diff --git a/Cargo.lock b/Cargo.lock index 1a3738f..7d45bab 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -2,6 +2,18 @@ # It is not intended for manual editing. version = 3 +[[package]] +name = "actix-auth-middleware" +version = "0.2.0" +source = "git+https://github.com/realaravinth/actix-auth-middleware?branch=v4#81fc0adcb54a7601afe479f8408261f18c8f8d89" +dependencies = [ + "actix-http", + "actix-identity", + "actix-service", + "actix-web", + "futures", +] + [[package]] name = "actix-codec" version = "0.5.0" @@ -56,6 +68,21 @@ dependencies = [ "zstd", ] +[[package]] +name = "actix-identity" +version = "0.4.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "171fe3ed055b2dd50c61967911d253d47e76e1d4308acfbf99fc7affe5ec42aa" +dependencies = [ + "actix-service", + "actix-utils", + "actix-web", + "futures-util", + "serde", + "serde_json", + "time", +] + [[package]] name = "actix-macros" version = "0.2.3" @@ -199,6 +226,41 @@ version = "1.0.2" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "f26201604c87b1e01bd3d98f8d5d9a8fcbb815e8cedb41ffccbeb4bf593a35fe" +[[package]] +name = "aead" +version = "0.4.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "0b613b8e1e3cf911a086f53f03bf286f52fd7a7258e4fa606f0ef220d39d8877" +dependencies = [ + "generic-array", +] + +[[package]] +name = "aes" +version = "0.7.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9e8b47f52ea9bae42228d07ec09eb676433d7c4ed1ebdf0f1d1c29ed446f1ab8" +dependencies = [ + "cfg-if", + "cipher", + "cpufeatures", + "opaque-debug", +] + +[[package]] +name = "aes-gcm" +version = "0.9.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "df5f85a83a7d8b0442b6aa7b504b8212c1733da07b98aae43d4bc21b2cb3cdf6" +dependencies = [ + "aead", + "aes", + "cipher", + "ctr", + "ghash", + "subtle", +] + [[package]] name = "ahash" version = "0.7.6" @@ -407,6 +469,15 @@ version = "1.0.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "baf1de4339761588bc0619e3cbc0120ee582ebb74b53b4efbf79117bd2da40fd" +[[package]] +name = "cipher" +version = "0.3.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "7ee52072ec15386f770805afd189a01c8841be8696bed250fa2f13c4c0d6dfb7" +dependencies = [ + "generic-array", +] + [[package]] name = "clap" version = "3.2.20" @@ -483,7 +554,14 @@ version = "0.16.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "94d4706de1b0fa5b132270cddffa8585166037822e260a944fe161acd137ca05" dependencies = [ + "aes-gcm", + "base64", + "hkdf", + "hmac", "percent-encoding", + "rand", + "sha2", + "subtle", "time", "version_check", ] @@ -551,6 +629,15 @@ dependencies = [ "typenum", ] +[[package]] +name = "ctr" +version = "0.8.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "049bb91fb4aaf0e3c7efa6cd5ef877dbbbd15b39dad06d9948de4ec8a75761ea" +dependencies = [ + "cipher", +] + [[package]] name = "darling" version = "0.14.1" @@ -755,6 +842,21 @@ dependencies = [ "new_debug_unreachable", ] +[[package]] +name = "futures" +version = "0.3.24" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "7f21eda599937fba36daeb58a22e8f5cee2d14c4a17b5b7739c7c8e5e3b8230c" +dependencies = [ + "futures-channel", + "futures-core", + "futures-executor", + "futures-io", + "futures-sink", + "futures-task", + "futures-util", +] + [[package]] name = "futures-channel" version = "0.3.24" @@ -771,6 +873,17 @@ version = "0.3.24" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "4e5aa3de05362c3fb88de6531e6296e85cde7739cccad4b9dfeeb7f6ebce56bf" +[[package]] +name = "futures-executor" +version = "0.3.24" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9ff63c23854bee61b6e9cd331d523909f238fc7636290b96826e9cfa5faa00ab" +dependencies = [ + "futures-core", + "futures-task", + "futures-util", +] + [[package]] name = "futures-intrusive" version = "0.4.0" @@ -782,6 +895,23 @@ dependencies = [ "parking_lot 0.11.2", ] +[[package]] +name = "futures-io" +version = "0.3.24" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "bbf4d2a7a308fd4578637c0b17c7e1c7ba127b8f6ba00b29f717e9655d85eb68" + +[[package]] +name = "futures-macro" +version = "0.3.24" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "42cd15d1c7456c04dbdf7e88bcd69760d74f3a798d6444e16974b505b0e62f17" +dependencies = [ + "proc-macro2", + "quote", + "syn", +] + [[package]] name = "futures-sink" version = "0.3.24" @@ -800,11 +930,16 @@ version = "0.3.24" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "44fb6cb1be61cc1d2e43b262516aafcf63b241cffdb1d3fa115f91d9c7b09c90" dependencies = [ + "futures-channel", "futures-core", + "futures-io", + "futures-macro", "futures-sink", "futures-task", + "memchr", "pin-project-lite", "pin-utils", + "slab", ] [[package]] @@ -828,6 +963,16 @@ dependencies = [ "wasi", ] +[[package]] +name = "ghash" +version = "0.4.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1583cc1656d7839fd3732b80cf4f38850336cdb9b8ded1cd399ca62958de3c99" +dependencies = [ + "opaque-debug", + "polyval", +] + [[package]] name = "git2" version = "0.14.4" @@ -1325,6 +1470,12 @@ version = "1.14.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "2f7254b99e31cad77da24b08ebf628882739a608578bb1bcdfc1f9c21260d7c0" +[[package]] +name = "opaque-debug" +version = "0.3.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "624a8340c38c1b80fd549087862da4ba43e08858af025b236e509b6649fc13d5" + [[package]] name = "openssl-probe" version = "0.1.5" @@ -1364,7 +1515,9 @@ checksum = "9ff7415e9ae3fff1225851df9e0d9e4e5479f947619774677a63572e55e80eff" name = "pages" version = "0.1.0" dependencies = [ + "actix-auth-middleware", "actix-http", + "actix-identity", "actix-rt", "actix-web", "actix-web-codegen-const-routes", @@ -1372,6 +1525,7 @@ dependencies = [ "clap", "config", "derive_more", + "futures", "git2", "lazy_static", "log", @@ -1386,6 +1540,7 @@ dependencies = [ "sqlx", "tokio", "url", + "urlencoding", ] [[package]] @@ -1554,6 +1709,18 @@ version = "0.3.25" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "1df8c4ec4b0627e53bdf214615ad287367e482558cf84b109250b37464dc03ae" +[[package]] +name = "polyval" +version = "0.5.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8419d2b623c7c0896ff2d5d96e2cb4ede590fed28fcc34934f4c33c036e620a1" +dependencies = [ + "cfg-if", + "cpufeatures", + "opaque-debug", + "universal-hash", +] + [[package]] name = "ppv-lite86" version = "0.2.16" @@ -2316,6 +2483,16 @@ version = "0.1.1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "39ec24b3121d976906ece63c9daad25b85969647682eee313cb5779fdd69e14e" +[[package]] +name = "universal-hash" +version = "0.4.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9f214e8f697e925001e66ec2c6e37a4ef93f0f78c2eed7814394e10c62025b05" +dependencies = [ + "generic-array", + "subtle", +] + [[package]] name = "untrusted" version = "0.7.1" @@ -2334,6 +2511,12 @@ dependencies = [ "percent-encoding", ] +[[package]] +name = "urlencoding" +version = "2.1.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e8db7427f936968176eaa7cdf81b7f98b980b18495ec28f1b5791ac3bfe3eea9" + [[package]] name = "utf-8" version = "0.7.6" diff --git a/Cargo.toml b/Cargo.toml index a0fc585..358adc7 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -15,6 +15,7 @@ authors = ["realaravinth "] [dependencies] actix-web = "4.0.1" actix-http = "3.0.4" +actix-identity = "0.4.0" actix-rt = "2" actix-web-codegen-const-routes = { version = "0.1.0", tag = "0.1.0", git = "https://github.com/realaravinth/actix-web-codegen-const-routes" } argon2-creds = { branch = "master", git = "https://github.com/realaravinth/argon2-creds"} @@ -33,6 +34,7 @@ log = "0.4" lazy_static = "1.4" url = "2.2" +urlencoding = "2.1.0" derive_more = "0.99" @@ -44,5 +46,14 @@ num_enum = "0.5.7" mime_guess = "2.0.4" rand = "0.8.5" + +[dependencies.actix-auth-middleware] +branch = "v4" +features = ["actix_identity_backend"] +git = "https://github.com/realaravinth/actix-auth-middleware" +version = "0.2" + + [dev-dependencies] +futures = "0.3.24" mktemp = "0.4.1" diff --git a/config/default.toml b/config/default.toml index 315674b..6b3c0f8 100644 --- a/config/default.toml +++ b/config/default.toml @@ -22,6 +22,7 @@ ip= "0.0.0.0" # with one also. workers = 2 domain = "demo.librepages.org" +cookie_secret = "94b2b2732626fdb7736229a7c777cb451e6304c147c4549f30" diff --git a/src/main.rs b/src/main.rs index c2262ea..0579a7d 100644 --- a/src/main.rs +++ b/src/main.rs @@ -15,15 +15,16 @@ * along with this program. If not, see . */ use std::env; -use std::sync::Arc; +use actix_identity::{CookieIdentityPolicy, IdentityService}; use actix_web::{ error::InternalError, http::StatusCode, middleware as actix_middleware, web::Data as WebData, web::JsonConfig, App, HttpServer, }; -use clap::{Parser, SubCommand, Subcommand}; +use clap::{Parser, Subcommand}; use log::info; +mod api; mod ctx; mod db; mod deploy; @@ -151,6 +152,20 @@ pub fn get_json_err() -> JsonConfig { }) } +#[cfg(not(tarpaulin_include))] +pub fn get_identity_service(settings: &Settings) -> IdentityService { + let cookie_secret = &settings.server.cookie_secret; + IdentityService::new( + CookieIdentityPolicy::new(cookie_secret.as_bytes()) + .path("/") + .name("Authorization") + //TODO change cookie age + .max_age_secs(216000) + .domain(&settings.server.domain) + .secure(false), + ) +} + pub fn services(cfg: &mut actix_web::web::ServiceConfig) { routes::services(cfg); } diff --git a/src/settings.rs b/src/settings.rs index f771f3c..c4f57fa 100644 --- a/src/settings.rs +++ b/src/settings.rs @@ -38,6 +38,7 @@ pub struct Server { pub port: u32, pub ip: String, pub workers: Option, + pub cookie_secret: String, pub domain: String, }