From 3d19a0eba2cf2c9c7b6ae73cbac004fa995f7794 Mon Sep 17 00:00:00 2001 From: Pierre HUBERT Date: Thu, 4 Dec 2025 18:51:46 +0100 Subject: [PATCH] Optimize cache management --- Cargo.lock | 15 +++++++++ Cargo.toml | 2 ++ src/actors/bruteforce_actor.rs | 4 +-- src/actors/openid_sessions_actor.rs | 2 +- src/actors/providers_states_actor.rs | 2 +- src/controllers/assets_controller.rs | 37 ++++++++++++++++++++--- src/controllers/openid_controller.rs | 2 +- src/controllers/two_factors_controller.rs | 2 +- src/data/action_logger.rs | 2 +- src/data/current_user.rs | 2 +- src/data/provider_configuration.rs | 2 +- src/data/session_identity.rs | 2 +- src/data/totp_key.rs | 2 +- src/data/user.rs | 2 +- src/data/users_file_entity.rs | 2 +- src/data/webauthn_manager.rs | 2 +- src/utils/mod.rs | 2 +- src/utils/{time.rs => time_utils.rs} | 22 ++++++++++++-- 18 files changed, 85 insertions(+), 21 deletions(-) rename src/utils/{time.rs => time_utils.rs} (53%) diff --git a/Cargo.lock b/Cargo.lock index c8fd840..9ecf5b1 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -583,10 +583,12 @@ dependencies = [ "base64 0.22.1", "bcrypt", "bincode", + "build-time", "chrono", "clap", "digest 0.11.0-rc.4", "env_logger", + "httpdate", "include_dir", "jwt-simple", "lazy-regex", @@ -722,6 +724,19 @@ dependencies = [ "alloc-stdlib", ] +[[package]] +name = "build-time" +version = "0.1.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f1219c19fc29b7bfd74b7968b420aff5bc951cf517800176e795d6b2300dd382" +dependencies = [ + "chrono", + "once_cell", + "proc-macro2", + "quote", + "syn", +] + [[package]] name = "bumpalo" version = "3.19.0" diff --git a/Cargo.toml b/Cargo.toml index 9feb174..01f67cf 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -39,3 +39,5 @@ bincode = "2.0.1" chrono = "0.4.42" lazy_static = "1.5.0" mailchecker = "6.0.19" +httpdate = "1.0.3" +build-time = "0.1.3" diff --git a/src/actors/bruteforce_actor.rs b/src/actors/bruteforce_actor.rs index 914922b..ef62c34 100644 --- a/src/actors/bruteforce_actor.rs +++ b/src/actors/bruteforce_actor.rs @@ -5,7 +5,7 @@ use std::net::IpAddr; use actix::{Actor, AsyncContext, Context, Handler, Message}; use crate::constants::{FAIL_LOGIN_ATTEMPT_CLEANUP_INTERVAL, KEEP_FAILED_LOGIN_ATTEMPTS_FOR}; -use crate::utils::time::time; +use crate::utils::time_utils::time; #[derive(Message)] #[rtype(result = "()")] @@ -87,7 +87,7 @@ mod test { use std::net::{IpAddr, Ipv4Addr}; use crate::actors::bruteforce_actor::BruteForceActor; - use crate::utils::time::time; + use crate::utils::time_utils::time; const IP_1: IpAddr = IpAddr::V4(Ipv4Addr::new(192, 168, 1, 1)); const IP_2: IpAddr = IpAddr::V4(Ipv4Addr::new(192, 168, 1, 2)); diff --git a/src/actors/openid_sessions_actor.rs b/src/actors/openid_sessions_actor.rs index 0b3a9d6..25b1417 100644 --- a/src/actors/openid_sessions_actor.rs +++ b/src/actors/openid_sessions_actor.rs @@ -10,7 +10,7 @@ use crate::data::jwt_signer::JWTSigner; use crate::data::user::UserID; use crate::utils::err::Res; use crate::utils::string_utils::rand_str; -use crate::utils::time::time; +use crate::utils::time_utils::time; #[derive(Clone, Debug, serde::Serialize, serde::Deserialize, Eq, PartialEq)] pub struct SessionID(pub String); diff --git a/src/actors/providers_states_actor.rs b/src/actors/providers_states_actor.rs index e2b39ca..9dbaed6 100644 --- a/src/actors/providers_states_actor.rs +++ b/src/actors/providers_states_actor.rs @@ -15,7 +15,7 @@ use std::net::IpAddr; use crate::data::login_redirect::LoginRedirect; use crate::data::provider::ProviderID; use crate::utils::string_utils::rand_str; -use crate::utils::time::time; +use crate::utils::time_utils::time; #[derive(Debug, Clone, serde::Serialize)] pub struct ProviderLoginState { diff --git a/src/controllers/assets_controller.rs b/src/controllers/assets_controller.rs index b07da33..d8544c7 100644 --- a/src/controllers/assets_controller.rs +++ b/src/controllers/assets_controller.rs @@ -1,7 +1,11 @@ -use std::path::Path; - -use actix_web::{HttpResponse, web}; +use crate::utils::crypt_utils::sha256; +use crate::utils::time_utils; +use actix_web::http::header; +use actix_web::{HttpRequest, HttpResponse, web}; use include_dir::{Dir, include_dir}; +use std::ops::Add; +use std::path::Path; +use std::time::Duration; /// Assets directory static ASSETS_DIR: Dir = include_dir!("$CARGO_MANIFEST_DIR/assets"); @@ -12,14 +16,39 @@ pub async fn robots_txt() -> HttpResponse { .body(include_str!("../../assets/robots.txt")) } -pub async fn assets_route(path: web::Path) -> HttpResponse { +pub async fn assets_route(req: HttpRequest, path: web::Path) -> HttpResponse { let path: &Path = path.as_ref().as_ref(); match ASSETS_DIR.get_file(path) { None => HttpResponse::NotFound().body("404 Not found"), Some(file) => { let res = mime_guess::from_path(path).first_or_octet_stream(); + let digest = format!("{:x?}", sha256(file.contents())); + + // Check if the browser already knows the file by date + if let Some(c) = req.headers().get(header::IF_MODIFIED_SINCE) { + let date_str = c.to_str().unwrap_or(""); + if let Ok(date) = httpdate::parse_http_date(date_str) + && date.add(Duration::from_secs(1)) + >= time_utils::unix_to_system_time(time_utils::build_time()) + { + return HttpResponse::NotModified().finish(); + } + } + + // Check if the browser already knows the etag + if let Some(c) = req.headers().get(header::IF_NONE_MATCH) + && c.to_str().unwrap_or("") == digest + { + return HttpResponse::NotModified().finish(); + } + HttpResponse::Ok() .content_type(res.to_string()) + .insert_header(("etag", digest)) + .insert_header(( + "last-modified", + time_utils::unix_to_http_date(time_utils::build_time()), + )) .body(file.contents()) } } diff --git a/src/controllers/openid_controller.rs b/src/controllers/openid_controller.rs index df88589..cd08a12 100644 --- a/src/controllers/openid_controller.rs +++ b/src/controllers/openid_controller.rs @@ -26,7 +26,7 @@ use crate::data::login_redirect::{LoginRedirect, get_2fa_url}; use crate::data::session_identity::SessionIdentity; use crate::data::user::User; use crate::utils::string_utils::rand_str; -use crate::utils::time::time; +use crate::utils::time_utils::time; pub async fn get_configuration(req: HttpRequest) -> impl Responder { let is_secure_request = req diff --git a/src/controllers/two_factors_controller.rs b/src/controllers/two_factors_controller.rs index 1883a8b..8dadd54 100644 --- a/src/controllers/two_factors_controller.rs +++ b/src/controllers/two_factors_controller.rs @@ -14,7 +14,7 @@ use crate::data::current_user::CurrentUser; use crate::data::totp_key::TotpKey; use crate::data::user::User; use crate::data::webauthn_manager::WebAuthManagerReq; -use crate::utils::time::fmt_time; +use crate::utils::time_utils::fmt_time; #[derive(Template)] #[template(path = "settings/two_factors_page.html")] diff --git a/src/data/action_logger.rs b/src/data/action_logger.rs index 448c2b3..a619546 100644 --- a/src/data/action_logger.rs +++ b/src/data/action_logger.rs @@ -17,7 +17,7 @@ use crate::data::provider::{Provider, ProviderID}; use crate::data::session_identity::SessionIdentity; use crate::data::user::{FactorID, GrantedClients, TwoFactor, TwoFactorType, User, UserID}; -use crate::utils::time::time; +use crate::utils::time_utils::time; #[derive(serde::Serialize)] pub struct LoggableUser { diff --git a/src/data/current_user.rs b/src/data/current_user.rs index 8d08912..e0d458a 100644 --- a/src/data/current_user.rs +++ b/src/data/current_user.rs @@ -13,7 +13,7 @@ use crate::actors::users_actor::UsersActor; use crate::constants::SECOND_FACTOR_EXPIRATION_FOR_CRITICAL_OPERATIONS; use crate::data::session_identity::SessionIdentity; use crate::data::user::User; -use crate::utils::time::time; +use crate::utils::time_utils::time; pub struct CurrentUser { user: User, diff --git a/src/data/provider_configuration.rs b/src/data/provider_configuration.rs index 85e1f0e..061537a 100644 --- a/src/data/provider_configuration.rs +++ b/src/data/provider_configuration.rs @@ -9,7 +9,7 @@ use crate::data::app_config::AppConfig; use crate::data::provider::Provider; use crate::utils::err::Res; -use crate::utils::time::time; +use crate::utils::time_utils::time; /// Provider configuration #[derive(Debug, Clone)] diff --git a/src/data/session_identity.rs b/src/data/session_identity.rs index fba3971..2ba1a6f 100644 --- a/src/data/session_identity.rs +++ b/src/data/session_identity.rs @@ -3,7 +3,7 @@ use actix_web::{HttpMessage, HttpRequest}; use serde::{Deserialize, Serialize}; use crate::data::user::{User, UserID}; -use crate::utils::time::time; +use crate::utils::time_utils::time; #[derive(Debug, Serialize, Deserialize, Eq, PartialEq, Default)] pub enum SessionStatus { diff --git a/src/data/totp_key.rs b/src/data/totp_key.rs index 42def47..b32b620 100644 --- a/src/data/totp_key.rs +++ b/src/data/totp_key.rs @@ -5,7 +5,7 @@ use totp_rfc6238::{HashAlgorithm, TotpGenerator}; use crate::data::app_config::AppConfig; use crate::data::user::User; use crate::utils::err::Res; -use crate::utils::time::time; +use crate::utils::time_utils::time; const BASE32_ALPHABET: Alphabet = Alphabet::Rfc4648 { padding: true }; const NUM_DIGITS: usize = 6; diff --git a/src/data/user.rs b/src/data/user.rs index 7911245..5995fc7 100644 --- a/src/data/user.rs +++ b/src/data/user.rs @@ -9,7 +9,7 @@ use crate::data::login_redirect::LoginRedirect; use crate::data::provider::{Provider, ProviderID}; use crate::data::totp_key::TotpKey; use crate::data::webauthn_manager::WebauthnPubKey; -use crate::utils::time::{fmt_time, time}; +use crate::utils::time_utils::{fmt_time, time}; #[derive(Clone, Debug, Eq, PartialEq, serde::Serialize, serde::Deserialize, Encode, Decode)] pub struct UserID(pub String); diff --git a/src/data/users_file_entity.rs b/src/data/users_file_entity.rs index 137ebb5..86b56d7 100644 --- a/src/data/users_file_entity.rs +++ b/src/data/users_file_entity.rs @@ -4,7 +4,7 @@ use crate::actors::users_actor::{AuthorizedAuthenticationSources, UsersSyncBacke use crate::data::entity_manager::EntityManager; use crate::data::user::{FactorID, GeneralSettings, GrantedClients, TwoFactor, User, UserID}; use crate::utils::err::{Res, new_error}; -use crate::utils::time::time; +use crate::utils::time_utils::time; impl EntityManager { /// Update user information diff --git a/src/data/webauthn_manager.rs b/src/data/webauthn_manager.rs index e89e5be..a3d720e 100644 --- a/src/data/webauthn_manager.rs +++ b/src/data/webauthn_manager.rs @@ -16,7 +16,7 @@ use crate::constants::{ use crate::data::app_config::AppConfig; use crate::data::user::{User, UserID}; use crate::utils::err::Res; -use crate::utils::time::time; +use crate::utils::time_utils::time; #[derive(Clone, Debug, serde::Serialize, serde::Deserialize)] pub struct WebauthnPubKey { diff --git a/src/utils/mod.rs b/src/utils/mod.rs index 86d67dc..a4f4465 100644 --- a/src/utils/mod.rs +++ b/src/utils/mod.rs @@ -1,4 +1,4 @@ pub mod crypt_utils; pub mod err; pub mod string_utils; -pub mod time; +pub mod time_utils; diff --git a/src/utils/time.rs b/src/utils/time_utils.rs similarity index 53% rename from src/utils/time.rs rename to src/utils/time_utils.rs index b757eba..332dd18 100644 --- a/src/utils/time.rs +++ b/src/utils/time_utils.rs @@ -1,5 +1,5 @@ use chrono::DateTime; -use std::time::{SystemTime, UNIX_EPOCH}; +use std::time::{Duration, SystemTime, UNIX_EPOCH}; /// Get the current time since epoch pub fn time() -> u64 { @@ -19,9 +19,27 @@ pub fn fmt_time(timestamp: u64) -> String { datetime.format("%Y-%m-%d %H:%M:%S").to_string() } +/// Convert UNIX time to system time +pub fn unix_to_system_time(time: u64) -> SystemTime { + UNIX_EPOCH + Duration::from_secs(time) +} + +/// Format UNIX time to HTTP date +pub fn unix_to_http_date(time: u64) -> String { + httpdate::fmt_http_date(unix_to_system_time(time)) +} + +/// Get build time in UNIX format +pub fn build_time() -> u64 { + let build_time = build_time::build_time_local!(); + let date = + chrono::DateTime::parse_from_rfc3339(build_time).expect("Failed to parse compile date"); + date.timestamp() as u64 +} + #[cfg(test)] mod test { - use crate::utils::time::{fmt_time, time}; + use crate::utils::time_utils::{fmt_time, time}; #[test] fn test_time() {