tyler/proxmox-backup
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

proxmox-rest-server: cleanup, access api_auth using a method

Browse Source
This commit is contained in:
Dietmar Maurer 2021-10-04 13:32:19 +02:00
parent 347e0d4c57
commit 3483a3b3a1
2 changed files with 13 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
proxmox-rest-server/src/api_config.rs
View File

@ -13,10 +13,10 @@ use hyper::http::request::Parts;
use handlebars::Handlebars; use handlebars::Handlebars;
use serde::Serialize; use serde::Serialize;
use proxmox::api::{ApiMethod, Router, RpcEnvironmentType}; use proxmox::api::{ApiMethod, Router, RpcEnvironmentType, UserInformation};
use proxmox::tools::fs::{create_path, CreateOptions}; use proxmox::tools::fs::{create_path, CreateOptions};
use crate::{ApiAuth, FileLogger, FileLogOptions, CommandSocket}; use crate::{ApiAuth, AuthError, FileLogger, FileLogOptions, CommandSocket};
pub type GetIndexFn = &'static (dyn for<'a> Fn(Option<String>, Option<String>, &'a ApiConfig, Parts) -> Pin<Box<dyn Future<Output = Response<Body>> + Send + 'a>> + Send + Sync); pub type GetIndexFn = &'static (dyn for<'a> Fn(Option<String>, Option<String>, &'a ApiConfig, Parts) -> Pin<Box<dyn Future<Output = Response<Body>> + Send + 'a>> + Send + Sync);
@ -30,7 +30,7 @@ pub struct ApiConfig {
template_files: RwLock<HashMap<String, (SystemTime, PathBuf)>>, template_files: RwLock<HashMap<String, (SystemTime, PathBuf)>>,
request_log: Option<Arc<Mutex<FileLogger>>>, request_log: Option<Arc<Mutex<FileLogger>>>,
auth_log: Option<Arc<Mutex<FileLogger>>>, auth_log: Option<Arc<Mutex<FileLogger>>>,
pub(crate) api_auth: Arc<dyn ApiAuth + Send + Sync>, api_auth: Arc<dyn ApiAuth + Send + Sync>,
get_index_fn: GetIndexFn, get_index_fn: GetIndexFn,
} }
@ -79,6 +79,14 @@ impl ApiConfig {
(self.get_index_fn)(auth_id, language, self, parts).await (self.get_index_fn)(auth_id, language, self, parts).await
} }
pub(crate) async fn check_auth(
&self,
headers: &http::HeaderMap,
method: &hyper::Method,
) -> Result<(String, Box<dyn UserInformation + Sync + Send>), AuthError> {
self.api_auth.check_auth(headers, method).await
}
pub(crate) fn find_method( pub(crate) fn find_method(
&self, &self,
components: &[&str], components: &[&str],

6
proxmox-rest-server/src/rest.rs
View File

@ -630,8 +630,6 @@ async fn handle_request(
rpcenv.set_client_ip(Some(*peer)); rpcenv.set_client_ip(Some(*peer));
let auth = &api.api_auth;
let delay_unauth_time = std::time::Instant::now() + std::time::Duration::from_millis(3000); let delay_unauth_time = std::time::Instant::now() + std::time::Duration::from_millis(3000);
let access_forbidden_time = std::time::Instant::now() + std::time::Duration::from_millis(500); let access_forbidden_time = std::time::Instant::now() + std::time::Duration::from_millis(500);
@ -658,7 +656,7 @@ async fn handle_request(
let mut user_info: Box<dyn UserInformation + Send + Sync> = Box::new(EmptyUserInformation {}); let mut user_info: Box<dyn UserInformation + Send + Sync> = Box::new(EmptyUserInformation {});
if auth_required { if auth_required {
match auth.check_auth(&parts.headers, &method).await { match api.check_auth(&parts.headers, &method).await {
Ok((authid, info)) => { Ok((authid, info)) => {
rpcenv.set_auth_id(Some(authid)); rpcenv.set_auth_id(Some(authid));
user_info = info; user_info = info;
@ -730,7 +728,7 @@ async fn handle_request(
if comp_len == 0 { if comp_len == 0 {
let language = extract_lang_header(&parts.headers); let language = extract_lang_header(&parts.headers);
match auth.check_auth(&parts.headers, &method).await { match api.check_auth(&parts.headers, &method).await {
Ok((auth_id, _user_info)) => { Ok((auth_id, _user_info)) => {
return Ok(api.get_index(Some(auth_id), language, parts).await); return Ok(api.get_index(Some(auth_id), language, parts).await);
} }