_init_literal(&route, lnm_http_method_get, "/", step); lnm_http_route_init_literal(&route, lnm_http_method_get, "/", step);
@ -23,28 +24,32 @@ lnm_http_loop *loop_init(lander_gctx *gctx) {
lnm_http_route_init_regex(&route, lnm_http_method_get, "^/([^/]+)$", 1, step); lnm_http_route_init_regex(&route, lnm_http_method_get, "^/([^/]+)$", 1, step);
lnm_http_loop_route_add(hl, route); lnm_http_loop_route_add(hl, route);
lnm_http_step_init(&step, lander_post_redirect); lnm_http_step_init(&step, lnm_http_loop_step_auth);
lnm_http_route_init_regex(&route, lnm_http_method_post, "^/s(l?)/([^/]*)$", 2, lnm_http_route_init_regex(&route, lnm_http_method_post, "^/s(l?)/([^/]*)$", 2,
step); step);
lnm_http_step_append(&step, step, lander_post_redirect);
lnm_http_step_append(&step, step, lnm_http_loop_step_body_to_buf); lnm_http_step_append(&step, step, lnm_http_loop_step_body_to_buf);
lnm_http_step_append(&step, step, lander_post_redirect_body_to_attr); lnm_http_step_append(&step, step, lander_post_redirect_body_to_attr);
lnm_http_loop_route_add(hl, route); lnm_http_loop_route_add(hl, route);
lnm_http_step_init(&step, lander_post_paste); lnm_http_step_init(&step, lnm_http_loop_step_auth);
lnm_http_route_init_regex(&route, lnm_http_method_post, "^/p(l?)/([^/]*)$", 2, lnm_http_route_init_regex(&route, lnm_http_method_post, "^/p(l?)/([^/]*)$", 2,
step); step);
lnm_http_step_append(&step, step, lander_post_paste);
lnm_http_step_append(&step, step, lander_stream_body_to_entry); lnm_http_step_append(&step, step, lander_stream_body_to_entry);
lnm_http_loop_route_add(hl, route); lnm_http_loop_route_add(hl, route);
lnm_http_step_init(&step, lander_post_file); lnm_http_step_init(&step, lnm_http_loop_step_auth);
lnm_http_route_init_regex(&route, lnm_http_method_post, "^/f(l?)/([^/]*)$", 2, lnm_http_route_init_regex(&route, lnm_http_method_post, "^/f(l?)/([^/]*)$", 2,
step); step);
lnm_http_step_append(&step, step, lander_post_file);
lnm_http_step_append(&step, step, lander_stream_body_to_entry); lnm_http_step_append(&step, step, lander_stream_body_to_entry);
lnm_http_loop_route_add(hl, route); lnm_http_loop_route_add(hl, route);
lnm_http_step_init(&step, lander_remove_entry); lnm_http_step_init(&step, lnm_http_loop_step_auth);
lnm_http_route_init_regex(&route, lnm_http_method_delete, "^/([^/]+)$", 1, lnm_http_route_init_regex(&route, lnm_http_method_delete, "^/([^/]+)$", 1,
step); step);
lnm_http_step_append(&step, step, lander_remove_entry);
lnm_http_loop_route_add(hl, route); lnm_http_loop_route_add(hl, route);
return hl; return hl;
@ -89,7 +94,7 @@ int main() {
} }
info("Store loaded containing %lu entries", lsm_store_size(c_gctx->store)); info("Store loaded containing %lu entries", lsm_store_size(c_gctx->store));
lnm_http_loop *hl = loop_init(c_gctx); lnm_http_loop *hl = loop_init(c_gctx, api_key);
lnm_http_loop_run(hl, port); lnm_http_loop_run(hl, port);
/* http_loop *hl = http_loop_init( */ /* http_loop *hl = http_loop_init( */