MCPcopy Create free account
hub / github.com/NativeScript/SimDeck / require_api_auth

Function require_api_auth

packages/server/src/api/routes.rs:890–928  ·  view source on GitHub ↗
(
    State(state): State<AppState>,
    request: Request<Body>,
    next: Next,
)

Source from the content-addressed store, hash-verified

888}
889
890async fn require_api_auth(
891 State(state): State<AppState>,
892 request: Request<Body>,
893 next: Next,
894) -> Response {
895 if request.method() == Method::OPTIONS {
896 return auth::preflight_response(&state.config, request.headers());
897 }
898
899 if is_inspector_agent_transport_path(request.uri().path())
900 || request.uri().path() == "/api/pair"
901 {
902 return next.run(request).await;
903 }
904
905 let peer_is_loopback = request
906 .extensions()
907 .get::<ConnectInfo<SocketAddr>>()
908 .map(|ConnectInfo(address)| address.ip().is_loopback())
909 .unwrap_or(false);
910
911 if !auth::api_request_authorized(
912 &state.config,
913 request.method(),
914 request.headers(),
915 peer_is_loopback,
916 request.uri().query(),
917 ) {
918 return auth::unauthorized_response(&state.config, request.headers());
919 }
920
921 let request_headers = request.headers().clone();
922 let mut response = next.run(request).await;
923 auth::append_cors_headers(&state.config, &request_headers, response.headers_mut());
924 if peer_is_loopback {
925 auth::append_access_cookie(response.headers_mut(), &state.config.access_token);
926 }
927 response
928}
929
930#[derive(Deserialize)]
931#[serde(rename_all = "camelCase")]

Callers

nothing calls this directly

Calls 9

preflight_responseFunction · 0.85
api_request_authorizedFunction · 0.85
unauthorized_responseFunction · 0.85
append_cors_headersFunction · 0.85
append_access_cookieFunction · 0.85
queryMethod · 0.80
cloneMethod · 0.65
runMethod · 0.45

Tested by

no test coverage detected