Initial token should allow full access. (#5873)

rpc/src/v1/extractors.rs

@@ -81,7 +81,7 @@ impl ws::MetaExtractor<Metadata> for WsExtractor {
 		let dapp = req.origin.as_ref().map(|origin| (&**origin).into()).unwrap_or_default();
 		metadata.origin = match self.authcodes_path {
 			Some(ref path) => {
-				let authorization = req.protocols.get(0).and_then(|p| auth_token_hash(&path, p));
+				let authorization = req.protocols.get(0).and_then(|p| auth_token_hash(&path, p, true));
 				match authorization {
 					Some(id) => Origin::Signer { session: id.into(), dapp: dapp },
 					None => Origin::Ws { session: id.into(), dapp: dapp },
@@ -117,7 +117,7 @@ impl ws::RequestMiddleware for WsExtractor {
 		let protocols = req.protocols().ok().unwrap_or_else(Vec::new);
 		if let Some(ref path) = self.authcodes_path {
 			if protocols.len() == 1 {
-				let authorization = auth_token_hash(&path, protocols[0]);
+				let authorization = auth_token_hash(&path, protocols[0], false);
 				if authorization.is_none() {
 					warn!(
 						"Blocked connection from {} using invalid token.",
@@ -142,7 +142,7 @@ fn add_security_headers(res: &mut ws::ws::Response) {
 	headers.push(("X-Content-Type-Options".into(), b"nosniff".to_vec()));
 }
 
-fn auth_token_hash(codes_path: &Path, protocol: &str) -> Option<H256> {
+fn auth_token_hash(codes_path: &Path, protocol: &str, save_file: bool) -> Option<H256> {
 	let mut split = protocol.split('_');
 	let auth = split.next().and_then(|v| v.parse().ok());
 	let time = split.next().and_then(|v| u64::from_str_radix(v, 10).ok());
@@ -156,10 +156,13 @@ fn auth_token_hash(codes_path: &Path, protocol: &str) -> Option<H256> {
 				codes.clear_garbage();
 
 				let res = codes.is_valid(&auth, time);
+
+				if save_file {
 					// make sure to save back authcodes - it might have been modified
 					if codes.to_file(codes_path).is_err() {
 						warn!(target: "signer", "Couldn't save authorization codes to file.");
 					}
+				}
 
 				if res {
 					Some(auth)