check remote_addr is loopback

2020-05-06 03:37:18 +03:00 · 2020-05-06 03:37:18 +03:00 · 7a7faf405e
parent d6577e555e
commit 7a7faf405e
1 changed files with 15 additions and 10 deletions
--- a/src/webserver.rs
+++ b/src/webserver.rs
@ -59,18 +59,23 @@ fn authenticate(tokens: HashMap<String, String>) -> impl Filter<Extract = (), Er
    warp::filters::any::any()
        .map(move || tokens.clone())
        .and(filters::query::query::<AuthToken>())
-        .and_then(|tokens: Arc<HashSet<String>>, token: AuthToken| {
+        .and(filters::addr::remote())
-            async move {
+        .and_then(
-                if let Some(token) = token.token {
+            |tokens: Arc<HashSet<String>>, token: AuthToken, peer_addr: Option<std::net::SocketAddr>| {
-                    if tokens.contains(&token) {
+                async move {
-                        return Ok(());
+                    if let Some(addr) = peer_addr {
                        if let Some(token) = token.token {
                            if addr.ip().is_loopback() && tokens.contains(&token) {
                                return Ok(());
                            }
                        }
                    }
                    Err(warp::reject::custom(ActionStatus::Err {
                        reason: "Access Denied".into(),
                    }))
                }
-                Err(warp::reject::custom(ActionStatus::Err {
+            },
-                    reason: "Access Denied".into(),
+        )
                }))
            }
        })
        .untuple_one()
 }