apply some review feedback

2023-11-17 22:54:04 +01:00 · 2023-11-17 22:54:04 +01:00 · a11332b2b5
parent ab321c9b10
commit a11332b2b5
3 changed files with 8 additions and 6 deletions
--- a/src/auth.nim
+++ b/src/auth.nim
@ -1,5 +1,5 @@
 #SPDX-License-Identifier: AGPL-3.0-only
-import std/[httpclient, asyncdispatch, times, json, random, sequtils, strutils, tables, packedsets, os]
+import std/[httpclient, asyncdispatch, times, json, random, sequtils, strutils, tables, packedsets, os, uri]
 import nimcrypto
 import types, http_pool
 import experimental/parser/guestaccount
@ -222,7 +222,7 @@ proc updateAccountPool*(cfg: Config) {.async.} =

      try:
        pool.use(newHttpHeaders()):
-          let resp = await c.get("$1?id=$2&auth=$3" % [cfg.guestAccountsPoolUrl, cfg.guestAccountsPoolId, cfg.guestAccountsPoolAuth])
+          let resp = await c.get($(cfg.guestAccountsPoolUrl ? {"id": cfg.guestAccountsPoolId, "auth": cfg.guestAccountsPoolAuth}))
          let guestAccounts = await resp.body

          log "status code from service: ", resp.status
@ -239,11 +239,11 @@ proc updateAccountPool*(cfg: Config) {.async.} =
    await sleepAsync(3600 * 1000)

 proc getAuthHash*(cfg: Config): string =
-  if cfg.guestAccountsPoolAuth == "":
+  if cfg.guestAccountsPoolAuth.len == 0:
    # If somebody turns on pool auth and provides a dummy key, we should
    # prevent third parties from using that mis-configured auth and impersonate
    # this instance
-    log "poolAuth is set to bogus value, responding with empty string"
+    log "poolAuth is empty, authentication with accounts service will fail"
    return ""

  let hashStr = $sha_256.digest(cfg.guestAccountsPoolAuth)
--- a/src/config.nim
+++ b/src/config.nim
@ -1,6 +1,7 @@
 # SPDX-License-Identifier: AGPL-3.0-only
 import parsecfg except Config
 import types, strutils
+import std/uri

 proc get*[T](config: parseCfg.Config; section, key: string; default: T): T =
  let val = config.getSectionValue(section, key)
@ -43,7 +44,7 @@ proc getConfig*(path: string): (Config, parseCfg.Config) =

    # GuestAccounts
    guestAccountsUsePool: cfg.get("GuestAccounts", "usePool", false),
-    guestAccountsPoolUrl: cfg.get("GuestAccounts", "poolUrl", ""),
+    guestAccountsPoolUrl: parseUri(cfg.get("GuestAccounts", "poolUrl", "")),
    guestAccountsPoolAuth: cfg.get("GuestAccounts", "poolAuth", ""),
    guestAccountsPoolId: cfg.get("GuestAccounts", "poolId", cfg.get("Server", "hostname", ""))
  )
--- a/src/types.nim
+++ b/src/types.nim
@ -1,6 +1,7 @@
 # SPDX-License-Identifier: AGPL-3.0-only
 import times, sequtils, options, tables
 import prefs_impl
+import std/uri

 genPrefsType()

@ -263,7 +264,7 @@ type
    proxyAuth*: string

    guestAccountsUsePool*: bool
-    guestAccountsPoolUrl*: string
+    guestAccountsPoolUrl*: Uri
    guestAccountsPoolId*: string
    guestAccountsPoolAuth*: string