add logging for failed authentication
This commit is contained in:
parent
596aa06809
commit
3b8c103ec1
2
gradle/wrapper/gradle-wrapper.properties
vendored
2
gradle/wrapper/gradle-wrapper.properties
vendored
|
|
@ -1,5 +1,5 @@
|
||||||
distributionBase=GRADLE_USER_HOME
|
distributionBase=GRADLE_USER_HOME
|
||||||
distributionPath=wrapper/dists
|
distributionPath=wrapper/dists
|
||||||
distributionUrl=https\://services.gradle.org/distributions/gradle-8.4-bin.zip
|
distributionUrl=https\://services.gradle.org/distributions/gradle-8.8-bin.zip
|
||||||
zipStoreBase=GRADLE_USER_HOME
|
zipStoreBase=GRADLE_USER_HOME
|
||||||
zipStorePath=wrapper/dists
|
zipStorePath=wrapper/dists
|
||||||
|
|
|
||||||
|
|
@ -21,8 +21,7 @@ object DB {
|
||||||
transaction(db) {
|
transaction(db) {
|
||||||
SchemaUtils.create(
|
SchemaUtils.create(
|
||||||
LoaderVersions,
|
LoaderVersions,
|
||||||
LibraryVersions,
|
LibraryVersions
|
||||||
File
|
|
||||||
)
|
)
|
||||||
}
|
}
|
||||||
if (db == null) {
|
if (db == null) {
|
||||||
|
|
|
||||||
|
|
@ -1,16 +1,18 @@
|
||||||
package dev.frogmc.plugins
|
package dev.frogmc.plugins
|
||||||
|
|
||||||
import dev.frogmc.Config
|
import dev.frogmc.Config
|
||||||
|
import dev.frogmc.logger
|
||||||
import io.ktor.http.*
|
import io.ktor.http.*
|
||||||
import io.ktor.server.application.*
|
import io.ktor.server.application.*
|
||||||
import io.ktor.server.response.*
|
import io.ktor.server.response.*
|
||||||
import java.nio.charset.StandardCharsets
|
|
||||||
import java.security.MessageDigest
|
import java.security.MessageDigest
|
||||||
|
|
||||||
val authPlugin = createRouteScopedPlugin("auth") {
|
val authPlugin = createRouteScopedPlugin("auth") {
|
||||||
onCall {
|
onCall {
|
||||||
val authorization = it.request.headers["Authorization"]
|
val authorization = it.request.headers["Authorization"]
|
||||||
if (authorization.isNullOrEmpty() || !MessageDigest.isEqual(authorization.toByteArray(), Config.UPLOAD_SECRET))
|
if (authorization.isNullOrEmpty() || !MessageDigest.isEqual(authorization.toByteArray(), Config.UPLOAD_SECRET)) {
|
||||||
it.respond(HttpStatusCode.Unauthorized);
|
logger.info("Authentication Failed: provided: ${authorization?.toByteArray()}; expected: ${Config.UPLOAD_SECRET}")
|
||||||
|
it.respond(HttpStatusCode.Unauthorized)
|
||||||
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
@ -3,7 +3,6 @@ package dev.frogmc.plugins
|
||||||
import io.ktor.http.*
|
import io.ktor.http.*
|
||||||
import io.ktor.server.application.*
|
import io.ktor.server.application.*
|
||||||
import io.ktor.server.plugins.cors.routing.*
|
import io.ktor.server.plugins.cors.routing.*
|
||||||
import io.ktor.server.response.*
|
|
||||||
|
|
||||||
fun Application.configureHTTP() {
|
fun Application.configureHTTP() {
|
||||||
install(CORS) {
|
install(CORS) {
|
||||||
|
|
@ -12,7 +11,5 @@ fun Application.configureHTTP() {
|
||||||
allowMethod(HttpMethod.Delete)
|
allowMethod(HttpMethod.Delete)
|
||||||
allowMethod(HttpMethod.Patch)
|
allowMethod(HttpMethod.Patch)
|
||||||
allowHeader(HttpHeaders.Authorization)
|
allowHeader(HttpHeaders.Authorization)
|
||||||
allowHeader("MyCustomHeader")
|
|
||||||
anyHost() // @TODO: Don't do this in production if possible. Try to limit it.
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue