mirror of
https://github.com/matrix-construct/construct
synced 2024-12-29 00:44:17 +01:00
ircd: Use db based access_token query for auth.
This commit is contained in:
Jason Volk
parent
e427caf544
commit
469d286175
1 changed files with 18 additions and 3 deletions
|
|
@ -108,15 +108,30 @@ noexcept
|
|||
|
||||
namespace ircd {
|
||||
|
||||
const m::room accounts
|
||||
{
|
||||
m::id::room{"!accounts:cdc.z"}
|
||||
};
|
||||
|
||||
static void
|
||||
authenticate(client &client,
|
||||
resource::method &method,
|
||||
resource::request &request)
|
||||
try
|
||||
{
|
||||
const auto &access_token(request.query.at("access_token"));
|
||||
const auto it(resource::tokens.find(access_token));
|
||||
if(it == end(resource::tokens))
|
||||
const auto &access_token
|
||||
{
|
||||
request.query.at("access_token")
|
||||
};
|
||||
|
||||
// Sets up the query to find the access_token in the accounts room
|
||||
const m::events::where::equal query
|
||||
{
|
||||
{ "type", "ircd.access_token" },
|
||||
{ "state_key", access_token }
|
||||
};
|
||||
|
||||
if(!accounts.any(query))
|
||||
throw m::error
|
||||
{
|
||||
// When credentials are required but missing or invalid, the HTTP call will return with
|
||||
|
|
|
|||
Loading…
Reference in a new issue