fix: JWT validation failures during replication (#7788) (#7795)

fix: add debug logging for JWT validation failures (#7788) When JWT file ID validation fails during replication, add a log message showing both the expected and actual file IDs to help diagnose issues. Ref #7788
2 months ago · 9c4a2e1b1a
1 changed files with 6 additions and 1 deletions
--- a/weed/server/volume_server_handlers.go
+++ b/weed/server/volume_server_handlers.go
@ -363,7 +363,12 @@ func (vs *VolumeServer) maybeCheckJwtAuthorization(r *http.Request, vid, fid str
 		if sepIndex := strings.LastIndex(fid, "_"); sepIndex > 0 {
 			fid = fid[:sepIndex]
 		}
-		return sc.Fid == vid+","+fid
+		expectedFid := vid + "," + fid
+		if sc.Fid != expectedFid {
+			glog.V(1).Infof("jwt fid mismatch from %s: token has %q, request has %q", r.RemoteAddr, sc.Fid, expectedFid)
+			return false
+		}
+		return true
 	}
 	glog.V(1).Infof("unexpected jwt from %s: %v", r.RemoteAddr, tokenStr)
 	return false