Can perform local authentication
This commit is contained in:
parent
bb31954b22
commit
849bf0cdfb
@ -96,6 +96,11 @@ impl AppConfig {
|
|||||||
secret
|
secret
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/// Check out whether provided credentials are valid or not for local authentication
|
||||||
|
pub fn check_local_login(&self, user: &str, pass: &str) -> bool {
|
||||||
|
self.auth_username == user && self.auth_password == pass
|
||||||
|
}
|
||||||
|
|
||||||
/// Get OpenID providers configuration
|
/// Get OpenID providers configuration
|
||||||
pub fn openid_provider(&self) -> Option<OIDCProvider<'_>> {
|
pub fn openid_provider(&self) -> Option<OIDCProvider<'_>> {
|
||||||
if self.disable_oidc {
|
if self.disable_oidc {
|
||||||
|
31
virtweb_backend/src/controllers/auth_controller.rs
Normal file
31
virtweb_backend/src/controllers/auth_controller.rs
Normal file
@ -0,0 +1,31 @@
|
|||||||
|
use crate::app_config::AppConfig;
|
||||||
|
use crate::extractors::auth_extractor::AuthChecker;
|
||||||
|
use crate::extractors::local_auth_extractor::LocalAuthEnabled;
|
||||||
|
use actix_web::{web, HttpResponse, Responder};
|
||||||
|
|
||||||
|
#[derive(serde::Deserialize)]
|
||||||
|
pub struct LocalAuthReq {
|
||||||
|
username: String,
|
||||||
|
password: String,
|
||||||
|
}
|
||||||
|
|
||||||
|
/// Perform local authentication
|
||||||
|
pub async fn local_auth(
|
||||||
|
local_auth_enabled: LocalAuthEnabled,
|
||||||
|
req: web::Json<LocalAuthReq>,
|
||||||
|
auth: AuthChecker,
|
||||||
|
) -> impl Responder {
|
||||||
|
if !*local_auth_enabled {
|
||||||
|
log::error!("Local auth attempt while this authentication method is disabled!");
|
||||||
|
return HttpResponse::UnprocessableEntity().json("Local authentication is disabled!");
|
||||||
|
}
|
||||||
|
|
||||||
|
if !AppConfig::get().check_local_login(&req.username, &req.password) {
|
||||||
|
log::error!("Local auth attempt with invalid credentials!");
|
||||||
|
return HttpResponse::Unauthorized().json("Invalid credentials!");
|
||||||
|
}
|
||||||
|
|
||||||
|
auth.authenticate(&req.username);
|
||||||
|
|
||||||
|
HttpResponse::Accepted().json("Welcome")
|
||||||
|
}
|
@ -1 +1,2 @@
|
|||||||
|
pub mod auth_controller;
|
||||||
pub mod server_controller;
|
pub mod server_controller;
|
||||||
|
47
virtweb_backend/src/extractors/auth_extractor.rs
Normal file
47
virtweb_backend/src/extractors/auth_extractor.rs
Normal file
@ -0,0 +1,47 @@
|
|||||||
|
use actix_identity::Identity;
|
||||||
|
use actix_web::dev::Payload;
|
||||||
|
use actix_web::{Error, FromRequest, HttpMessage, HttpRequest};
|
||||||
|
use futures_util::future::{ready, Ready};
|
||||||
|
use std::fmt::Display;
|
||||||
|
|
||||||
|
pub struct AuthChecker {
|
||||||
|
identity: Option<Identity>,
|
||||||
|
request: HttpRequest,
|
||||||
|
}
|
||||||
|
|
||||||
|
impl AuthChecker {
|
||||||
|
/// Check whether the user is authenticated or not
|
||||||
|
pub fn is_authenticated(&self) -> bool {
|
||||||
|
self.identity.is_some()
|
||||||
|
}
|
||||||
|
|
||||||
|
/// Authenticate the user
|
||||||
|
pub fn authenticate(&self, username: impl Display) {
|
||||||
|
Identity::login(&self.request.extensions(), username.to_string())
|
||||||
|
.expect("Unable to set authentication!");
|
||||||
|
}
|
||||||
|
|
||||||
|
pub fn user_name(&self) -> Option<String> {
|
||||||
|
self.identity.as_ref().map(|i| i.id().unwrap())
|
||||||
|
}
|
||||||
|
|
||||||
|
pub fn sign_out(self) {
|
||||||
|
if let Some(i) = self.identity {
|
||||||
|
i.logout()
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
impl FromRequest for AuthChecker {
|
||||||
|
type Error = Error;
|
||||||
|
type Future = Ready<Result<Self, Error>>;
|
||||||
|
|
||||||
|
fn from_request(req: &HttpRequest, payload: &mut Payload) -> Self::Future {
|
||||||
|
let identity: Option<Identity> = Identity::from_request(req, payload).into_inner().ok();
|
||||||
|
|
||||||
|
ready(Ok(Self {
|
||||||
|
identity,
|
||||||
|
request: req.clone(),
|
||||||
|
}))
|
||||||
|
}
|
||||||
|
}
|
@ -28,6 +28,6 @@ impl FromRequest for LocalAuthEnabled {
|
|||||||
.headers()
|
.headers()
|
||||||
.get(&AppConfig::get().disable_auth_header_token)
|
.get(&AppConfig::get().disable_auth_header_token)
|
||||||
.is_some();
|
.is_some();
|
||||||
return ready(Ok(Self(!has_disable_local_auth_header)));
|
ready(Ok(Self(!has_disable_local_auth_header)))
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -1 +1,2 @@
|
|||||||
|
pub mod auth_extractor;
|
||||||
pub mod local_auth_extractor;
|
pub mod local_auth_extractor;
|
@ -11,7 +11,7 @@ use virtweb_backend::app_config::AppConfig;
|
|||||||
use virtweb_backend::constants::{
|
use virtweb_backend::constants::{
|
||||||
MAX_INACTIVITY_DURATION, MAX_SESSION_DURATION, SESSION_COOKIE_NAME,
|
MAX_INACTIVITY_DURATION, MAX_SESSION_DURATION, SESSION_COOKIE_NAME,
|
||||||
};
|
};
|
||||||
use virtweb_backend::controllers::server_controller;
|
use virtweb_backend::controllers::{auth_controller, server_controller};
|
||||||
|
|
||||||
#[actix_web::main]
|
#[actix_web::main]
|
||||||
async fn main() -> std::io::Result<()> {
|
async fn main() -> std::io::Result<()> {
|
||||||
@ -42,11 +42,17 @@ async fn main() -> std::io::Result<()> {
|
|||||||
.app_data(web::Data::new(RemoteIPConfig {
|
.app_data(web::Data::new(RemoteIPConfig {
|
||||||
proxy: AppConfig::get().proxy_ip.clone(),
|
proxy: AppConfig::get().proxy_ip.clone(),
|
||||||
}))
|
}))
|
||||||
|
// Server controller
|
||||||
.route("/", web::get().to(server_controller::root_index))
|
.route("/", web::get().to(server_controller::root_index))
|
||||||
.route(
|
.route(
|
||||||
"/api/server/static_config",
|
"/api/server/static_config",
|
||||||
web::get().to(server_controller::static_config),
|
web::get().to(server_controller::static_config),
|
||||||
)
|
)
|
||||||
|
// Auth controller
|
||||||
|
.route(
|
||||||
|
"/api/auth/local",
|
||||||
|
web::post().to(auth_controller::local_auth),
|
||||||
|
)
|
||||||
})
|
})
|
||||||
.bind(&AppConfig::get().listen_address)?
|
.bind(&AppConfig::get().listen_address)?
|
||||||
.run()
|
.run()
|
||||||
|
Loading…
Reference in New Issue
Block a user