MCPcopy Create free account
hub / github.com/NativeScript/SimDeck / api_request_authorized

Function api_request_authorized

packages/server/src/auth.rs:63–95  ·  view source on GitHub ↗
(
    config: &Config,
    method: &Method,
    headers: &HeaderMap,
    peer_is_loopback: bool,
    uri_query: Option<&str>,
)

Source from the content-addressed store, hash-verified

61}
62
63pub fn api_request_authorized(
64 config: &Config,
65 method: &Method,
66 headers: &HeaderMap,
67 peer_is_loopback: bool,
68 uri_query: Option<&str>,
69) -> bool {
70 if bearer_or_header_token(headers).is_some_and(|token| token == config.access_token) {
71 return true;
72 }
73
74 if query_token_from_query(uri_query).is_some_and(|token| token == config.access_token) {
75 return true;
76 }
77
78 if cookie_token(headers).is_some_and(|token| token == config.access_token) {
79 return if method == Method::GET || method == Method::HEAD {
80 origin_allowed_or_absent(config, headers)
81 } else {
82 origin_allowed(config, headers)
83 };
84 }
85
86 if peer_is_loopback {
87 return if method == Method::GET || method == Method::HEAD {
88 true
89 } else {
90 origin_allowed(config, headers)
91 };
92 }
93
94 false
95}
96
97pub fn preflight_response(config: &Config, headers: &HeaderMap) -> Response {
98 let mut response = StatusCode::NO_CONTENT.into_response();

Callers 1

require_api_authFunction · 0.85

Calls 5

bearer_or_header_tokenFunction · 0.85
query_token_from_queryFunction · 0.85
cookie_tokenFunction · 0.85
origin_allowed_or_absentFunction · 0.85
origin_allowedFunction · 0.85

Tested by

no test coverage detected