2022-04-02 13:44:09 +00:00
|
|
|
use actix::Actor;
|
|
|
|
|
use actix_identity::{CookieIdentityPolicy, IdentityService};
|
2022-04-04 15:43:53 +00:00
|
|
|
use actix_web::{App, get, HttpResponse, HttpServer, web};
|
2022-04-03 13:50:49 +00:00
|
|
|
use actix_web::cookie::SameSite;
|
2022-04-03 14:45:25 +00:00
|
|
|
use actix_web::cookie::time::Duration;
|
2022-03-30 08:29:10 +00:00
|
|
|
use actix_web::middleware::Logger;
|
2022-03-30 08:14:39 +00:00
|
|
|
use clap::Parser;
|
2022-03-29 17:32:31 +00:00
|
|
|
|
2022-04-03 14:45:25 +00:00
|
|
|
use basic_oidc::actors::bruteforce_actor::BruteForceActor;
|
2022-04-02 13:44:09 +00:00
|
|
|
use basic_oidc::actors::users_actor::UsersActor;
|
2022-04-07 15:57:10 +00:00
|
|
|
use basic_oidc::constants::*;
|
|
|
|
|
use basic_oidc::controllers::*;
|
2022-03-30 08:14:39 +00:00
|
|
|
use basic_oidc::controllers::assets_controller::assets_route;
|
2022-04-01 17:05:40 +00:00
|
|
|
use basic_oidc::controllers::login_controller::{login_route, logout_route};
|
2022-03-29 17:32:31 +00:00
|
|
|
use basic_oidc::data::app_config::AppConfig;
|
2022-04-06 15:18:06 +00:00
|
|
|
use basic_oidc::data::client::ClientManager;
|
2022-03-29 17:32:31 +00:00
|
|
|
use basic_oidc::data::entity_manager::EntityManager;
|
|
|
|
|
use basic_oidc::data::user::{hash_password, User};
|
2022-04-02 13:44:09 +00:00
|
|
|
use basic_oidc::middlewares::auth_middleware::AuthMiddleware;
|
2022-03-29 17:32:31 +00:00
|
|
|
|
|
|
|
|
#[get("/health")]
|
2022-03-30 08:14:39 +00:00
|
|
|
async fn health() -> &'static str {
|
2022-03-29 17:32:31 +00:00
|
|
|
"Running"
|
2022-03-29 16:19:23 +00:00
|
|
|
}
|
2022-03-29 17:32:31 +00:00
|
|
|
|
2022-03-30 08:14:39 +00:00
|
|
|
#[actix_web::main]
|
|
|
|
|
async fn main() -> std::io::Result<()> {
|
|
|
|
|
env_logger::init_from_env(env_logger::Env::new().default_filter_or("info"));
|
2022-03-29 17:32:31 +00:00
|
|
|
|
2022-03-30 14:58:00 +00:00
|
|
|
let mut config: AppConfig = AppConfig::parse();
|
|
|
|
|
|
|
|
|
|
// In debug mode only, use dummy token
|
|
|
|
|
if cfg!(debug_assertions) && config.token_key.is_empty() {
|
|
|
|
|
config.token_key = String::from_utf8_lossy(&[32; 32]).to_string();
|
|
|
|
|
}
|
2022-03-29 17:32:31 +00:00
|
|
|
|
|
|
|
|
if !config.storage_path().exists() {
|
2022-03-30 06:42:18 +00:00
|
|
|
log::error!(
|
|
|
|
|
"Specified storage path {:?} does not exists!",
|
|
|
|
|
config.storage_path()
|
|
|
|
|
);
|
2022-03-29 17:32:31 +00:00
|
|
|
panic!()
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
let mut users = EntityManager::<User>::open_or_create(config.users_file())
|
|
|
|
|
.expect("Failed to load users list!");
|
|
|
|
|
|
|
|
|
|
// Create initial user if required
|
2022-03-30 06:42:18 +00:00
|
|
|
if users.is_empty() {
|
2022-03-29 17:32:31 +00:00
|
|
|
log::info!("Create default {} user", DEFAULT_ADMIN_USERNAME);
|
2022-03-30 06:42:18 +00:00
|
|
|
let default_admin = User {
|
|
|
|
|
username: DEFAULT_ADMIN_USERNAME.to_string(),
|
|
|
|
|
password: hash_password(DEFAULT_ADMIN_PASSWORD).unwrap(),
|
|
|
|
|
need_reset_password: true,
|
2022-04-07 15:32:29 +00:00
|
|
|
authorized_clients: None,
|
2022-03-30 06:42:18 +00:00
|
|
|
admin: true,
|
|
|
|
|
..Default::default()
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
users
|
|
|
|
|
.insert(default_admin)
|
2022-03-29 17:32:31 +00:00
|
|
|
.expect("Failed to create initial user!");
|
|
|
|
|
}
|
|
|
|
|
|
2022-03-30 09:40:03 +00:00
|
|
|
let users_actor = UsersActor::new(users).start();
|
2022-04-03 14:45:25 +00:00
|
|
|
let bruteforce_actor = BruteForceActor::default().start();
|
2022-03-30 09:40:03 +00:00
|
|
|
|
2022-03-30 08:14:39 +00:00
|
|
|
log::info!("Server will listen on {}", config.listen_address);
|
2022-04-03 13:48:45 +00:00
|
|
|
let listen_address = config.listen_address.to_string();
|
2022-03-30 08:14:39 +00:00
|
|
|
|
2022-03-30 09:40:03 +00:00
|
|
|
HttpServer::new(move || {
|
2022-04-06 15:18:06 +00:00
|
|
|
let clients = ClientManager::open_or_create(config.clients_file())
|
|
|
|
|
.expect("Failed to load clients list!");
|
|
|
|
|
|
2022-03-30 14:58:00 +00:00
|
|
|
let policy = CookieIdentityPolicy::new(config.token_key.as_bytes())
|
2022-04-02 15:03:51 +00:00
|
|
|
.name(SESSION_COOKIE_NAME)
|
2022-04-03 13:48:45 +00:00
|
|
|
.secure(config.secure_cookie())
|
2022-04-02 15:17:54 +00:00
|
|
|
.visit_deadline(Duration::seconds(MAX_INACTIVITY_DURATION))
|
|
|
|
|
.login_deadline(Duration::seconds(MAX_SESSION_DURATION))
|
|
|
|
|
.same_site(SameSite::Strict);
|
2022-03-30 14:58:00 +00:00
|
|
|
|
2022-03-30 08:14:39 +00:00
|
|
|
App::new()
|
2022-03-30 09:40:03 +00:00
|
|
|
.app_data(web::Data::new(users_actor.clone()))
|
2022-04-03 14:45:25 +00:00
|
|
|
.app_data(web::Data::new(bruteforce_actor.clone()))
|
2022-04-03 13:48:45 +00:00
|
|
|
.app_data(web::Data::new(config.clone()))
|
2022-04-06 15:18:06 +00:00
|
|
|
.app_data(web::Data::new(clients))
|
2022-04-04 15:39:23 +00:00
|
|
|
|
2022-03-30 08:29:10 +00:00
|
|
|
.wrap(Logger::default())
|
2022-04-02 13:44:09 +00:00
|
|
|
.wrap(AuthMiddleware {})
|
2022-04-02 15:03:51 +00:00
|
|
|
.wrap(IdentityService::new(policy))
|
2022-04-04 15:39:23 +00:00
|
|
|
|
2022-04-04 15:43:53 +00:00
|
|
|
// main route
|
|
|
|
|
.route("/", web::get()
|
|
|
|
|
.to(|| async { HttpResponse::Found().append_header(("Location", "/settings")).finish() }))
|
|
|
|
|
|
2022-04-04 15:39:23 +00:00
|
|
|
// health route
|
2022-03-30 08:14:39 +00:00
|
|
|
.service(health)
|
2022-04-04 15:39:23 +00:00
|
|
|
|
2022-03-30 09:40:03 +00:00
|
|
|
// Assets serving
|
2022-03-30 08:14:39 +00:00
|
|
|
.route("/assets/{path:.*}", web::get().to(assets_route))
|
2022-04-04 15:39:23 +00:00
|
|
|
|
2022-03-30 09:40:03 +00:00
|
|
|
// Login page
|
2022-03-30 08:29:10 +00:00
|
|
|
.route("/login", web::get().to(login_route))
|
2022-03-30 09:40:03 +00:00
|
|
|
.route("/login", web::post().to(login_route))
|
2022-04-04 15:39:23 +00:00
|
|
|
|
2022-04-01 17:05:40 +00:00
|
|
|
// Logout page
|
|
|
|
|
.route("/logout", web::get().to(logout_route))
|
2022-04-04 15:39:23 +00:00
|
|
|
|
|
|
|
|
// Settings routes
|
|
|
|
|
.route("/settings", web::get().to(settings_controller::account_settings_details_route))
|
2022-04-05 15:17:34 +00:00
|
|
|
.route("/settings/change_password", web::get().to(settings_controller::change_password_route))
|
|
|
|
|
.route("/settings/change_password", web::post().to(settings_controller::change_password_route))
|
2022-04-06 15:18:06 +00:00
|
|
|
|
|
|
|
|
// Admin routes
|
2022-04-06 16:03:00 +00:00
|
|
|
.route("/admin", web::get()
|
|
|
|
|
.to(|| async { HttpResponse::Found().append_header(("Location", "/settings")).finish() }))
|
2022-04-06 15:18:06 +00:00
|
|
|
.route("/admin/clients", web::get().to(admin_controller::clients_route))
|
2022-04-06 16:03:00 +00:00
|
|
|
.route("/admin/users", web::get().to(admin_controller::users_route))
|
2022-04-07 16:59:48 +00:00
|
|
|
.route("/admin/users", web::post().to(admin_controller::users_route))
|
2022-04-07 15:04:05 +00:00
|
|
|
.route("/admin/create_user", web::get().to(admin_controller::create_user))
|
2022-04-08 14:28:19 +00:00
|
|
|
.route("/admin/edit_user", web::get().to(admin_controller::edit_user))
|
2022-04-07 15:57:10 +00:00
|
|
|
|
|
|
|
|
// Admin API
|
|
|
|
|
.route("/admin/api/find_username", web::post().to(admin_api::find_username))
|
2022-04-08 15:54:51 +00:00
|
|
|
.route("/admin/api/delete_user", web::post().to(admin_api::delete_user))
|
2022-04-08 16:53:57 +00:00
|
|
|
|
|
|
|
|
// OpenID specs
|
|
|
|
|
.route(".well-known/openid-configuration", web::get().to(openid_controller::get_configuration))
|
2022-03-30 08:14:39 +00:00
|
|
|
})
|
2022-04-03 14:45:25 +00:00
|
|
|
.bind(listen_address)?
|
|
|
|
|
.run()
|
|
|
|
|
.await
|
2022-03-30 06:42:18 +00:00
|
|
|
}
|
