senke/veza
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

chore(rust): chat server env, veza-common auth, stream server routes/websocket

Browse source 
Co-authored-by: Cursor <cursoragent@cursor.com>
This commit is contained in:
senke 2026-02-11 22:19:17 +01:00
parent 30f17dfc2a
commit a83a76e942
5 changed files with 8 additions and 6 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
veza-chat-server/.env.lab.example
View file

@ -3,8 +3,8 @@
# Base de données (avec schema chat forcé) # Base de données (avec schema chat forcé)
# Note: Les scripts lab ajoutent automatiquement options=-c search_path=chat si absent # Note: Les scripts lab ajoutent automatiquement options=-c search_path=chat si absent
VEZA_LAB_DSN="postgres://veza:veza_password@localhost:5432/veza_lab?sslmode=disable" VEZA_LAB_DSN="postgres://veza:veza_password@veza.fr:5432/veza_lab?sslmode=disable"
DATABASE_URL="postgres://veza:veza_password@localhost:5432/veza_lab?sslmode=disable&options=-c%20search_path=chat" DATABASE_URL="postgres://veza:veza_password@veza.fr:5432/veza_lab?sslmode=disable&options=-c%20search_path=chat"
# Serveur # Serveur
CHAT_SERVER_PORT=8081 CHAT_SERVER_PORT=8081

2
veza-common/Cargo.toml
View file

@ -52,7 +52,7 @@ sha2 = "0.10"
hmac = "0.12" hmac = "0.12"
base64 = "0.21" base64 = "0.21"
rand = "0.8" rand = "0.8"
totp-rs = "5.4" totp-rs = { version = "5.4", features = ["otpauth"] }
# HTTP client # HTTP client
reqwest = { version = "0.11", features = ["json"] } reqwest = { version = "0.11", features = ["json"] }

2
veza-common/src/auth.rs
View file

@ -354,6 +354,8 @@ pub fn validate_totp_code(secret: &str, code: &str, _window: i64) -> VezaResult<
30, 30,
secret_obj.to_bytes() secret_obj.to_bytes()
.map_err(|e| VezaError::Auth(format!("Invalid TOTP secret: {}", e)))?, .map_err(|e| VezaError::Auth(format!("Invalid TOTP secret: {}", e)))?,
None,
"".to_string(),
).map_err(|e| VezaError::Auth(format!("Invalid TOTP secret: {}", e)))?; ).map_err(|e| VezaError::Auth(format!("Invalid TOTP secret: {}", e)))?;
let is_valid = totp.check_current(code) let is_valid = totp.check_current(code)

2
veza-stream-server/src/routes/api.rs
View file

@ -149,7 +149,7 @@ async fn internal_transcode_handler(
headers: HeaderMap, headers: HeaderMap,
Json(payload): Json<serde_json::Value>, Json(payload): Json<serde_json::Value>,
) -> Result<Json<serde_json::Value>, (StatusCode, String)> { ) -> Result<Json<serde_json::Value>, (StatusCode, String)> {
// SECURITY: Require X-Internal-API-Key when INTERNAL_API_KEY is set // SECURITY: Require X-Internal-API-Key when INTERNAL_API_KEY is set (P1.1.2)
if let Ok(expected_key) = std::env::var("INTERNAL_API_KEY") { if let Ok(expected_key) = std::env::var("INTERNAL_API_KEY") {
if !expected_key.is_empty() { if !expected_key.is_empty() {
let provided = headers let provided = headers

4
veza-stream-server/src/streaming/websocket.rs
View file

@ -313,7 +313,7 @@ impl WebSocketManager {
}; };
if let Ok(json) = serde_json::to_string(&welcome_event) { if let Ok(json) = serde_json::to_string(&welcome_event) {
if let Err(e) = sender_ws.send(Message::Text(json)).await { if let Err(e) = sender_ws.send(Message::Text(json.into())).await {
tracing::warn!("Erreur envoi message bienvenue: {}", e); tracing::warn!("Erreur envoi message bienvenue: {}", e);
} }
} }
@ -416,7 +416,7 @@ impl WebSocketManager {
if should_send { if should_send {
if let Ok(json) = serde_json::to_string(&event) { if let Ok(json) = serde_json::to_string(&event) {
if let Err(e) = sender_ws.send(Message::Text(json)).await { if let Err(e) = sender_ws.send(Message::Text(json.into())).await {
tracing::warn!( tracing::warn!(
"Erreur envoi événement à {}: {}", "Erreur envoi événement à {}: {}",
connection_id_clone, connection_id_clone,