pierre/VirtWeb
1
0
Fork 0
Code Issues Pull Requests3 Packages Projects Releases5 Wiki Activity

Add session system

Browse Source
This commit is contained in:
Pierre HUBERT
2023-09-02 09:12:36 +02:00
parent 0ac1480572
commit 129d23f671
7 changed files with 260 additions and 17 deletions

15
virtweb_backend/src/app_config.rs

@@ -20,6 +20,10 @@ pub struct AppConfig {
#[clap(long, env, default_value = "")]
secret: String,
/// Specify whether the cookie should be transmitted only over secure connections
#[clap(long, env)]
pub cookie_secure: bool,
/// Auth username
#[arg(long, env, default_value = "admin")]
pub auth_username: String,
@@ -38,13 +42,12 @@ pub struct AppConfig {
/// URL where the OpenID configuration can be found
#[arg(
long,
env,
default_value = "http://localhost:9001/.well-known/openid-configuration"
long,
env,
default_value = "http://localhost:9001/.well-known/openid-configuration"
)]
pub oidc_configuration_url: String,
/// Disable OpenID authentication
#[arg(long, env)]
pub disable_oidc: bool,
@@ -83,11 +86,11 @@ impl AppConfig {
let mut secret = self.secret.as_str();
if cfg!(debug_assertions) && secret.is_empty() {
secret = "DEBUGKEYDEBUGKEYDEBUGKEYDEBUGKEYDEBUGKEY";
secret = "DEBUGKEYDEBUGKEYDEBUGKEYDEBUGKEYDEBUGKEYDEBUGKEYDEBUGKEYDEBUGKEY";
}
if secret.is_empty() {
panic!("SECRET is undefined or too short (min 30 chars)!")
panic!("SECRET is undefined or too short (min 64 chars)!")
}
secret

8
virtweb_backend/src/constants.rs Normal file

@@ -0,0 +1,8 @@
/// Name of the cookie that contains session information
pub const SESSION_COOKIE_NAME: &str = "X-auth-token";
/// Maximum session duration after inactivity, in seconds
pub const MAX_INACTIVITY_DURATION: u64 = 60 * 30;
/// Maximum session duration (6 hours)
pub const MAX_SESSION_DURATION: u64 = 3600 * 6;

2
virtweb_backend/src/controllers/mod.rs

@@ -1 +1 @@
pub mod server_controller;
pub mod server_controller;

3
virtweb_backend/src/lib.rs

@@ -1,2 +1,3 @@
pub mod app_config;
pub mod controllers;
pub mod constants;
pub mod controllers;

38
virtweb_backend/src/main.rs

@@ -1,7 +1,16 @@
use actix_identity::config::LogoutBehaviour;
use actix_identity::IdentityMiddleware;
use actix_remote_ip::RemoteIPConfig;
use actix_web::{App, HttpServer, web};
use virtweb_backend::app_config::AppConfig;
use actix_session::storage::CookieSessionStore;
use actix_session::SessionMiddleware;
use actix_web::cookie::{Key, SameSite};
use actix_web::middleware::Logger;
use actix_web::{web, App, HttpServer};
use std::time::Duration;
use virtweb_backend::app_config::AppConfig;
use virtweb_backend::constants::{
MAX_INACTIVITY_DURATION, MAX_SESSION_DURATION, SESSION_COOKIE_NAME,
};
use virtweb_backend::controllers::server_controller;
#[actix_web::main]
@@ -11,14 +20,31 @@ async fn main() -> std::io::Result<()> {
log::info!("Start to listen on {}", AppConfig::get().listen_address);
HttpServer::new(|| {
let session_mw = SessionMiddleware::builder(
CookieSessionStore::default(),
Key::from(AppConfig::get().secret().as_bytes()),
)
.cookie_name(SESSION_COOKIE_NAME.to_string())
.cookie_secure(AppConfig::get().cookie_secure)
.cookie_same_site(SameSite::Strict)
.build();
let identity_middleware = IdentityMiddleware::builder()
.logout_behaviour(LogoutBehaviour::PurgeSession)
.visit_deadline(Some(Duration::from_secs(MAX_INACTIVITY_DURATION)))
.login_deadline(Some(Duration::from_secs(MAX_SESSION_DURATION)))
.build();
App::new()
.wrap(Logger::default())
.wrap(identity_middleware)
.wrap(session_mw)
.app_data(web::Data::new(RemoteIPConfig {
proxy: AppConfig::get().proxy_ip.clone()
proxy: AppConfig::get().proxy_ip.clone(),
}))
.route("/", web::get().to(server_controller::root_index))
})
.bind(&AppConfig::get().listen_address)?
.run()
.await
.bind(&AppConfig::get().listen_address)?
.run()
.await
}