File tree Expand file tree Collapse file tree 1 file changed +29
-25
lines changed
packages/core/guard/server/src/routing Expand file tree Collapse file tree 1 file changed +29
-25
lines changed Original file line number Diff line number Diff line change @@ -27,32 +27,36 @@ pub async fn route_request(
2727
2828 // Check auth (if enabled)
2929 if let Some ( auth) = & ctx. config ( ) . auth {
30- let token = headers
31- . get ( X_RIVET_TOKEN )
32- . and_then ( |x| x. to_str ( ) . ok ( ) )
33- // Fallback to checking websocket protocol if rivet token is not set
34- . or_else ( || {
35- if is_websocket {
36- headers
37- . get ( SEC_WEBSOCKET_PROTOCOL )
38- . and_then ( |protocols| protocols. to_str ( ) . ok ( ) )
39- . and_then ( |protocols| {
40- protocols
41- . split ( ',' )
42- . map ( |p| p. trim ( ) )
43- . find_map ( |p| p. strip_prefix ( WS_PROTOCOL_TOKEN ) )
44- } )
45- } else {
46- None
47- }
48- } )
49- . ok_or_else ( || {
50- crate :: errors:: MissingHeader {
51- header : X_RIVET_TOKEN . to_string ( ) ,
52- }
53- . build ( )
54- } ) ?;
30+ // Extract token
31+ let token = if is_websocket {
32+ headers
33+ . get ( SEC_WEBSOCKET_PROTOCOL )
34+ . and_then ( |protocols| protocols. to_str ( ) . ok ( ) )
35+ . and_then ( |protocols| {
36+ protocols
37+ . split ( ',' )
38+ . map ( |p| p. trim ( ) )
39+ . find_map ( |p| p. strip_prefix ( WS_PROTOCOL_TOKEN ) )
40+ } )
41+ . ok_or_else ( || {
42+ crate :: errors:: MissingHeader {
43+ header : SEC_WEBSOCKET_PROTOCOL . to_string ( ) ,
44+ }
45+ . build ( )
46+ } ) ?
47+ } else {
48+ headers
49+ . get ( X_RIVET_TOKEN )
50+ . and_then ( |x| x. to_str ( ) . ok ( ) )
51+ . ok_or_else ( || {
52+ crate :: errors:: MissingHeader {
53+ header : X_RIVET_TOKEN . to_string ( ) ,
54+ }
55+ . build ( )
56+ } ) ?
57+ } ;
5558
59+ // Validate token
5660 if token != auth. admin_token {
5761 return Err ( rivet_api_builder:: ApiForbidden . build ( ) ) ;
5862 }
You can’t perform that action at this time.
0 commit comments