taiars/nora
1
0
Fork 0
mirror of https://github.com/getnora-io/nora.git synced 2026-04-12 10:20:32 +00:00
Code Issues Packages Projects Releases Wiki Activity

refactor: extract basic_auth_header helper, add plaintext credential warnings

Browse Source 
- basic_auth_header() in config.rs replaces 6 inline STANDARD.encode calls
- warn_plaintext_credentials() logs warning at startup if auth is in config.toml
- All protocol handlers use shared helper instead of duplicating base64 logic
This commit is contained in:
devitway
2026-03-15 21:37:51 +00:00
parent e02e63a972
commit 7345dfc7e7
7 changed files with 54 additions and 21 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
nora-registry/src/registry/maven.rs
View File

@@ -3,6 +3,7 @@
use crate::activity_log::{ActionType, ActivityEntry};
use crate::audit::AuditEntry;
use crate::config::basic_auth_header;
use crate::AppState;
use axum::{
body::Bytes,
@@ -12,7 +13,6 @@ use axum::{
routing::{get, put},
Router,
};
use base64::{engine::general_purpose::STANDARD, Engine};
use std::sync::Arc;
use std::time::Duration;
@@ -136,8 +136,7 @@ async fn fetch_from_proxy(
) -> Result<Vec<u8>, ()> {
let mut request = client.get(url).timeout(Duration::from_secs(timeout_secs));
if let Some(credentials) = auth {
let encoded = STANDARD.encode(credentials);
request = request.header("Authorization", format!("Basic {}", encoded));
request = request.header("Authorization", basic_auth_header(credentials));
}
let response = request.send().await.map_err(|_| ())?;