Merge pull request #133 from Ceron257/add-push-password

Allow setting different passwords for pushing and pulling
harlanc · Jun 7, 2024 · 56802e4 · 56802e4
2 parents 2be56a7 + a37a63b
commit 56802e4
Show file tree

Hide file tree

Showing 3 changed files with 14 additions and 5 deletions.
diff --git a/application/xiu/src/config/mod.rs b/application/xiu/src/config/mod.rs
@@ -187,6 +187,7 @@ pub struct HttpNotifierConfig {
 pub struct AuthSecretConfig {
     pub key: String,
     pub password: String,
+    pub push_password: Option<String>
 }
 
 #[derive(Debug, Deserialize, Clone, Default)]

diff --git a/application/xiu/src/service.rs b/application/xiu/src/service.rs
@@ -52,6 +52,7 @@ impl Service {
             Some(Auth::new(
                 authsecret.key.clone(),
                 authsecret.password.clone(),
+                authsecret.push_password.clone(),
                 cfg.algorithm.clone(),
                 auth_type,
             ))

diff --git a/library/common/src/auth.rs b/library/common/src/auth.rs
@@ -26,20 +26,23 @@ pub struct Auth {
     algorithm: AuthAlgorithm,
     key: String,
     password: String,
+    push_password: Option<String>,
     pub auth_type: AuthType,
 }
 
 impl Auth {
     pub fn new(
         key: String,
         password: String,
+        push_password: Option<String>,
         algorithm: AuthAlgorithm,
         auth_type: AuthType,
     ) -> Self {
         Self {
             algorithm,
             key,
             password,
+            push_password,
             auth_type,
         }
     }
@@ -70,7 +73,7 @@ impl Auth {
                 }
 
                 if let Some(token) = query_pairs.get("token") {
-                    if self.check(stream_name, token) {
+                    if self.check(stream_name, token, is_pull) {
                         return Ok(());
                     }
                     auth_err_reason = format!("token is not correct: {}", token);
@@ -90,11 +93,15 @@ impl Auth {
         Ok(())
     }
 
-    fn check(&self, stream_name: &String, auth_str: &str) -> bool {
+    fn check(&self, stream_name: &String, auth_str: &str, is_pull: bool) -> bool {
+        let password = if is_pull {
+            &self.password
+        } else {
+            self.push_password.as_ref().unwrap_or(&self.password)
+        };
+
         match self.algorithm {
-            AuthAlgorithm::Simple => {
-                self.password == auth_str
-            }
+            AuthAlgorithm::Simple => password == auth_str,
             AuthAlgorithm::Md5 => {
                 let raw_data = format!("{}{}", self.key, stream_name);
                 let digest_str = format!("{:x}", md5::compute(raw_data));