aster_server/
auth.rs

1use axum::{
2    extract::{Request, State},
3    http::StatusCode,
4    middleware::Next,
5    response::Response,
6};
7
8pub async fn check_token(
9    State(state): State<String>,
10    request: Request,
11    next: Next,
12) -> Result<Response, StatusCode> {
13    if request.uri().path() == "/status"
14        || request.uri().path() == "/mcp-ui-proxy"
15        || request.uri().path() == "/mcp-app-proxy"
16    {
17        return Ok(next.run(request).await);
18    }
19    let secret_key = request
20        .headers()
21        .get("X-Secret-Key")
22        .and_then(|value| value.to_str().ok());
23
24    match secret_key {
25        Some(key) if key == state => Ok(next.run(request).await),
26        _ => Err(StatusCode::UNAUTHORIZED),
27    }
28}
aster_server/auth.rs

aster_server/
auth.rs
