From a0a08c4c5af06df321db90009f0d02643da51a32 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Daniel=20Garc=C3=ADa?= Date: Tue, 8 Jan 2019 16:16:58 +0100 Subject: [PATCH] Include IP in invalid admin token error --- src/api/admin.rs | 9 ++++++++- src/error.rs | 6 +++++- 2 files changed, 13 insertions(+), 2 deletions(-) diff --git a/src/api/admin.rs b/src/api/admin.rs index 2d68d565..98448d33 100644 --- a/src/api/admin.rs +++ b/src/api/admin.rs @@ -91,8 +91,15 @@ impl<'a, 'r> FromRequest<'a, 'r> for AdminToken { // Option 2a: Send it to admin email, like upstream // Option 2b: Print in console or save to data dir, so admin can check + use crate::auth::ClientIp; + + let ip = match request.guard::() { + Outcome::Success(ip) => ip, + _ => err_handler!("Error getting Client IP"), + }; + if access_token != config_token { - err_handler!("Invalid admin token") + err_handler!("Invalid admin token", format!("IP: {}.", ip.ip)) } Outcome::Success(AdminToken {}) diff --git a/src/error.rs b/src/error.rs index 8a6c6fb5..6e5c627e 100644 --- a/src/error.rs +++ b/src/error.rs @@ -163,7 +163,11 @@ macro_rules! err_json { #[macro_export] macro_rules! err_handler { ($expr:expr) => {{ - error!("Unauthorized Error: {:#?}", $expr); + error!("Unauthorized Error: {}", $expr); return rocket::Outcome::Failure((rocket::http::Status::Unauthorized, $expr)); }}; + ($usr_msg:expr, $log_value:expr) => {{ + error!("Unauthorized Error: {}. {}", $usr_msg, $log_value); + return rocket::Outcome::Failure((rocket::http::Status::Unauthorized, $usr_msg)); + }}; }