Merge pull request #329 from rishabhs95/worker-auth

probable repair for auth
mozilla · Feb 9, 2017 · 20ab2c1 · 20ab2c1
2 parents 108b4bc + e249ef5
commit 20ab2c1
Show file tree

Hide file tree

Showing 3 changed files with 14 additions and 2 deletions.
diff --git a/config/api/config.yml b/config/api/config.yml
@@ -6,8 +6,8 @@
 port: 8000
 
 # API Tokens (a crude mechanism for adding auth to your API)
-#authentication: true
-authentication: false
+authentication: true
+# authentication: false
 
 # If authentication is to true, the authentication tokens you generate below
 # will be required to access certain API functions.
@@ -23,6 +23,10 @@ authentication: false
 #   - username    : gamora
 #     token       : INSERT_GAMORA_TOKEN
 
+workers:
+  - worker_name    : worker1
+    token       : token1
+
 # Define database configuration
 # MongoDB Example
 # database:

diff --git a/lib/ssh_scan/authenticator.rb b/lib/ssh_scan/authenticator.rb
@@ -18,6 +18,12 @@ def valid_token?(token)
         end
       end
 
+      if @config["workers"]
+        @config["workers"].each do |worker|
+          return true if worker["token"] == token
+        end
+      end
+
       return false
     end
   end

diff --git a/lib/ssh_scan/worker.rb b/lib/ssh_scan/worker.rb
@@ -78,6 +78,7 @@ def retrieve_work
       end
 
       request = Net::HTTP::Get.new(uri.path)
+      request.add_field("SSH_SCAN_AUTH_TOKEN", ENV.fetch('HTTP_SSH_SCAN_AUTH_TOKEN'))
       response = http.request(request)
       JSON.parse(response.body)
     end
@@ -108,6 +109,7 @@ def post_results(results, job)
       end
 
       request = Net::HTTP::Post.new(uri.path)
+      request.add_field("SSH_SCAN_AUTH_TOKEN", ENV.fetch('HTTP_SSH_SCAN_AUTH_TOKEN'))
       request.body = results.to_json
       http.request(request)
       @logger.info("Posted job: #{job["uuid"]}")