feat(server): authorized requests

2023-08-03 09:34:33 +02:00 · 2023-08-03 09:34:33 +02:00 · a7e0c03b58
commit a7e0c03b58
parent bc19158747
3 changed files with 29 additions and 7 deletions
--- a/server/Cargo.toml
+++ b/server/Cargo.toml
@ -18,7 +18,7 @@ sha256 = "1.1.4"
 tokio = { version = "1.29.1", features = ["full"] }
 tokio-util = { version = "0.7.8", features = ["io"] }
 tower = { version = "0.4.13", features = ["make"] }
-tower-http = { version = "0.4.1", features = ["fs", "trace"] }
+tower-http = { version = "0.4.1", features = ["fs", "trace", "auth"] }
 tracing = "0.1.37"
 tracing-subscriber = { version = "0.3.17", features = ["env-filter"] }
 uuid = { version = "1.4.0", features = ["v4"] }
--- a/server/src/repo/mod.rs
+++ b/server/src/repo/mod.rs
@ -17,15 +17,28 @@ use std::sync::Arc;
 use tokio::{fs, io::AsyncWriteExt};
 use tower::util::ServiceExt;
 use tower_http::services::{ServeDir, ServeFile};
+use tower_http::validate_request::ValidateRequestHeaderLayer;
 use uuid::Uuid;

 pub fn router() -> Router<crate::Global> {
    Router::new()
-        .route("/:repo", post(post_package_archive).delete(delete_repo))
-        .route("/:repo/:arch", delete(delete_arch_repo))
+        .route(
+            "/:repo",
+            post(post_package_archive)
+                .delete(delete_repo)
+                .layer(ValidateRequestHeaderLayer::bearer("test")),
+        )
+        .route(
+            "/:repo/:arch",
+            delete(delete_arch_repo).layer(ValidateRequestHeaderLayer::bearer("test")),
+        )
+        // Routes added after the layer do not get that layer applied, so the GET requests will not
+        // be authorized
        .route(
            "/:repo/:arch/:filename",
-            delete(delete_package).get(get_file),
+            delete(delete_package)
+                .layer(ValidateRequestHeaderLayer::bearer("test"))
+                .get(get_file),
        )
 }

@ -57,6 +70,8 @@ async fn post_package_archive(
    match res {
        // Insert the newly added package into the database
        Ok(pkg) => {
+            tracing::info!("Added '{}' to repository '{}'", pkg.file_name(), repo);
+
            // Query the repo for its ID, or create it if it does not already exist
            let repo_entity = db_repo::Entity::find()
                .filter(db_repo::Column::Name.eq(&repo))