feat: trace-level matching, health watcher/worker status, timezone config
This commit is contained in:
+14
-14
@@ -88,16 +88,10 @@ fn hex_val(c: u8) -> Option<u8> {
|
||||
}
|
||||
|
||||
fn extract_api_key(headers: &HeaderMap, uri: &axum::http::Uri) -> Result<String, StatusCode> {
|
||||
if let Some(key) = headers
|
||||
.get("X-API-Key")
|
||||
.and_then(|v| v.to_str().ok())
|
||||
{
|
||||
if let Some(key) = headers.get("X-API-Key").and_then(|v| v.to_str().ok()) {
|
||||
return Ok(key.to_string());
|
||||
}
|
||||
if let Some(auth) = headers
|
||||
.get("Authorization")
|
||||
.and_then(|v| v.to_str().ok())
|
||||
{
|
||||
if let Some(auth) = headers.get("Authorization").and_then(|v| v.to_str().ok()) {
|
||||
// Check if it's a JWT (starts with eyJ)
|
||||
let trimmed = auth.strip_prefix("Bearer ").unwrap_or(auth);
|
||||
if !jwt::is_jwt(trimmed) {
|
||||
@@ -129,7 +123,11 @@ pub async fn unified_auth(
|
||||
|
||||
// Priority 1: Cookie session (Portal)
|
||||
let cookies = extract_cookies(headers);
|
||||
if let Some(sid) = cookies.iter().find(|(k, _)| k == "session_id").map(|(_, v)| v.clone()) {
|
||||
if let Some(sid) = cookies
|
||||
.iter()
|
||||
.find(|(k, _)| k == "session_id")
|
||||
.map(|(_, v)| v.clone())
|
||||
{
|
||||
match state.db.get_session_by_id(&sid).await {
|
||||
Ok(Some((_id, user_id, api_key_id, _expires_at))) => {
|
||||
let key_hash = hash_key(&api_key_id);
|
||||
@@ -162,15 +160,17 @@ pub async fn unified_auth(
|
||||
}
|
||||
|
||||
// Priority 2: JWT (Authorization: Bearer <eyJ...>)
|
||||
if let Some(auth_header) = headers
|
||||
.get("Authorization")
|
||||
.and_then(|v| v.to_str().ok())
|
||||
{
|
||||
if let Some(auth_header) = headers.get("Authorization").and_then(|v| v.to_str().ok()) {
|
||||
if let Some(token) = auth_header.strip_prefix("Bearer ") {
|
||||
if jwt::is_jwt(token) {
|
||||
match jwt::verify_jwt(token) {
|
||||
Ok(claims) => {
|
||||
if !state.db.is_jwt_blacklisted(&claims.jti).await.unwrap_or(false) {
|
||||
if !state
|
||||
.db
|
||||
.is_jwt_blacklisted(&claims.jti)
|
||||
.await
|
||||
.unwrap_or(false)
|
||||
{
|
||||
let exp = chrono::DateTime::from_timestamp(claims.exp as i64, 0);
|
||||
let user_id: i32 = claims.sub.parse().unwrap_or(0);
|
||||
let auth = UserAuth {
|
||||
|
||||
Reference in New Issue
Block a user