Update actix_identity

2022-07-22 12:21:38 +02:00
parent 98313d07e6
commit 07542abf8b
10 changed files with 94 additions and 59 deletions
--- a/src/main.rs
+++ b/src/main.rs
@ -1,10 +1,13 @@
+use core::time::Duration;
 use std::sync::Arc;

 use actix::Actor;
-use actix_identity::{CookieIdentityPolicy, IdentityService};
+use actix_identity::config::LogoutBehaviour;
+use actix_identity::IdentityMiddleware;
+use actix_session::SessionMiddleware;
+use actix_session::storage::CookieSessionStore;
 use actix_web::{App, get, HttpResponse, HttpServer, middleware, web};
-use actix_web::cookie::SameSite;
-use actix_web::cookie::time::Duration;
+use actix_web::cookie::{Key, SameSite};
 use actix_web::middleware::Logger;
 use clap::Parser;

@ -35,7 +38,7 @@ async fn main() -> std::io::Result<()> {

    // In debug mode only, use dummy token
    if cfg!(debug_assertions) && config.token_key.is_empty() {
-        config.token_key = String::from_utf8_lossy(&[32; 32]).to_string();
+        config.token_key = String::from_utf8_lossy(&[32; 64]).to_string();
    }

    if !config.storage_path().exists() {
@ -81,12 +84,19 @@ async fn main() -> std::io::Result<()> {
            .expect("Failed to load clients list!");
        clients.apply_environment_variables();

-        let policy = CookieIdentityPolicy::new(config.token_key.as_bytes())
-            .name(SESSION_COOKIE_NAME)
-            .secure(config.secure_cookie())
-            .visit_deadline(Duration::seconds(MAX_INACTIVITY_DURATION))
-            .login_deadline(Duration::seconds(MAX_SESSION_DURATION))
-            .same_site(SameSite::Lax);
+        let session_mw =
+            SessionMiddleware::builder(CookieSessionStore::default(),
+                                       Key::from(config.token_key.as_bytes()))
+                .cookie_name(SESSION_COOKIE_NAME.to_string())
+                .cookie_secure(config.secure_cookie())
+                .cookie_same_site(SameSite::Lax)
+                .build();
+
+        let identity_middleware = IdentityMiddleware::builder()
+            .logout_behaviour(LogoutBehaviour::PurgeSession)
+            .visit_deadline(Some(Duration::from_secs(MAX_INACTIVITY_DURATION)))
+            .login_deadline(Some(Duration::from_secs(MAX_SESSION_DURATION)))
+            .build();

        App::new()
            .app_data(web::Data::new(users_actor.clone()))
@ -101,7 +111,8 @@ async fn main() -> std::io::Result<()> {
                .add(("Permissions-Policy", "interest-cohort=()")))
            .wrap(Logger::default())
            .wrap(AuthMiddleware {})
-            .wrap(IdentityService::new(policy))
+            .wrap(identity_middleware)
+            .wrap(session_mw)

            // main route
            .route("/", web::get()