check that the user did in the request is the same as the configured user did
+5
-1
src/server.rs
+5
-1
src/server.rs
···
29
29
pub struct ServerConfig {
30
30
pub appview_did: String,
31
31
pub appview_endpoint: String,
32
+
pub user_did: String,
32
33
}
33
34
34
35
pub async fn run_server() {
···
41
42
let appview_did: String = std::env::var("APPVIEW_DID").expect("APPVIEW_DID missing");
42
43
let appview_endpoint = std::env::var("APPVIEW_HOSTNAME").expect("APPVIEW_HOSTNAME missing");
43
44
45
+
let users_did = std::env::var("USERS_DID").expect("USERS_DID missing");
46
+
44
47
let server_config = ServerConfig {
45
48
appview_did: appview_did.clone(),
46
49
appview_endpoint: appview_endpoint.clone(),
50
+
user_did: users_did,
47
51
};
48
52
49
53
let service_did = Did::new_owned(appview_did).expect("APPVIEW_DID produced an invalid did:web");
···
169
173
170
174
#[derive(Clone)]
171
175
pub struct AppState {
172
-
server_config: ServerConfig,
176
+
pub server_config: ServerConfig,
173
177
pub service_auth: ServiceAuthConfig<JacquardResolver>,
174
178
pub resolver: JacquardResolver,
175
179
}
+5
src/xrpc/routes.rs
+5
src/xrpc/routes.rs
···
37
37
}
38
38
};
39
39
40
+
if did.to_string() != state.server_config.user_did.to_string() {
41
+
println!("configured user did does not match request user did {did}");
42
+
return Err(XrpcErrorResponse::internal_server_error());
43
+
}
44
+
40
45
println!("did is {did}");
41
46
return Err(XrpcErrorResponse::not_implemented());
42
47
}
History
2 rounds
0 comments
willdot.net
submitted
#1
1 commit
expand
collapse
print out the did from the request by resolving it
check that the user did in the request is the same as the configured user did
merge conflicts detected
expand
collapse
expand
collapse
- src/server.rs:13
- src/xrpc/routes.rs:2
expand 0 comments
willdot.net
submitted
#0
1 commit
expand
collapse
print out the did from the request by resolving it