From f232e08945fb0e771bd293b25e0cc4031320b5b4 Mon Sep 17 00:00:00 2001 From: Samuel Lorch Date: Sun, 23 Jun 2024 03:04:06 +0200 Subject: [PATCH] Check download auth --- server/file.go | 25 +++++++++++++++++++++++-- task/download.go | 17 +++++++++++++++-- task/healthcheck.go | 2 +- task/transcode.go | 2 +- 4 files changed, 40 insertions(+), 6 deletions(-) diff --git a/server/file.go b/server/file.go index 508ba23..ba505aa 100644 --- a/server/file.go +++ b/server/file.go @@ -4,19 +4,40 @@ import ( "log/slog" "net/http" "path/filepath" + + "git.lastassault.de/speatzle/morffix/constants" ) func handleFile(w http.ResponseWriter, r *http.Request) { + if r.Header.Get(constants.SHARED_SECRET_HEADER) != conf.SharedSecret { + w.WriteHeader(http.StatusUnauthorized) + return + } + id := r.PathValue("id") if id == "" { http.Error(w, "No id", http.StatusBadRequest) return } - // TODO check if worker is working on a task involving this file + + // TODO check if task is currently active and not historic + var count int + err := db.QueryRow(r.Context(), "SELECT COUNT(*) FROM tasks WHERE file_id = $1 AND worker_id = $2", id, r.Header.Get(constants.UUID_HEADER)).Scan(&count) + if err != nil { + slog.ErrorContext(r.Context(), "Query Task Count", "err", err) + http.Error(w, "Error Query Task Count: "+err.Error(), http.StatusInternalServerError) + return + } + + if count < 1 { + slog.ErrorContext(r.Context(), "No Running Task for file", "id", id) + http.Error(w, "No Running Task for file: "+id, http.StatusBadRequest) + return + } var fpath string var libraryID int - err := db.QueryRow(r.Context(), "SELECT path, library_id FROM files WHERE id = $1", id).Scan(&fpath, &libraryID) + err = db.QueryRow(r.Context(), "SELECT path, library_id FROM files WHERE id = $1", id).Scan(&fpath, &libraryID) if err != nil { http.Error(w, "Error Getting File Path: "+err.Error(), http.StatusBadRequest) slog.ErrorContext(r.Context(), "Getting File Path", "err", err) diff --git a/task/download.go b/task/download.go index aff883f..8a83e22 100644 --- a/task/download.go +++ b/task/download.go @@ -11,10 +11,13 @@ import ( "slices" "time" + "git.lastassault.de/speatzle/morffix/config" + "git.lastassault.de/speatzle/morffix/constants" "git.lastassault.de/speatzle/morffix/types" + "github.com/google/uuid" ) -func downloadFile(ctx context.Context, l *slog.Logger, address string, path string, t *types.Task) error { +func downloadFile(ctx context.Context, l *slog.Logger, conf config.Config, path string, t *types.Task) error { l.InfoContext(ctx, "Starting File Download", "task_id", t.ID, "file_id", t.FileID, "path", path, "md5", t.FileMD5) out, err := os.Create(path) @@ -23,11 +26,21 @@ func downloadFile(ctx context.Context, l *slog.Logger, address string, path stri } defer out.Close() - req, err := http.NewRequest(http.MethodGet, fmt.Sprintf("%v/files/%v", address, t.FileID), nil) + req, err := http.NewRequest(http.MethodGet, fmt.Sprintf("%v/files/%v", conf.Worker.Address, t.FileID), nil) if err != nil { return fmt.Errorf("New Request: %w", err) } + uuid, err := uuid.Parse(conf.Worker.ID) + if err != nil { + return fmt.Errorf("Cannot Parse ID: %w", err) + } + + req.Header.Add(constants.SHARED_SECRET_HEADER, conf.SharedSecret) + req.Header.Add(constants.NAME_HEADER, conf.Worker.Name) + req.Header.Add(constants.UUID_HEADER, uuid.String()) + req.Header.Add(constants.WORKER_VERSION_HEADER, constants.WORKER_VERSION) + req.Close = true var client = &http.Client{ diff --git a/task/healthcheck.go b/task/healthcheck.go index d97283f..f4b8687 100644 --- a/task/healthcheck.go +++ b/task/healthcheck.go @@ -37,7 +37,7 @@ func RunHealthCheck(conf config.Config, t *types.Task, data types.HealthCheckDat } }() - err := downloadFile(ctx, l, conf.Worker.Address, path, t) + err := downloadFile(ctx, l, conf, path, t) if err != nil { l.ErrorContext(ctx, "File Download Failed", "err", err) return diff --git a/task/transcode.go b/task/transcode.go index 7bec3a2..d5f806c 100644 --- a/task/transcode.go +++ b/task/transcode.go @@ -46,7 +46,7 @@ func RunTranscode(conf config.Config, t *types.Task, data types.TranscodeData) { } }() - err := downloadFile(ctx, l, conf.Worker.Address, src_path, t) + err := downloadFile(ctx, l, conf, src_path, t) if err != nil { l.ErrorContext(ctx, "Source File Download Failed", "err", err) return