Skip to content

Commit

Permalink
vingo: get scan key from env
Browse files Browse the repository at this point in the history
  • Loading branch information
@hannes-dev
hannes-dev committed Oct 4, 2024
1 parent c0d0776 commit 39e0853
Show file tree
Hide file tree
Showing 2 changed files with 8 additions and 4 deletions.
5 changes: 3 additions & 2 deletions vingo/dev.env
View file
Original file line number Diff line number Diff line change
@@ -1,10 +1,11 @@
DEBUG_LOGIN="TRUE"
DEBUG_LOGIN="FALSE"
DEVELOPMENT="TRUE"

POSTGRES_CONNECTION_STRING="postgres://postgres:[email protected]/zess?sslmode=disable"
ZAUTH_URL="https://zauth.zeus.gent/"
ZAUTH_URL="https://zauth.zeus.gent"
ZAUTH_CALLBACK_PATH="http://localhost:4000/api/auth/callback"
FRONTEND_URL="http://localhost:5173/"

ZAUTH_CLIENT_ID="tomtest"
ZAUTH_CLIENT_SECRET="blargh"
SCAN_KEY="bad_key"
7 changes: 5 additions & 2 deletions vingo/src/routes/scans.rs
View file
Original file line number Diff line number Diff line change
@@ -1,3 +1,5 @@
use std::{env, sync::LazyLock};

use crate::{
entities::{prelude::*, *},
AppState,
Expand All @@ -17,7 +19,8 @@ use super::util::{
session::{get_season, get_user},
};

const SCAN_KEY: &str = "bad_key";
const SCAN_KEY: LazyLock<String> =
LazyLock::new(|| env::var("SCAN_KEY").expect("SCAN_KEY not present"));

pub async fn get_for_current_user(
session: Session,
Expand All @@ -43,7 +46,7 @@ pub async fn add(state: State<AppState>, body: String) -> ResponseResult<String>
let (serial, key) = body
.split_once(';')
.ok_or((StatusCode::BAD_REQUEST, "invalid format: serial;key"))?;
if key != SCAN_KEY {
if key != SCAN_KEY.to_string() {
Err((StatusCode::UNAUTHORIZED, "invalid key"))?
}

Expand Down

0 comments on commit 39e0853

Please sign in to comment.