update cron example (#97)

ecklf · web-flow · commit dd7a6f5a34ec · 2023-05-24T09:53:41.000+02:00
diff --git a/examples/cron/api/cron.rs b/examples/cron/api/cron.rs
@@ -31,22 +31,31 @@ impl<T: SlackClientHttpConnector + Send + Sync> Lambda<'_, T> {
     }
 
     pub async fn handler(&self, req: Request) -> Result<Response<Body>, Error> {
-        let parsed_url = Url::parse(&req.uri().to_string()).unwrap();
-        let hash_query: HashMap<String, String> = parsed_url.query_pairs().into_owned().collect();
-        let secret = hash_query.get("secret").map(|x| &**x);
-
-        // https://vercel.com/docs/cron-jobs#how-to-secure-cron-jobs
-        if secret != Some("geheim") {
-            return Ok(Response::builder()
-                .status(StatusCode::NOT_FOUND)
-                .body(().into())?);
-        }
+        let token_value = std::env::var("CRON_SECRET")?;
+        let headers = req.headers();
+
+        match headers.get("authorization") {
+            None => {
+                return Ok(Response::builder()
+                    .status(StatusCode::NOT_FOUND)
+                    .body(().into())?);
+            }
+            Some(authorization_header) => {
+                let authorization_string = authorization_header.to_str().unwrap();
 
-        let message = SlackMessage {};
+                if authorization_string != format!("Bearer {}", token_value) {
+                    return Ok(Response::builder()
+                        .status(StatusCode::NOT_FOUND)
+                        .body(().into())?);
+                }
 
-        self.post_message(&message, "#general").await?;
+                let message = SlackMessage {};
 
-        Ok(Response::builder().status(StatusCode::OK).body(().into())?)
+                self.post_message(&message, "#general").await?;
+
+                Ok(Response::builder().status(StatusCode::OK).body(().into())?)
+            }
+        }
     }
 }
 
diff --git a/examples/cron/vercel.json b/examples/cron/vercel.json
@@ -7,8 +7,8 @@
   },
   "crons": [
     {
-      "path": "/api/cron?secret=geheim",
-      "schedule": "30 9 * * *"
+      "path": "/api/cron",
+      "schedule": "0 10 * * *"
     }
   ]
 }

Original file line number	Diff line number	Diff line change
`@@ -7,8 +7,8 @@`
`7`	`7`	`},`
`8`	`8`	`"crons": [`
`9`	`9`	`{`
`10`		`- "path": "/api/cron?secret=geheim",`
`11`		`- "schedule": "30 9 * * *"`
	`10`	`+ "path": "/api/cron",`
	`11`	`+ "schedule": "0 10 * * *"`
`12`	`12`	`}`
`13`	`13`	`]`
`14`	`14`	`}`