check if payload secrets match env variable secrets
This commit is contained in:
parent
5bb55e9177
commit
b4938c904e
1
.gitignore
vendored
1
.gitignore
vendored
@ -1 +1,2 @@
|
|||||||
/target
|
/target
|
||||||
|
.idea
|
@ -1,4 +1,16 @@
|
|||||||
|
#!/bin/sh
|
||||||
|
|
||||||
|
## starte server mit env vars passend zum ersten aufruf
|
||||||
|
## TODO das muss noch gescripted werden
|
||||||
|
|
||||||
|
# should return 201
|
||||||
curl -XPOST \
|
curl -XPOST \
|
||||||
-H "Content-Type: application/json" \
|
-H "Content-Type: application/json" \
|
||||||
--data '{"consumer_key": "","consumer_secret":"","aerie":true }' \
|
--data '{"consumer_key": "test123","consumer_secret":"123test","aerie":true }' \
|
||||||
http://localhost:3000/api/update
|
http://localhost:3000/api/update -vvv
|
||||||
|
|
||||||
|
#should return 500
|
||||||
|
curl -XPOST \
|
||||||
|
-H "Content-Type: application/json" \
|
||||||
|
--data '{"consumer_key": "test123","consumer_secret":"123test","aerie":true }' \
|
||||||
|
http://localhost:3000/api/update -vvv
|
22
src/main.rs
22
src/main.rs
@ -1,5 +1,6 @@
|
|||||||
use std::fs::File;
|
use std::fs::File;
|
||||||
use std::io::prelude::*;
|
use std::io::prelude::*;
|
||||||
|
use std::env;
|
||||||
|
|
||||||
use axum::{
|
use axum::{
|
||||||
http::StatusCode,
|
http::StatusCode,
|
||||||
@ -36,6 +37,18 @@ fn init_status() -> Status {
|
|||||||
status::status(sensors, state)
|
status::status(sensors, state)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// check given secret
|
||||||
|
// https://www.youtube.com/watch?v=aHKWVLH-ibY
|
||||||
|
fn check_secret(given_secret: String, given_key: String) -> bool {
|
||||||
|
let consumer_secret = env::var("consumer_secret").unwrap();
|
||||||
|
let consumer_key = env::var("consumer_key").unwrap();
|
||||||
|
|
||||||
|
if given_secret == consumer_secret && given_key == consumer_key {
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
false
|
||||||
|
}
|
||||||
|
|
||||||
// Write status to file and return JSON string.
|
// Write status to file and return JSON string.
|
||||||
fn write_status(s: Status) -> String {
|
fn write_status(s: Status) -> String {
|
||||||
let s = serde_json::to_string(&s).unwrap();
|
let s = serde_json::to_string(&s).unwrap();
|
||||||
@ -59,11 +72,20 @@ async fn root() -> String {
|
|||||||
struct TheDoors {
|
struct TheDoors {
|
||||||
aerie: Option<bool>,
|
aerie: Option<bool>,
|
||||||
cellar: Option<bool>,
|
cellar: Option<bool>,
|
||||||
|
consumer_key: String,
|
||||||
|
consumer_secret: String
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
// The door can see through your soul.
|
// The door can see through your soul.
|
||||||
// https://www.youtube.com/watch?v=bDQDp00oTP4
|
// https://www.youtube.com/watch?v=bDQDp00oTP4
|
||||||
async fn the_doors(Json(payload): Json<TheDoors>) -> StatusCode {
|
async fn the_doors(Json(payload): Json<TheDoors>) -> StatusCode {
|
||||||
|
|
||||||
|
let check_secret = check_secret(payload.consumer_secret, payload.consumer_key);
|
||||||
|
|
||||||
|
if !check_secret { return StatusCode::FORBIDDEN; }
|
||||||
|
|
||||||
|
|
||||||
let status: Status = if std::path::Path::new(STATUS_FILE).exists() {
|
let status: Status = if std::path::Path::new(STATUS_FILE).exists() {
|
||||||
let contents = std::fs::read_to_string(STATUS_FILE).expect("FCKAFD");
|
let contents = std::fs::read_to_string(STATUS_FILE).expect("FCKAFD");
|
||||||
serde_json::from_str(&contents).unwrap_or_else(|_| init_status())
|
serde_json::from_str(&contents).unwrap_or_else(|_| init_status())
|
||||||
|
Loading…
Reference in New Issue
Block a user