diff --git a/rpc/src/v1/extractors.rs b/rpc/src/v1/extractors.rs index b93ca7b87..261d3bfbf 100644 --- a/rpc/src/v1/extractors.rs +++ b/rpc/src/v1/extractors.rs @@ -81,7 +81,7 @@ impl ws::MetaExtractor for WsExtractor { let dapp = req.origin.as_ref().map(|origin| (&**origin).into()).unwrap_or_default(); metadata.origin = match self.authcodes_path { Some(ref path) => { - let authorization = req.protocols.get(0).and_then(|p| auth_token_hash(&path, p)); + let authorization = req.protocols.get(0).and_then(|p| auth_token_hash(&path, p, true)); match authorization { Some(id) => Origin::Signer { session: id.into(), dapp: dapp }, None => Origin::Ws { session: id.into(), dapp: dapp }, @@ -117,7 +117,7 @@ impl ws::RequestMiddleware for WsExtractor { let protocols = req.protocols().ok().unwrap_or_else(Vec::new); if let Some(ref path) = self.authcodes_path { if protocols.len() == 1 { - let authorization = auth_token_hash(&path, protocols[0]); + let authorization = auth_token_hash(&path, protocols[0], false); if authorization.is_none() { warn!( "Blocked connection from {} using invalid token.", @@ -142,7 +142,7 @@ fn add_security_headers(res: &mut ws::ws::Response) { headers.push(("X-Content-Type-Options".into(), b"nosniff".to_vec())); } -fn auth_token_hash(codes_path: &Path, protocol: &str) -> Option { +fn auth_token_hash(codes_path: &Path, protocol: &str, save_file: bool) -> Option { let mut split = protocol.split('_'); let auth = split.next().and_then(|v| v.parse().ok()); let time = split.next().and_then(|v| u64::from_str_radix(v, 10).ok()); @@ -156,9 +156,12 @@ fn auth_token_hash(codes_path: &Path, protocol: &str) -> Option { codes.clear_garbage(); let res = codes.is_valid(&auth, time); - // make sure to save back authcodes - it might have been modified - if codes.to_file(codes_path).is_err() { - warn!(target: "signer", "Couldn't save authorization codes to file."); + + if save_file { + // make sure to save back authcodes - it might have been modified + if codes.to_file(codes_path).is_err() { + warn!(target: "signer", "Couldn't save authorization codes to file."); + } } if res {