deblan-mirror/sero
1
0
Fork 0
mirror of https://github.com/clowzed/sero synced 2024-05-23 09:42:12 +02:00
Code Issues Packages Projects Releases Wiki Activity

Rewritten cors check closure to tokio spawn with channels

Browse source
This commit is contained in:
clowzed 2023-11-08 16:50:50 +03:00
parent 2cfe57f73c
commit 2ba76400c4
2 changed files with 54 additions and 26 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

17
openapi.yml
View file

@ -322,6 +322,14 @@ paths:
/api/cors/add: /api/cors/add:
post: post:
summary: Add origin summary: Add origin
parameters:
- in: header
name: X-Subdomain
schema:
type: string
required: true
security:
- bearerAuth: []
requestBody: requestBody:
required: true required: true
content: content:
@ -358,6 +366,15 @@ paths:
/api/cors/clear: /api/cors/clear:
post: post:
summary: Clear related origins summary: Clear related origins
parameters:
- in: header
name: X-Subdomain
schema:
type: string
required: true
security:
- bearerAuth: []
responses: responses:
"200": "200":

63
src/main.rs
View file

@ -1,8 +1,8 @@
use std::{fmt::Debug, net::SocketAddr}; use std::{fmt::Debug, net::SocketAddr, sync::mpsc};
use axum::{ use axum::{
extract::DefaultBodyLimit, extract::DefaultBodyLimit,
http::{request::Parts, HeaderName, HeaderValue, Method, StatusCode}, http::{HeaderName, Method, StatusCode},
routing::{get, post}, routing::{get, post},
Router, Router,
}; };
@ -68,31 +68,42 @@ async fn main() {
.layer( .layer(
CorsLayer::new() CorsLayer::new()
.allow_methods(AllowMethods::exact(Method::GET)) .allow_methods(AllowMethods::exact(Method::GET))
.allow_headers(AllowHeaders::list([HeaderName::from_static("X-Subdomain")])) .allow_headers(AllowHeaders::list([HeaderName::from_static("x-subdomain")]))
.allow_origin(AllowOrigin::predicate( .allow_origin(AllowOrigin::predicate(move |origin, parts| {
move |origin: &HeaderValue, parts: &Parts| { let cloned_state = cloned_state.clone();
let origin = origin.to_str().unwrap_or_default(); let cloned_origin = origin
let subdomain_model_future = .clone()
SubdomainModel::from_headers(&parts.headers, &cloned_state); .to_str()
.map(|s| s.to_string())
.unwrap_or_default();
let cloned_headers = parts.headers.clone();
let (tx, rx) = mpsc::channel();
tokio::runtime::Handle::current().block_on(async { tokio::spawn(async move {
let subdomain_model = subdomain_model_future.await; let subdomain_model_extractor =
match subdomain_model { SubdomainModel::from_headers(&cloned_headers, &cloned_state)
Ok(model) => match CorsService::check(model.0, origin, &cloned_state.connection).await{ .await
Ok(result) => result, .map_err(|cause| {
Err(cause) => { tracing::error!(%cause, "Failed to extract subdomain model from headers for cors!");
tracing::error!(%cause, "Failed to check origin for cors filtering!"); });
false if subdomain_model_extractor.is_err() {
} tx.send(false).ok();
}, return;
Err(cause) => { }
tracing::error!(%cause, "Failed to find subdomain model for cors filtering!");
false let res = CorsService::check(
}, subdomain_model_extractor.unwrap().0,
} &cloned_origin,
}) &cloned_state.connection,
}, )
)), .await
.unwrap_or(false);
tx.send(res).ok();
});
rx.recv().unwrap_or(false)
})),
); );
let mut app = Router::new() let mut app = Router::new()