Deuxfleurs/garage
34
65
Fork 83
Code Issues 95 Pull requests 16 Releases 32 Wiki Activity

admin api: use fast local reads for token verification
All checks were successful
ci/woodpecker/push/debug Pipeline was successful
Details
ci/woodpecker/pr/debug Pipeline was successful
Details

Browse source
This commit is contained in:
Alex 2025-03-25 13:07:45 +01:00
parent 1e13a66b42
commit 9dcc5232a6
1 changed files with 3 additions and 5 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
src/api/admin/api_server.rs
View file

@ -169,8 +169,7 @@ impl AdminApiServer {
}; };
if token_required { if token_required {
verify_authorization(&self.garage, global_token_hash, auth_header, request.name()) verify_authorization(&self.garage, global_token_hash, auth_header, request.name())?;
.await?;
} }
match request { match request {
@ -245,7 +244,7 @@ fn hash_bearer_token(token: &str) -> String {
.to_string() .to_string()
} }
async fn verify_authorization( fn verify_authorization(
garage: &Garage, garage: &Garage,
global_token_hash: Option<&str>, global_token_hash: Option<&str>,
auth_header: Option<hyper::http::HeaderValue>, auth_header: Option<hyper::http::HeaderValue>,
@ -271,8 +270,7 @@ async fn verify_authorization(
let token_hash_string = if let Some((prefix, _)) = token.split_once('.') { let token_hash_string = if let Some((prefix, _)) = token.split_once('.') {
garage garage
.admin_token_table .admin_token_table
.get(&EmptyKey, &prefix.to_string()) .get_local(&EmptyKey, &prefix.to_string())?
.await?
.and_then(|k| k.state.into_option()) .and_then(|k| k.state.into_option())
.filter(|p| { .filter(|p| {
p.expiration p.expiration