[api] include case where no device key is present in the db
This commit is contained in:
parent
d14866cb97
commit
65b5ac3f41
|
@ -90,23 +90,29 @@ is_authorized(ReqData, State) ->
|
||||||
|
|
||||||
is_auth_POST(ReqData, #state{rrdSensor = Sensor, digest = ClientDigest} = State) ->
|
is_auth_POST(ReqData, #state{rrdSensor = Sensor, digest = ClientDigest} = State) ->
|
||||||
{data, Result} = mysql:execute(pool, device_key, [Sensor]),
|
{data, Result} = mysql:execute(pool, device_key, [Sensor]),
|
||||||
[[Key]] = mysql:get_result_rows(Result),
|
|
||||||
|
case mysql:get_result_rows(Result) of
|
||||||
|
[[Key]] ->
|
||||||
Data = wrq:req_body(ReqData),
|
Data = wrq:req_body(ReqData),
|
||||||
<<X:160/big-unsigned-integer>> = crypto:sha_mac(Key, Data),
|
<<X:160/big-unsigned-integer>> = crypto:sha_mac(Key, Data),
|
||||||
ServerDigest = lists:flatten(io_lib:format("~40.16.0b", [X])),
|
ServerDigest = lists:flatten(io_lib:format("~40.16.0b", [X])),
|
||||||
|
|
||||||
{case ServerDigest of
|
{case ServerDigest of
|
||||||
ClientDigest -> true;
|
ClientDigest -> true;
|
||||||
_WrongDigest -> "access refused"
|
_WrongDigest -> "Incorrect digest"
|
||||||
end,
|
end,
|
||||||
ReqData, State}.
|
ReqData, State};
|
||||||
|
|
||||||
|
_NoKey ->
|
||||||
|
{"Device key has not been provisioned", ReqData, State}
|
||||||
|
end.
|
||||||
|
|
||||||
is_auth_GET(ReqData, #state{rrdSensor = RrdSensor, token = Token} = State) ->
|
is_auth_GET(ReqData, #state{rrdSensor = RrdSensor, token = Token} = State) ->
|
||||||
{data, Result} = mysql:execute(pool, permissions, [RrdSensor, Token]),
|
{data, Result} = mysql:execute(pool, permissions, [RrdSensor, Token]),
|
||||||
|
|
||||||
{case mysql:get_result_rows(Result) of
|
{case mysql:get_result_rows(Result) of
|
||||||
[[62]] -> true;
|
[[62]] -> true;
|
||||||
_Permission -> "access refused"
|
_Permission -> "Access refused"
|
||||||
end,
|
end,
|
||||||
ReqData, State}.
|
ReqData, State}.
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue