repos / pico

commit

f3ea164

parent

f33217e

author

Eric Bower

date

2024-02-02 17:00:49 +0000 UTC

refactor(auth): `/key?space=xxx` instead of inside POST body

 1@@ -193,7 +193,6 @@ type sishData struct {
 2 	PublicKey     string `json:"auth_key"`
 3 	Username      string `json:"user"`
 4 	RemoteAddress string `json:"remote_addr"`
 5-	Space         string `json:"space"`
 6 }
 7 
 8 func keyHandler(w http.ResponseWriter, r *http.Request) {
 9@@ -208,12 +207,14 @@ func keyHandler(w http.ResponseWriter, r *http.Request) {
10 		return
11 	}
12 
13-	// backwards compat
14-	if data.Space == "" {
15-		data.Space = "tuns"
16+	space := r.URL.Query().Get("space")
17+	if space == "" {
18+		spaceErr := fmt.Errorf("Must provide `space` query parameter")
19+		client.Logger.Error(spaceErr)
20+		http.Error(w, spaceErr.Error(), http.StatusUnprocessableEntity)
21 	}
22 
23-	client.Logger.Infof("handle key (%s, %s, %s, %s)", data.RemoteAddress, data.Username, data.Space, data.PublicKey)
24+	client.Logger.Infof("handle key (%s, %s, %s, %s)", data.RemoteAddress, data.Username, space, data.PublicKey)
25 
26 	user, err := client.Dbpool.FindUserForKey(data.Username, data.PublicKey)
27 	if err != nil {
28@@ -222,7 +223,7 @@ func keyHandler(w http.ResponseWriter, r *http.Request) {
29 		return
30 	}
31 
32-	if !client.Dbpool.HasFeatureForUser(user.ID, data.Space) {
33+	if !client.Dbpool.HasFeatureForUser(user.ID, space) {
34 		w.WriteHeader(http.StatusUnauthorized)
35 		return
36 	}