Can perform local authentication

virtweb_backend/src/app_config.rs

@@ -96,6 +96,11 @@ impl AppConfig {
         secret
     }
 
+    /// Check out whether provided credentials are valid or not for local authentication
+    pub fn check_local_login(&self, user: &str, pass: &str) -> bool {
+        self.auth_username == user && self.auth_password == pass
+    }
+
     /// Get OpenID providers configuration
     pub fn openid_provider(&self) -> Option<OIDCProvider<'_>> {
         if self.disable_oidc {

virtweb_backend/src/controllers/auth_controller.rs

@@ -0,0 +1,31 @@
+use crate::app_config::AppConfig;
+use crate::extractors::auth_extractor::AuthChecker;
+use crate::extractors::local_auth_extractor::LocalAuthEnabled;
+use actix_web::{web, HttpResponse, Responder};
+
+#[derive(serde::Deserialize)]
+pub struct LocalAuthReq {
+    username: String,
+    password: String,
+}
+
+/// Perform local authentication
+pub async fn local_auth(
+    local_auth_enabled: LocalAuthEnabled,
+    req: web::Json<LocalAuthReq>,
+    auth: AuthChecker,
+) -> impl Responder {
+    if !*local_auth_enabled {
+        log::error!("Local auth attempt while this authentication method is disabled!");
+        return HttpResponse::UnprocessableEntity().json("Local authentication is disabled!");
+    }
+
+    if !AppConfig::get().check_local_login(&req.username, &req.password) {
+        log::error!("Local auth attempt with invalid credentials!");
+        return HttpResponse::Unauthorized().json("Invalid credentials!");
+    }
+
+    auth.authenticate(&req.username);
+
+    HttpResponse::Accepted().json("Welcome")
+}

virtweb_backend/src/controllers/mod.rs

@@ -1 +1,2 @@
+pub mod auth_controller;
 pub mod server_controller;

virtweb_backend/src/extractors/auth_extractor.rs

@@ -0,0 +1,47 @@
+use actix_identity::Identity;
+use actix_web::dev::Payload;
+use actix_web::{Error, FromRequest, HttpMessage, HttpRequest};
+use futures_util::future::{ready, Ready};
+use std::fmt::Display;
+
+pub struct AuthChecker {
+    identity: Option<Identity>,
+    request: HttpRequest,
+}
+
+impl AuthChecker {
+    /// Check whether the user is authenticated or not
+    pub fn is_authenticated(&self) -> bool {
+        self.identity.is_some()
+    }
+
+    /// Authenticate the user
+    pub fn authenticate(&self, username: impl Display) {
+        Identity::login(&self.request.extensions(), username.to_string())
+            .expect("Unable to set authentication!");
+    }
+
+    pub fn user_name(&self) -> Option<String> {
+        self.identity.as_ref().map(|i| i.id().unwrap())
+    }
+
+    pub fn sign_out(self) {
+        if let Some(i) = self.identity {
+            i.logout()
+        }
+    }
+}
+
+impl FromRequest for AuthChecker {
+    type Error = Error;
+    type Future = Ready<Result<Self, Error>>;
+
+    fn from_request(req: &HttpRequest, payload: &mut Payload) -> Self::Future {
+        let identity: Option<Identity> = Identity::from_request(req, payload).into_inner().ok();
+
+        ready(Ok(Self {
+            identity,
+            request: req.clone(),
+        }))
+    }
+}

virtweb_backend/src/extractors/local_auth_extractor.rs

@@ -28,6 +28,6 @@ impl FromRequest for LocalAuthEnabled {
             .headers()
             .get(&AppConfig::get().disable_auth_header_token)
             .is_some();
-        return ready(Ok(Self(!has_disable_local_auth_header)));
+        ready(Ok(Self(!has_disable_local_auth_header)))
     }
 }

virtweb_backend/src/extractors/mod.rs

@@ -1 +1,2 @@
+pub mod auth_extractor;
 pub mod local_auth_extractor;

virtweb_backend/src/main.rs

@@ -11,7 +11,7 @@ use virtweb_backend::app_config::AppConfig;
 use virtweb_backend::constants::{
     MAX_INACTIVITY_DURATION, MAX_SESSION_DURATION, SESSION_COOKIE_NAME,
 };
-use virtweb_backend::controllers::server_controller;
+use virtweb_backend::controllers::{auth_controller, server_controller};
 
 #[actix_web::main]
 async fn main() -> std::io::Result<()> {
@@ -42,11 +42,17 @@ async fn main() -> std::io::Result<()> {
             .app_data(web::Data::new(RemoteIPConfig {
                 proxy: AppConfig::get().proxy_ip.clone(),
             }))
+            // Server controller
             .route("/", web::get().to(server_controller::root_index))
             .route(
                 "/api/server/static_config",
                 web::get().to(server_controller::static_config),
             )
+            // Auth controller
+            .route(
+                "/api/auth/local",
+                web::post().to(auth_controller::local_auth),
+            )
     })
     .bind(&AppConfig::get().listen_address)?
     .run()