refactor: make doVerify a seperated func

2024-11-29 18:33:05 +00:00 · 2024-11-17 01:57:04 +08:00 · 2024-11-17 01:57:04 +08:00 · 121be57b2d
commit 121be57b2d
parent b39925f576
1 changed files with 22 additions and 20 deletions
--- a/hscontrol/handlers.go
+++ b/hscontrol/handlers.go
@ -57,21 +57,9 @@ func parseCabailityVersion(req *http.Request) (tailcfg.CapabilityVersion, error)
 	return tailcfg.CapabilityVersion(clientCapabilityVersion), nil
 }
-// see https://github.com/tailscale/tailscale/blob/964282d34f06ecc06ce644769c66b0b31d118340/derp/derp_server.go#L1159, Derp use verifyClientsURL to verify whether a client is allowed to connect to the DERP server.
+func (h *Headscale) handleVerifyRequest(
 func (h *Headscale) VerifyHandler(
 	writer http.ResponseWriter,
 	req *http.Request,
-) {
+) (bool, error) {
 	if req.Method != http.MethodPost {
 		http.Error(writer, "Wrong method", http.StatusMethodNotAllowed)
 		return
 	}
 	log.Debug().
 		Str("handler", "/verify").
 		Msg("verify client")
 	doVerify := func() (bool, error) {
 	body, err := io.ReadAll(req.Body)
 	if err != nil {
 		return false, fmt.Errorf("cannot read request body: %w", err)
@ -88,9 +76,23 @@ func (h *Headscale) VerifyHandler(
 	}
 	return nodes.ContainsNodeKey(derpAdmitClientRequest.NodePublic), nil
-	}
+}
-	allow, err := doVerify()
+// see https://github.com/tailscale/tailscale/blob/964282d34f06ecc06ce644769c66b0b31d118340/derp/derp_server.go#L1159, Derp use verifyClientsURL to verify whether a client is allowed to connect to the DERP server.
 func (h *Headscale) VerifyHandler(
 	writer http.ResponseWriter,
 	req *http.Request,
 ) {
 	if req.Method != http.MethodPost {
 		http.Error(writer, "Wrong method", http.StatusMethodNotAllowed)
 		return
 	}
 	log.Debug().
 		Str("handler", "/verify").
 		Msg("verify client")
 	allow, err := h.handleVerifyRequest(req)
 	if err != nil {
 		log.Error().
 			Caller().