Add date verification to presigned urls (#196)

fix #96 fix #162 by returning Forbidden instead Bad Request Co-authored-by: Trinity Pointard <trinity.pointard@gmail.com> Reviewed-on: https://git.deuxfleurs.fr/Deuxfleurs/garage/pulls/196 Co-authored-by: trinity-1686a <trinity.pointard@gmail.com> Co-committed-by: trinity-1686a <trinity.pointard@gmail.com>
author: trinity-1686a <trinity.pointard@gmail.com> 2022-01-18 12:22:31 +0100
committer: Alex <alex@adnab.me> 2022-01-18 12:22:31 +0100
commit: e55fa38c9995294edcdf0f7f4f95dc767b343fb5 (patch)
tree: d2a43ac455f87bee797a8f1caf083ab807b0d942 /src/api/api_server.rs
parent: 178e35f868d3102342838f5669da44b4eb0fc4f3 (diff)
download: garage-e55fa38c9995294edcdf0f7f4f95dc767b343fb5.tar.gz
garage-e55fa38c9995294edcdf0f7f4f95dc767b343fb5.zip
1 files changed, 3 insertions, 0 deletions
diff --git a/src/api/api_server.rs b/src/api/api_server.rs
index b34030fd..b064ac24 100644
--- a/src/api/api_server.rs
+++ b/src/api/api_server.rs
@@ -91,6 +91,9 @@ async fn handler(
 
 async fn handler_inner(garage: Arc<Garage>, req: Request<Body>) -> Result<Response<Body>, Error> {
 	let (api_key, content_sha256) = check_payload_signature(&garage, &req).await?;
+	let api_key = api_key.ok_or_else(|| {
+		Error::Forbidden("Garage does not support anonymous access yet".to_string())
+	})?;
 
 	let authority = req
 		.headers()
author	trinity-1686a <trinity.pointard@gmail.com>	2022-01-18 12:22:31 +0100
committer	Alex <alex@adnab.me>	2022-01-18 12:22:31 +0100
commit	e55fa38c9995294edcdf0f7f4f95dc767b343fb5 (patch)
tree	d2a43ac455f87bee797a8f1caf083ab807b0d942 /src/api/api_server.rs
parent	178e35f868d3102342838f5669da44b4eb0fc4f3 (diff)
download	garage-e55fa38c9995294edcdf0f7f4f95dc767b343fb5.tar.gz garage-e55fa38c9995294edcdf0f7f4f95dc767b343fb5.zip