xevion/dynamic-preauth
1
0
Fork 0
mirror of https://github.com/Xevion/dynamic-preauth.git synced 2025-12-06 01:14:55 -06:00
Code Issues Packages Projects Releases Wiki Activity

server: switch to hexadecimal form, use proper download token instead of session id as key, stop panicing on unavailable websocket

Browse Source
This commit is contained in:
Xevion
2024-12-23 21:10:33 -06:00
parent a4f8aa1f23
commit dc332d954b
1 changed files with 43 additions and 28 deletions
Download Patch File Download Diff File Expand all files Collapse all files

71
src/main.rs
View File

@@ -178,7 +178,7 @@ pub async fn download(req: &mut Request, res: &mut Response, depot: &mut Depot)
// Create a download for the session // Create a download for the session
let session_download = session.add_download(executable); let session_download = session.add_download(executable);
tracing::info!(session_id, type = download_id, dl_token = session_download.token, "Download created"); tracing::info!(session_id, type = download_id, dl_token = session_download.token, "Download created");
let data = executable.with_key(session_id.to_string().as_bytes()); let data = executable.with_key(session_download.token.to_string().as_bytes());
if let Err(e) = res.write_body(data) { if let Err(e) = res.write_body(data) {
tracing::error!("Error writing body: {}", e); tracing::error!("Error writing body: {}", e);
@@ -210,39 +210,54 @@ pub async fn download(req: &mut Request, res: &mut Response, depot: &mut Depot)
pub async fn notify(req: &mut Request, res: &mut Response) { pub async fn notify(req: &mut Request, res: &mut Response) {
let key = req.query::<String>("key"); let key = req.query::<String>("key");
match key { if key.is_none() {
Some(key) => { res.status_code(StatusCode::BAD_REQUEST);
// Parse key into u32 return;
let key = match key.parse::<u32>() { }
Ok(k) => k,
Err(e) => {
tracing::error!("Error parsing key: {}", e);
res.status_code(StatusCode::BAD_REQUEST);
return;
}
};
let store = &mut *STORE.lock().await; let key = key.unwrap();
let session = store.sessions.get_mut(&key);
match session { if !key.starts_with("0x") {
Some(session) => { res.status_code(StatusCode::BAD_REQUEST);
let message = OutgoingMessage::TokenAlert { token: key }; return;
session }
.send_message(message)
.expect("Failed to buffer token alert message");
res.render("Notification sent"); // Parse key into u32
} let key = match u32::from_str_radix(key.trim_start_matches("0x"), 16) {
None => { Ok(k) => k,
tracing::warn!("Session not found for key while attempting notify: {}", key); Err(e) => {
res.status_code(StatusCode::UNAUTHORIZED); tracing::error!("Error parsing key: {}", e);
return; res.status_code(StatusCode::BAD_REQUEST);
} return;
}
};
let store = &mut *STORE.lock().await;
let target_session = store
.sessions
.iter_mut()
.find(|(_, session)| session.downloads.iter().find(|d| d.token == key).is_some());
match target_session {
Some((_, session)) => {
let message = OutgoingMessage::TokenAlert { token: key };
if let Err(e) = session.send_message(message) {
tracing::warn!(
error = e.to_string(),
"Session did not have a receiving WebSocket available, notify ignored.",
);
res.status_code(StatusCode::NOT_MODIFIED);
return;
} }
res.render("Notification sent");
} }
None => { None => {
res.status_code(StatusCode::BAD_REQUEST); tracing::warn!("Session not found for key while attempting notify: {}", key);
res.status_code(StatusCode::UNAUTHORIZED);
return;
} }
} }
} }