make PUT requests actually work

This commit is contained in:
Scott Lamb 2022-12-24 15:34:27 -05:00
parent c02fc6f439
commit 6c90077ff1
3 changed files with 15 additions and 7 deletions

View File

@ -24,7 +24,6 @@ use db::{auth, recording};
use failure::{format_err, Error};
use fnv::FnvHashMap;
use http::header::{self, HeaderValue};
use http::method::Method;
use http::{status::StatusCode, Request, Response};
use http_serve::dir::FsDir;
use hyper::body::Bytes;
@ -140,9 +139,6 @@ fn extract_sid(req: &Request<hyper::Body>) -> Option<auth::RawSessionId> {
/// deserialization. Keeping the bytes allows the caller to use a `Deserialize`
/// that borrows from the bytes.
async fn extract_json_body(req: &mut Request<hyper::Body>) -> Result<Bytes, HttpError> {
if *req.method() != Method::POST {
return Err(plain_response(StatusCode::METHOD_NOT_ALLOWED, "POST expected").into());
}
let correct_mime_type = match req.headers().get(header::CONTENT_TYPE) {
Some(t) if t == "application/json" => true,
Some(t) if t == "application/json; charset=UTF-8" => true,

View File

@ -5,7 +5,7 @@
//! Session management: `/api/login` and `/api/logout`.
use db::auth;
use http::{header, HeaderValue, Request, Response, StatusCode};
use http::{header, HeaderValue, Method, Request, Response, StatusCode};
use log::{info, warn};
use memchr::memchr;
@ -19,6 +19,9 @@ use std::convert::TryFrom;
impl Service {
pub(super) async fn login(&self, mut req: Request<::hyper::Body>) -> ResponseResult {
if *req.method() != Method::POST {
return Err(plain_response(StatusCode::METHOD_NOT_ALLOWED, "POST expected").into());
}
let r = extract_json_body(&mut req).await?;
let r: json::LoginRequest =
serde_json::from_slice(&r).map_err(|e| bad_req(e.to_string()))?;
@ -67,6 +70,9 @@ impl Service {
}
pub(super) async fn logout(&self, mut req: Request<hyper::Body>) -> ResponseResult {
if *req.method() != Method::POST {
return Err(plain_response(StatusCode::METHOD_NOT_ALLOWED, "POST expected").into());
}
let r = extract_json_body(&mut req).await?;
let r: json::LogoutRequest =
serde_json::from_slice(&r).map_err(|e| bad_req(e.to_string()))?;

View File

@ -19,7 +19,9 @@ impl Service {
match *req.method() {
Method::GET | Method::HEAD => self.get_users(req, caller).await,
Method::PUT => self.put_users(req, caller).await,
_ => Err(plain_response(StatusCode::METHOD_NOT_ALLOWED, "POST expected").into()),
_ => Err(
plain_response(StatusCode::METHOD_NOT_ALLOWED, "GET, HEAD, or PUT expected").into(),
),
}
}
@ -71,7 +73,11 @@ impl Service {
Method::GET | Method::HEAD => self.get_user(req, caller, id).await,
Method::DELETE => self.delete_user(caller, id).await,
Method::POST => self.post_user(req, caller, id).await,
_ => Err(plain_response(StatusCode::METHOD_NOT_ALLOWED, "POST expected").into()),
_ => Err(plain_response(
StatusCode::METHOD_NOT_ALLOWED,
"GET, HEAD, DELETE, or POST expected",
)
.into()),
}
}