feat(auth): Implement Tenant token

Make meilisearch support JWT authentication signed with meilisearch API keys using HS256, HS384 or HS512 algorithms. Related spec: https://github.com/meilisearch/specifications/pull/89 Fix #1991
2025-07-04 20:37:15 +02:00 · 2022-01-12 15:35:33 +01:00 · 2022-01-12 15:35:33 +01:00 · 7ca647f0d0
commit 7ca647f0d0
parent 7e2f6063ae
15 changed files with 980 additions and 109 deletions
--- a/meilisearch-http/src/routes/indexes/mod.rs
+++ b/meilisearch-http/src/routes/indexes/mod.rs
@ -41,14 +41,13 @@ pub fn configure(cfg: &mut web::ServiceConfig) {
 pub async fn list_indexes(
    data: GuardedData<ActionPolicy<{ actions::INDEXES_GET }>, MeiliSearch>,
 ) -> Result<HttpResponse, ResponseError> {
-    let filters = data.filters();
-    let mut indexes = data.list_indexes().await?;
-    if let Some(indexes_filter) = filters.indexes.as_ref() {
-        indexes = indexes
-            .into_iter()
-            .filter(|i| indexes_filter.contains(&i.uid))
-            .collect();
-    }
+    let search_rules = &data.filters().search_rules;
+    let indexes: Vec<_> = data
+        .list_indexes()
+        .await?
+        .into_iter()
+        .filter(|i| search_rules.is_index_authorized(&i.uid))
+        .collect();

    debug!("returns: {:?}", indexes);
    Ok(HttpResponse::Ok().json(indexes))