added auth

2022-08-27 17:59:43 -04:00 · 2022-08-27 17:59:43 -04:00 · cf1982a2bd
parent 34bc843476
commit cf1982a2bd
1 changed files with 23 additions and 3 deletions
--- a/src/lib.rs
+++ b/src/lib.rs
@ -1,5 +1,5 @@
 use serde;
-use worker::*;
+use worker::{kv::KvStore, *};

 #[event(fetch)]
 pub async fn main(req: Request, env: Env, _ctx: worker::Context) -> Result<Response> {
@ -16,8 +16,23 @@ pub async fn main(req: Request, env: Env, _ctx: worker::Context) -> Result<Respo
        created_at: String,
    }

+    async fn check_endpoint_auth(token: &String, kv: KvStore) -> bool {
+        // Check if the token provided by the endpoint is valid.
+        match kv.get("authorized_tokens").cache_ttl(300).text().await.unwrap() {
+    Some(t) => t.split(",")
+    .any(|authorized_token| authorized_token == token),
+    None => false,
+}
+    }
+
    router
-        .get_async("/asterisk/:hostname", |_req, ctx| async move {
+        .get_async("/asterisk/:hostname/:token", |_req, ctx| async move {
+            if let Some(token) = ctx.param("token") {
+                if !check_endpoint_auth(token, ctx.kv("GONK_NODES")?).await {
+                   return Response::error("Unauthorized", 401);
+                }
+            }
+
            if let Some(hostname) = ctx.param("hostname") {
                let kv = ctx.kv("GONK_NODES")?;

@ -31,7 +46,12 @@ pub async fn main(req: Request, env: Env, _ctx: worker::Context) -> Result<Respo
            }
            Response::error("Bad Request", 400)
        })
-        .get_async("/pjsip/:hostname", |_req, ctx| async move {
+        .get_async("/pjsip/:hostname/:token", |_req, ctx| async move {
+            if let Some(token) = ctx.param("token") {
+                if !check_endpoint_auth(token, ctx.kv("GONK_NODES")?).await {
+                   return Response::error("Unauthorized", 401);
+                }
+            }
            if let Some(hostname) = ctx.param("hostname") {
                let kv = ctx.kv("GONK_NODES")?;