pierre/MoneyMgr
1
0
Fork 0
Code Issues Pull Requests 2 Actions Packages Projects Releases 6 Wiki Activity

Compare commits

base: pierre:7b81f2c8c4c46239bad88033dcc2f3c362ecadd4
Branches Tags
pierre:main pierre:renovate/eslint-plugin-react-dom-1.x pierre:renovate/dart-3.x pierre:renovate/mui-x-data-grid-8.x pierre:renovate/mui-x-charts-8.x
pierre:1.0.5 pierre:1.0.4 pierre:1.0.3 pierre:1.0.2 pierre:1.0.1 pierre:1.0.0
..
compare: pierre:db0dc5096b9f14cf05465db18b8021576a185e3a
Branches Tags
pierre:renovate/eslint-plugin-react-dom-1.x pierre:renovate/dart-3.x pierre:renovate/mui-x-data-grid-8.x pierre:renovate/mui-x-charts-8.x pierre:main
pierre:1.0.5 pierre:1.0.4 pierre:1.0.3 pierre:1.0.2 pierre:1.0.1 pierre:1.0.0

1 Commits
7b81f2c8c4 ... db0dc5096b

Author SHA1 Message Date
Renovate Bot
db0dc5096b Update Rust crate lazy-regex to 3.4.2
Some checks failed
continuous-integration/drone/push Build is failing
Details
2025-11-03 00:10:17 +00:00
6 changed files with 57 additions and 34 deletions
Expand all files Collapse all files

21
moneymgr_backend/src/app_config.rs
View File

@@ -22,6 +22,10 @@ pub struct AppConfig {
#[clap(short = 'S', long, env, default_value = "")] #[clap(short = 'S', long, env, default_value = "")]
secret: String, secret: String,
/// Specify whether the cookie should be transmitted only over secure connections
#[clap(long, env)]
pub cookie_secure: bool,
/// Unsecure : for development, bypass authentication, using the account with the given /// Unsecure : for development, bypass authentication, using the account with the given
/// email address by default /// email address by default
#[clap(long, env)] #[clap(long, env)]
@@ -157,6 +161,23 @@ impl AppConfig {
self.unsecure_auto_login_email().is_some() self.unsecure_auto_login_email().is_some()
} }
/// Get auth cookie domain
pub fn cookie_domain(&self) -> Option<String> {
if cfg!(debug_assertions) {
let domain = self.website_origin.split_once("://")?.1;
Some(
domain
.split_once(':')
.map(|s| s.0)
.unwrap_or(domain)
.to_string(),
)
} else {
// In release mode, the web app is hosted on the same origin as the API
None
}
}
/// Get app secret /// Get app secret
pub fn secret(&self) -> &str { pub fn secret(&self) -> &str {
let mut secret = self.secret.as_str(); let mut secret = self.secret.as_str();

17
moneymgr_backend/src/controllers/files_controller.rs
View File

@@ -63,20 +63,21 @@ pub async fn download(
pub async fn serve_file(req: HttpRequest, file: &File, download_file: bool) -> HttpResult { pub async fn serve_file(req: HttpRequest, file: &File, download_file: bool) -> HttpResult {
if !download_file { if !download_file {
// Check if the browser already knows the etag // Check if the browser already knows the etag
if let Some(c) = req.headers().get(header::IF_NONE_MATCH) if let Some(c) = req.headers().get(header::IF_NONE_MATCH) {
&& c.to_str().unwrap_or("") == file.sha512.as_str() if c.to_str().unwrap_or("") == file.sha512.as_str() {
{ return Ok(HttpResponse::NotModified().finish());
return Ok(HttpResponse::NotModified().finish()); }
} }
// Check if the browser already knows the file by date // Check if the browser already knows the file by date
if let Some(c) = req.headers().get(header::IF_MODIFIED_SINCE) { if let Some(c) = req.headers().get(header::IF_MODIFIED_SINCE) {
let date_str = c.to_str().unwrap_or(""); let date_str = c.to_str().unwrap_or("");
if let Ok(date) = httpdate::parse_http_date(date_str) if let Ok(date) = httpdate::parse_http_date(date_str) {
&& date.add(Duration::from_secs(1)) if date.add(Duration::from_secs(1))
>= time_utils::unix_to_system_time(file.time_create as u64) >= time_utils::unix_to_system_time(file.time_create as u64)
{ {
return Ok(HttpResponse::NotModified().finish()); return Ok(HttpResponse::NotModified().finish());
}
} }
} }
} }

8
moneymgr_backend/src/controllers/movement_controller.rs
View File

@@ -64,10 +64,10 @@ pub async fn get_list_of_account(
}); });
} }
if let Some(limit) = query.limit if let Some(limit) = query.limit {
&& list.len() > limit if list.len() > limit {
{ list = list[..limit].to_vec();
list = list[..limit].to_vec(); }
} }
Ok(HttpResponse::Ok().json(list)) Ok(HttpResponse::Ok().json(list))

28
moneymgr_backend/src/extractors/auth_extractor.rs
View File

@@ -120,16 +120,16 @@ impl FromRequest for AuthExtractor {
} }
// Check IP restriction // Check IP restriction
if let Some(net) = token.ip_net() if let Some(net) = token.ip_net() {
&& !net.contains(&remote_ip.0) if !net.contains(&remote_ip.0) {
{ log::error!(
log::error!( "Trying to use token {:?} from unauthorized IP address: {remote_ip:?}",
"Trying to use token {:?} from unauthorized IP address: {remote_ip:?}", token.id()
token.id() );
); return Err(actix_web::error::ErrorForbidden(
return Err(actix_web::error::ErrorForbidden( "This token cannot be used from this IP address!",
"This token cannot be used from this IP address!", ));
)); }
} }
// Check for write access // Check for write access
@@ -163,10 +163,10 @@ impl FromRequest for AuthExtractor {
}; };
// Update last use (if needed) // Update last use (if needed)
if token.shall_update_time_used() if token.shall_update_time_used() {
&& let Err(e) = tokens_service::update_time_used(&token).await if let Err(e) = tokens_service::update_time_used(&token).await {
{ log::error!("Failed to refresh last usage of token! {e}");
log::error!("Failed to refresh last usage of token! {e}"); }
} }
// Handle tokens expiration // Handle tokens expiration

8
moneymgr_backend/src/services/inbox_service.rs
View File

@@ -23,10 +23,10 @@ impl UpdateInboxEntryQuery {
let constraints = ServerConstraints::default(); let constraints = ServerConstraints::default();
// Check inbox entry label // Check inbox entry label
if let Some(label) = &self.label if let Some(label) = &self.label {
&& !constraints.inbox_entry_label.check_str(label) if !constraints.inbox_entry_label.check_str(label) {
{ return Ok(Some("Invalid inbox entry label length!"));
return Ok(Some("Invalid inbox entry label length!")); }
} }
// Check the referenced movement // Check the referenced movement

9
moneymgr_backend/src/services/movements_service.rs
View File

@@ -55,11 +55,12 @@ impl UpdateMovementQuery {
if let Ok(movement) = if let Ok(movement) =
get_by_account_label_amount_time(self.account_id, &self.label, self.amount, self.time) get_by_account_label_amount_time(self.account_id, &self.label, self.amount, self.time)
.await .await
&& Some(movement.id()) != ref_movement
{ {
return Ok(Some( if Some(movement.id()) != ref_movement {
"A movement taken at the same time with the same label and the same amount already exists!", return Ok(Some(
)); "A movement taken at the same time with the same label and the same amount already exists!",
));
}
} }
Ok(None) Ok(None)