Ruderverein-Donau-Linz/rowt
1
1
Fork 1
Code Issues 49 Pull Requests Actions Packages Projects Wiki Activity

no funny business w/ get params
Some checks failed
CI/CD Pipeline / test (push) Failing after 2m6s
Details
CI/CD Pipeline / deploy-staging (push) Has been skipped
Details
CI/CD Pipeline / deploy-main (push) Has been skipped
Details

Browse Source
This commit is contained in:
Philipp Hofer
2025-04-16 10:46:19 +02:00
parent 588520914c
commit 2b79df8e42
3 changed files with 54 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

56
src/tera/mod.rs
View File

@ -9,7 +9,7 @@ use rocket::{
get,
http::{Cookie, Status},
post,
request::FlashMessage,
request::{FlashMessage, FromRequest, Outcome},
response::{Flash, Redirect},
routes,
time::{Duration, OffsetDateTime},
@ -123,9 +123,57 @@ async fn wikiauth(db: &State<SqlitePool>, login: Form<LoginForm<'_>>) -> String
"FAIL".into()
}
#[get("/?<username>&<password>")]
async fn nextcloud_auth(db: &State<SqlitePool>, username: String, password: String) -> Status {
if let Ok(user) = User::login(db, &username, &password).await {
struct BasicAuth {
username: String,
password: String,
}
#[rocket::async_trait]
impl<'r> FromRequest<'r> for BasicAuth {
type Error = ();
async fn from_request(request: &'r Request<'_>) -> Outcome<Self, Self::Error> {
// Get the Authorization header
let auth_header = match request.headers().get_one("Authorization") {
Some(h) => h,
None => return Outcome::Failure((Status::Unauthorized, ())),
};
// Check if it's a Basic auth header
if !auth_header.starts_with("Basic ") {
return Outcome::Failure((Status::Unauthorized, ()));
}
// Decode the base64 credentials
let credentials = match BASE64.decode(auth_header[6..].as_bytes()) {
Ok(c) => c,
Err(_) => return Outcome::Failure((Status::Unauthorized, ())),
};
// Convert to UTF-8 string
let credentials_str = match str::from_utf8(&credentials) {
Ok(s) => s,
Err(_) => return Outcome::Failure((Status::Unauthorized, ())),
};
// Split into username and password
let mut parts = credentials_str.splitn(2, ':');
let username = match parts.next() {
Some(u) => u.to_string(),
None => return Outcome::Failure((Status::Unauthorized, ())),
};
let password = match parts.next() {
Some(p) => p.to_string(),
None => return Outcome::Failure((Status::Unauthorized, ())),
};
Outcome::Success(BasicAuth { username, password })
}
}
#[get("/")]
async fn nextcloud_auth(db: &State<SqlitePool>, auth: BasicAuth) -> Status {
if let Ok(user) = User::login(db, &auth.username, &auth.password).await {
if user.has_role(db, "admin").await {
return Status::Ok;
}