mirror of
https://github.com/usememos/memos.git
synced 2025-06-05 22:09:59 +02:00
chore: fix export memos
This commit is contained in:
Steven
@@ -27,40 +27,6 @@ const (
|
||||
usernameContextKey ContextKey = iota
|
||||
)
|
||||
|
||||
// Used to set modified context of ServerStream.
|
||||
type WrappedStream struct {
|
||||
ctx context.Context
|
||||
stream grpc.ServerStream
|
||||
}
|
||||
|
||||
func (w *WrappedStream) RecvMsg(m any) error {
|
||||
return w.stream.RecvMsg(m)
|
||||
}
|
||||
|
||||
func (w *WrappedStream) SendMsg(m any) error {
|
||||
return w.stream.SendMsg(m)
|
||||
}
|
||||
|
||||
func (w *WrappedStream) SendHeader(md metadata.MD) error {
|
||||
return w.stream.SendHeader(md)
|
||||
}
|
||||
|
||||
func (w *WrappedStream) SetHeader(md metadata.MD) error {
|
||||
return w.stream.SetHeader(md)
|
||||
}
|
||||
|
||||
func (w *WrappedStream) SetTrailer(md metadata.MD) {
|
||||
w.stream.SetTrailer(md)
|
||||
}
|
||||
|
||||
func (w *WrappedStream) Context() context.Context {
|
||||
return w.ctx
|
||||
}
|
||||
|
||||
func newWrappedStream(ctx context.Context, stream grpc.ServerStream) grpc.ServerStream {
|
||||
return &WrappedStream{ctx, stream}
|
||||
}
|
||||
|
||||
// GRPCAuthInterceptor is the auth interceptor for gRPC server.
|
||||
type GRPCAuthInterceptor struct {
|
||||
Store *store.Store
|
||||
@@ -114,45 +80,6 @@ func (in *GRPCAuthInterceptor) AuthenticationInterceptor(ctx context.Context, re
|
||||
return handler(childCtx, request)
|
||||
}
|
||||
|
||||
func (in *GRPCAuthInterceptor) StreamAuthenticationInterceptor(srv any, stream grpc.ServerStream, serverInfo *grpc.StreamServerInfo, handler grpc.StreamHandler) error {
|
||||
md, ok := metadata.FromIncomingContext(stream.Context())
|
||||
if !ok {
|
||||
return status.Errorf(codes.Unauthenticated, "failed to parse metadata from incoming context")
|
||||
}
|
||||
accessToken, err := getTokenFromMetadata(md)
|
||||
if err != nil {
|
||||
return status.Errorf(codes.Unauthenticated, err.Error())
|
||||
}
|
||||
|
||||
username, err := in.authenticate(stream.Context(), accessToken)
|
||||
if err != nil {
|
||||
if isUnauthorizeAllowedMethod(serverInfo.FullMethod) {
|
||||
return handler(stream.Context(), stream)
|
||||
}
|
||||
return err
|
||||
}
|
||||
user, err := in.Store.GetUser(stream.Context(), &store.FindUser{
|
||||
Username: &username,
|
||||
})
|
||||
if err != nil {
|
||||
return errors.Wrap(err, "failed to get user")
|
||||
}
|
||||
if user == nil {
|
||||
return errors.Errorf("user %q not exists", username)
|
||||
}
|
||||
if user.RowStatus == store.Archived {
|
||||
return errors.Errorf("user %q is archived", username)
|
||||
}
|
||||
if isOnlyForAdminAllowedMethod(serverInfo.FullMethod) && user.Role != store.RoleHost && user.Role != store.RoleAdmin {
|
||||
return errors.Errorf("user %q is not admin", username)
|
||||
}
|
||||
|
||||
// Stores userID into context.
|
||||
childCtx := context.WithValue(stream.Context(), usernameContextKey, username)
|
||||
|
||||
return handler(srv, newWrappedStream(childCtx, stream))
|
||||
}
|
||||
|
||||
func (in *GRPCAuthInterceptor) authenticate(ctx context.Context, accessToken string) (string, error) {
|
||||
if accessToken == "" {
|
||||
return "", status.Errorf(codes.Unauthenticated, "access token not found")
|
||||
|
||||
Reference in New Issue
Block a user