Deuxfleurs/garage
34
65
Fork 83
Code Issues 95 Pull requests 16 Releases 32 Wiki Activity

admin api: use fast local reads for token verification
All checks were successful
ci/woodpecker/push/debug Pipeline was successful
Details
ci/woodpecker/pr/debug Pipeline was successful
Details

Browse source
This commit is contained in:
Alex 2025-03-25 13:07:45 +01:00
parent 1e13a66b42
commit 9dcc5232a6
1 changed files with 3 additions and 5 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
src/api/admin/api_server.rs
View file

@ -169,8 +169,7 @@ impl AdminApiServer {
};
if token_required {
verify_authorization(&self.garage, global_token_hash, auth_header, request.name())
.await?;
verify_authorization(&self.garage, global_token_hash, auth_header, request.name())?;
}
match request {
@ -245,7 +244,7 @@ fn hash_bearer_token(token: &str) -> String {
.to_string()
}
async fn verify_authorization(
fn verify_authorization(
garage: &Garage,
global_token_hash: Option<&str>,
auth_header: Option<hyper::http::HeaderValue>,
@ -271,8 +270,7 @@ async fn verify_authorization(
let token_hash_string = if let Some((prefix, _)) = token.split_once('.') {
garage
.admin_token_table
.get(&EmptyKey, &prefix.to_string())
.await?
.get_local(&EmptyKey, &prefix.to_string())?
.and_then(|k| k.state.into_option())
.filter(|p| {
p.expiration