this repo has no description
feature: bypass authentication when allow list is empty
Signed-off-by: Nick Gerakines <12125+ngerakines@users.noreply.github.com>
+28
-26
+28
-26
src/http/handle_get_feed_skeleton.rs
+28
-26
src/http/handle_get_feed_skeleton.rs
···
58
58
59
59
let feed_control = feed_control.unwrap();
60
60
61
-
let authorization = headers.get("Authorization").and_then(|value| {
62
-
value
63
-
.to_str()
64
-
.map(|inner_value| inner_value.to_string())
65
-
.ok()
66
-
});
61
+
if feed_control.allowed.len() > 0 {
62
+
let authorization = headers.get("Authorization").and_then(|value| {
63
+
value
64
+
.to_str()
65
+
.map(|inner_value| inner_value.to_string())
66
+
.ok()
67
+
});
67
68
68
-
let did = did_from_jwt(&web_context.pool, &web_context.external_base, authorization).await;
69
+
let did = did_from_jwt(&web_context.pool, &web_context.external_base, authorization).await;
69
70
70
-
if let Err(err) = did {
71
-
tracing::error!(error = ?err, "failed to validate JWT");
72
-
return Ok(Json(FeedItemsView {
73
-
cursor: None,
74
-
feed: vec![FeedItemView {
75
-
post: feed_control.deny.clone(),
76
-
}],
77
-
})
78
-
.into_response());
79
-
}
71
+
if let Err(err) = did {
72
+
tracing::error!(error = ?err, "failed to validate JWT");
73
+
return Ok(Json(FeedItemsView {
74
+
cursor: None,
75
+
feed: vec![FeedItemView {
76
+
post: feed_control.deny.clone(),
77
+
}],
78
+
})
79
+
.into_response());
80
+
}
80
81
81
-
let did = did.unwrap();
82
+
let did = did.unwrap();
82
83
83
-
if !feed_control.allowed.contains(&did) {
84
-
return Ok(Json(FeedItemsView {
85
-
cursor: None,
86
-
feed: vec![FeedItemView {
87
-
post: feed_control.deny.clone(),
88
-
}],
89
-
})
90
-
.into_response());
84
+
if !feed_control.allowed.contains(&did) {
85
+
return Ok(Json(FeedItemsView {
86
+
cursor: None,
87
+
feed: vec![FeedItemView {
88
+
post: feed_control.deny.clone(),
89
+
}],
90
+
})
91
+
.into_response());
92
+
}
91
93
}
92
94
93
95
let parsed_cursor = parse_cursor(feed_params.cursor);