From 9ff776fdea10d4bb8c53f9c86f55b9c3b1724d92 Mon Sep 17 00:00:00 2001 From: Karol Wypchlo Date: Fri, 27 Aug 2021 18:33:27 +0200 Subject: [PATCH] fix account endpoint nginx subrequests --- docker/nginx/conf.d/include/location-skylink | 2 +- .../conf.d/include/location-skynet-registry | 2 +- docker/nginx/conf.d/server/server.api | 20 +++++++++---------- 3 files changed, 11 insertions(+), 13 deletions(-) diff --git a/docker/nginx/conf.d/include/location-skylink b/docker/nginx/conf.d/include/location-skylink index a0963f87..96dfacef 100644 --- a/docker/nginx/conf.d/include/location-skylink +++ b/docker/nginx/conf.d/include/location-skylink @@ -58,7 +58,7 @@ access_by_lua_block { -- 10.10.10.70 points to accounts service (alias not available when using resty-http) local res, err = httpc:request_uri("http://10.10.10.70:3000/user/limits", { - headers = { ["User-Agent"] = "Sia-Agent", ["Cookie"] = "skynet-jwt=" .. ngx.var.skynet_jwt } + headers = { ["Cookie"] = "skynet-jwt=" .. ngx.var.skynet_jwt } }) -- fail gracefully in case /user/limits failed diff --git a/docker/nginx/conf.d/include/location-skynet-registry b/docker/nginx/conf.d/include/location-skynet-registry index 288f53ac..af0917ac 100644 --- a/docker/nginx/conf.d/include/location-skynet-registry +++ b/docker/nginx/conf.d/include/location-skynet-registry @@ -17,7 +17,7 @@ access_by_lua_block { -- 10.10.10.70 points to accounts service (alias not available when using resty-http) local res, err = httpc:request_uri("http://10.10.10.70:3000/user/limits", { - headers = { ["User-Agent"] = "Sia-Agent", ["Cookie"] = "skynet-jwt=" .. ngx.var.skynet_jwt } + headers = { ["Cookie"] = "skynet-jwt=" .. ngx.var.skynet_jwt } }) -- fail gracefully in case /user/limits failed diff --git a/docker/nginx/conf.d/server/server.api b/docker/nginx/conf.d/server/server.api index 433cea50..e84a4e09 100644 --- a/docker/nginx/conf.d/server/server.api +++ b/docker/nginx/conf.d/server/server.api @@ -175,7 +175,7 @@ location /skynet/tus { -- fetch account limits and set max upload size accordingly local res, err = httpc:request_uri("http://10.10.10.70:3000/user/limits", { - headers = { ["User-Agent"] = "Sia-Agent", ["Cookie"] = "skynet-jwt=" .. ngx.var.skynet_jwt } + headers = { ["Cookie"] = "skynet-jwt=" .. ngx.var.skynet_jwt } }) -- fail gracefully in case /user/limits failed @@ -274,20 +274,18 @@ location /__internal/do/not/use/authenticated { -- 10.10.10.70 points to accounts service (alias not available when using resty-http) local res, err = httpc:request_uri("http://10.10.10.70:3000/user", { - headers = { ["User-Agent"] = "Sia-Agent", ["Cookie"] = "skynet-jwt=" .. ngx.var.skynet_jwt } + headers = { ["Cookie"] = "skynet-jwt=" .. ngx.var.skynet_jwt } }) - -- fail gracefully in case /user failed - if err or (res and res.status ~= ngx.HTTP_OK) then - ngx.log(ngx.ERR, "Failed accounts service request /user/limits: ", err or ("[HTTP " .. res.status .. "] " .. res.body)) - elseif res and res.status == ngx.HTTP_OK then - local limits = json.decode(res.body) - ngx.say(json.encode{authenticated = limits.tier > 0}) + -- endpoint /user should return HTTP_OK for authenticated and HTTP_UNAUTHORIZED for not authenticated + if res and (res.status == ngx.HTTP_OK or res.status == ngx.HTTP_UNAUTHORIZED) then + ngx.say(json.encode{authenticated = res.status == ngx.HTTP_OK}) + return ngx.exit(ngx.HTTP_OK) + else + ngx.log(ngx.ERR, "Failed accounts service request /user: ", err or ("[HTTP " .. res.status .. "] " .. res.body)) + ngx.say(json.encode{authenticated = false}) return ngx.exit(ngx.HTTP_OK) end - - ngx.say(json.encode{authenticated = false}) - return ngx.exit(ngx.HTTP_OK) } }