feat(auth): Implement Tenant token

Make meilisearch support JWT authentication signed with meilisearch API keys using HS256, HS384 or HS512 algorithms. Related spec: https://github.com/meilisearch/specifications/pull/89 Fix #1991
2025-07-03 11:57:07 +02:00 · 2022-01-12 15:35:33 +01:00 · 2022-01-12 15:35:33 +01:00 · 7ca647f0d0
commit 7ca647f0d0
parent 7e2f6063ae
15 changed files with 980 additions and 109 deletions
--- a/meilisearch-lib/src/index_controller/mod.rs
+++ b/meilisearch-lib/src/index_controller/mod.rs
@ -1,3 +1,4 @@
+use meilisearch_auth::SearchRules;
 use std::collections::BTreeMap;
 use std::fmt;
 use std::io::Cursor;
@ -543,17 +544,14 @@ where
        Ok(stats)
    }

-    pub async fn get_all_stats(&self, index_filter: &Option<Vec<String>>) -> Result<Stats> {
+    pub async fn get_all_stats(&self, search_rules: &SearchRules) -> Result<Stats> {
        let mut last_task: Option<DateTime<_>> = None;
        let mut indexes = BTreeMap::new();
        let mut database_size = 0;
        let processing_task = self.task_store.get_processing_task().await?;

        for (index_uid, index) in self.index_resolver.list().await? {
-            if index_filter
-                .as_ref()
-                .map_or(false, |filter| !filter.contains(&index_uid))
-            {
+            if !search_rules.is_index_authorized(&index_uid) {
                continue;
            }