bui_backend/
access_control.rs1use bui_backend_types::AccessToken;
4use std::net::SocketAddr;
5
6#[derive(Clone, Debug)]
7struct JwtSecret(Vec<u8>);
8
9#[derive(Clone, Debug)]
11pub struct AccessInfo {
12 addr: SocketAddr,
13 access_token: AccessToken,
14 jwt_secret: JwtSecret,
15}
16
17impl AccessInfo {
18 pub(crate) fn new(
19 addr: SocketAddr,
20 access_token: AccessToken,
21 jwt_secret: Vec<u8>,
22 ) -> Result<Self, crate::Error> {
23 if let AccessToken::PreSharedToken(ref _token) = access_token {
24 let jwt_secret = JwtSecret(jwt_secret);
25 let access_token = access_token.clone();
26 Ok(Self {
27 addr,
28 access_token,
29 jwt_secret,
30 })
31 } else {
32 Err(crate::Error::NonLocalhostRequiresPreSharedToken)
33 }
34 }
35}
36
37#[derive(Clone, Debug)]
39pub enum AccessControl {
40 Insecure(SocketAddr),
42 WithToken(AccessInfo),
44}
45
46impl AccessControl {
47 pub(crate) fn bind_addr(&self) -> &SocketAddr {
49 match self {
50 AccessControl::Insecure(ref addr) => addr,
51 AccessControl::WithToken(ref info) => &info.addr,
52 }
53 }
54
55 pub(crate) fn token(&self) -> AccessToken {
56 match self {
57 AccessControl::Insecure(_) => AccessToken::NoToken,
58 AccessControl::WithToken(ref info) => info.access_token.clone(),
59 }
60 }
61
62 pub(crate) fn jwt_secret(&self) -> &[u8] {
63 match self {
64 AccessControl::Insecure(ref _addr) => b"insecure",
65 AccessControl::WithToken(ref info) => &info.jwt_secret.0,
66 }
67 }
68}