crashlabs/huskies
0
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 26 Wiki Activity

huskies: merge 633_story_crdt_sync_bearer_token_connection_auth

Browse Source
This commit is contained in:
dave
2026-04-25 22:09:31 +00:00
parent d826daaf41
commit 7548486a53
4 changed files with 370 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files
server/src/config.rs
+19
View File
@@ -59,6 +59,17 @@ pub struct ProjectConfig {
/// When empty or missing, all peers are rejected (closed-by-default).
#[serde(default)]
pub trusted_keys: Vec<String>,
/// When `true`, `/crdt-sync` WebSocket connections must supply a valid
/// `?token=<bearer-token>` query parameter or receive HTTP 401.
/// Defaults to `false` so trusted-network deployments keep the current
/// open behaviour.
#[serde(default)]
pub crdt_require_token: bool,
/// Static bearer tokens accepted for `/crdt-sync` connections.
/// Each entry is a raw token string; tokens expire 30 days after the
/// server starts. Only meaningful when `crdt_require_token` is `true`.
#[serde(default)]
pub crdt_tokens: Vec<String>,
}
/// Configuration for the filesystem watcher's sweep behaviour.
@@ -234,6 +245,8 @@ impl Default for ProjectConfig {
timezone: None,
rendezvous: None,
trusted_keys: Vec::new(),
crdt_require_token: false,
crdt_tokens: Vec::new(),
}
}
}
@@ -312,6 +325,8 @@ impl ProjectConfig {
timezone: legacy.timezone,
rendezvous: None,
trusted_keys: Vec::new(),
crdt_require_token: false,
crdt_tokens: Vec::new(),
};
validate_agents(&config.agent)?;
return Ok(config);
@@ -341,6 +356,8 @@ impl ProjectConfig {
timezone: legacy.timezone,
rendezvous: None,
trusted_keys: Vec::new(),
crdt_require_token: false,
crdt_tokens: Vec::new(),
};
validate_agents(&config.agent)?;
Ok(config)
@@ -358,6 +375,8 @@ impl ProjectConfig {
timezone: legacy.timezone,
rendezvous: None,
trusted_keys: Vec::new(),
crdt_require_token: false,
crdt_tokens: Vec::new(),
})
}
}