fd6d243843
ApiConfig: avoid using pbs_config::backup_user() CommandoSocket: avoid using pbs_config::backup_user() FileLogger: avoid using pbs_config::backup_user() - use atomic_open_or_create_file() Auth Trait: moved definitions to proxmox-rest-server/src/lib.rs - removed CachedUserInfo patrameter - return user as String (not Authid) Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
43 lines
1.1 KiB
Rust
43 lines
1.1 KiB
Rust
//! Authentication via a static ticket file
|
|
use std::fs::File;
|
|
use std::io::prelude::*;
|
|
|
|
use anyhow::{bail, format_err, Error};
|
|
|
|
use proxmox_rest_server::{ApiAuth, AuthError};
|
|
|
|
const TICKET_FILE: &str = "/ticket";
|
|
|
|
pub struct StaticAuth {
|
|
ticket: String,
|
|
}
|
|
|
|
impl ApiAuth for StaticAuth {
|
|
fn check_auth(
|
|
&self,
|
|
headers: &http::HeaderMap,
|
|
_method: &hyper::Method,
|
|
) -> Result<String, AuthError> {
|
|
match headers.get(hyper::header::AUTHORIZATION) {
|
|
Some(header) if header.to_str().unwrap_or("") == &self.ticket => {
|
|
Ok(String::from("root@pam"))
|
|
}
|
|
_ => {
|
|
return Err(AuthError::Generic(format_err!(
|
|
"invalid file restore ticket provided"
|
|
)));
|
|
}
|
|
}
|
|
}
|
|
}
|
|
|
|
pub fn ticket_auth() -> Result<StaticAuth, Error> {
|
|
let mut ticket_file = File::open(TICKET_FILE)?;
|
|
let mut ticket = String::new();
|
|
let len = ticket_file.read_to_string(&mut ticket)?;
|
|
if len <= 0 {
|
|
bail!("invalid ticket: cannot be empty");
|
|
}
|
|
Ok(StaticAuth { ticket })
|
|
}
|