File tree Expand file tree Collapse file tree 1 file changed +15
-3
lines changed
Expand file tree Collapse file tree 1 file changed +15
-3
lines changed Original file line number Diff line number Diff line change @@ -215,12 +215,24 @@ impl Auth {
215215 return Ok ( permissions) ;
216216 }
217217
218- // No auth required, so create a dummy token that allows accessing everything.
219- Ok ( moq_token:: Claims {
218+ // Check if authentication is required but no token was provided
219+ if auth. key . is_some ( ) {
220+ anyhow:: bail!( "authentication required but no token provided" ) ;
221+ }
222+
223+ // No auth required, so create a token that allows public access
224+ let claims = moq_token:: Claims {
220225 path : path. to_string ( ) ,
221226 publish : auth. public_write . then_some ( "" . to_string ( ) ) ,
222227 subscribe : auth. public_read . then_some ( "" . to_string ( ) ) ,
223228 ..Default :: default ( )
224- } )
229+ } ;
230+
231+ // Reject connections that have no permissions at all
232+ if claims. publish . is_none ( ) && claims. subscribe . is_none ( ) {
233+ anyhow:: bail!( "session has no access permissions" ) ;
234+ }
235+
236+ Ok ( claims)
225237 }
226238}
You can’t perform that action at this time.
0 commit comments