andras/vault-link
1
0
Fork 0
Code Issues Pull requests 18 Projects Releases 55 Packages Wiki Activity Actions 1

Always normalise vaultId and trim token

Browse source
This commit is contained in:
Andras Schmelczer 2025-04-07 22:29:23 +01:00
parent 04a24d0b38
commit 74a8060246
No known key found for this signature in database
GPG key ID: FC8F2C3D3D1A718C
11 changed files with 44 additions and 10 deletions
Download patch file Download diff file Expand all files Collapse all files

4
backend/sync_server/src/server/websocket.rs
View file

@ -21,11 +21,13 @@ use crate::{
database::models::{DeviceId, DocumentVersionWithoutContent, VaultId, VaultUpdateId},
},
errors::{SyncServerError, server_error, unauthenticated_error},
utils::normalize::{normalize, normalize_string},
};
// This is required for aide to infer the path parameter types and names
#[derive(Deserialize, JsonSchema)]
pub struct WebsocketPathParams {
#[serde(deserialize_with = "normalize")]
vault_id: VaultId,
}
@ -81,7 +83,7 @@ async fn websocket(
.context("Failed to parse token")
.map_err(server_error)?;
auth(&state, &handshake.token, &vault_id)?;
auth(&state, handshake.token.trim(), &normalize_string(&vault_id))?;
handshake
} else {