Can perform local authentication
This commit is contained in:
parent
bb31954b22
commit
849bf0cdfb
@ -96,6 +96,11 @@ impl AppConfig {
|
||||
secret
|
||||
}
|
||||
|
||||
/// Check out whether provided credentials are valid or not for local authentication
|
||||
pub fn check_local_login(&self, user: &str, pass: &str) -> bool {
|
||||
self.auth_username == user && self.auth_password == pass
|
||||
}
|
||||
|
||||
/// Get OpenID providers configuration
|
||||
pub fn openid_provider(&self) -> Option<OIDCProvider<'_>> {
|
||||
if self.disable_oidc {
|
||||
|
||||
31
virtweb_backend/src/controllers/auth_controller.rs
Normal file
31
virtweb_backend/src/controllers/auth_controller.rs
Normal file
@ -0,0 +1,31 @@
|
||||
use crate::app_config::AppConfig;
|
||||
use crate::extractors::auth_extractor::AuthChecker;
|
||||
use crate::extractors::local_auth_extractor::LocalAuthEnabled;
|
||||
use actix_web::{web, HttpResponse, Responder};
|
||||
|
||||
#[derive(serde::Deserialize)]
|
||||
pub struct LocalAuthReq {
|
||||
username: String,
|
||||
password: String,
|
||||
}
|
||||
|
||||
/// Perform local authentication
|
||||
pub async fn local_auth(
|
||||
local_auth_enabled: LocalAuthEnabled,
|
||||
req: web::Json<LocalAuthReq>,
|
||||
auth: AuthChecker,
|
||||
) -> impl Responder {
|
||||
if !*local_auth_enabled {
|
||||
log::error!("Local auth attempt while this authentication method is disabled!");
|
||||
return HttpResponse::UnprocessableEntity().json("Local authentication is disabled!");
|
||||
}
|
||||
|
||||
if !AppConfig::get().check_local_login(&req.username, &req.password) {
|
||||
log::error!("Local auth attempt with invalid credentials!");
|
||||
return HttpResponse::Unauthorized().json("Invalid credentials!");
|
||||
}
|
||||
|
||||
auth.authenticate(&req.username);
|
||||
|
||||
HttpResponse::Accepted().json("Welcome")
|
||||
}
|
||||
@ -1 +1,2 @@
|
||||
pub mod auth_controller;
|
||||
pub mod server_controller;
|
||||
|
||||
47
virtweb_backend/src/extractors/auth_extractor.rs
Normal file
47
virtweb_backend/src/extractors/auth_extractor.rs
Normal file
@ -0,0 +1,47 @@
|
||||
use actix_identity::Identity;
|
||||
use actix_web::dev::Payload;
|
||||
use actix_web::{Error, FromRequest, HttpMessage, HttpRequest};
|
||||
use futures_util::future::{ready, Ready};
|
||||
use std::fmt::Display;
|
||||
|
||||
pub struct AuthChecker {
|
||||
identity: Option<Identity>,
|
||||
request: HttpRequest,
|
||||
}
|
||||
|
||||
impl AuthChecker {
|
||||
/// Check whether the user is authenticated or not
|
||||
pub fn is_authenticated(&self) -> bool {
|
||||
self.identity.is_some()
|
||||
}
|
||||
|
||||
/// Authenticate the user
|
||||
pub fn authenticate(&self, username: impl Display) {
|
||||
Identity::login(&self.request.extensions(), username.to_string())
|
||||
.expect("Unable to set authentication!");
|
||||
}
|
||||
|
||||
pub fn user_name(&self) -> Option<String> {
|
||||
self.identity.as_ref().map(|i| i.id().unwrap())
|
||||
}
|
||||
|
||||
pub fn sign_out(self) {
|
||||
if let Some(i) = self.identity {
|
||||
i.logout()
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
impl FromRequest for AuthChecker {
|
||||
type Error = Error;
|
||||
type Future = Ready<Result<Self, Error>>;
|
||||
|
||||
fn from_request(req: &HttpRequest, payload: &mut Payload) -> Self::Future {
|
||||
let identity: Option<Identity> = Identity::from_request(req, payload).into_inner().ok();
|
||||
|
||||
ready(Ok(Self {
|
||||
identity,
|
||||
request: req.clone(),
|
||||
}))
|
||||
}
|
||||
}
|
||||
@ -28,6 +28,6 @@ impl FromRequest for LocalAuthEnabled {
|
||||
.headers()
|
||||
.get(&AppConfig::get().disable_auth_header_token)
|
||||
.is_some();
|
||||
return ready(Ok(Self(!has_disable_local_auth_header)));
|
||||
ready(Ok(Self(!has_disable_local_auth_header)))
|
||||
}
|
||||
}
|
||||
|
||||
@ -1 +1,2 @@
|
||||
pub mod auth_extractor;
|
||||
pub mod local_auth_extractor;
|
||||
@ -11,7 +11,7 @@ use virtweb_backend::app_config::AppConfig;
|
||||
use virtweb_backend::constants::{
|
||||
MAX_INACTIVITY_DURATION, MAX_SESSION_DURATION, SESSION_COOKIE_NAME,
|
||||
};
|
||||
use virtweb_backend::controllers::server_controller;
|
||||
use virtweb_backend::controllers::{auth_controller, server_controller};
|
||||
|
||||
#[actix_web::main]
|
||||
async fn main() -> std::io::Result<()> {
|
||||
@ -42,11 +42,17 @@ async fn main() -> std::io::Result<()> {
|
||||
.app_data(web::Data::new(RemoteIPConfig {
|
||||
proxy: AppConfig::get().proxy_ip.clone(),
|
||||
}))
|
||||
// Server controller
|
||||
.route("/", web::get().to(server_controller::root_index))
|
||||
.route(
|
||||
"/api/server/static_config",
|
||||
web::get().to(server_controller::static_config),
|
||||
)
|
||||
// Auth controller
|
||||
.route(
|
||||
"/api/auth/local",
|
||||
web::post().to(auth_controller::local_auth),
|
||||
)
|
||||
})
|
||||
.bind(&AppConfig::get().listen_address)?
|
||||
.run()
|
||||
|
||||
Loading…
Reference in New Issue
Block a user