Can disable auth

2023-09-08 09:04:48 +02:00
parent 57c023b45b
commit bd5ea1fb23
6 changed files with 15 additions and 3 deletions
--- a/virtweb_backend/src/app_config.rs
+++ b/virtweb_backend/src/app_config.rs
@ -33,6 +33,11 @@ pub struct AppConfig {
    #[arg(long, env, default_value = "admin")]
    pub auth_password: String,

+    /// Disable authentication WARNING! THIS IS UNSECURE, it was designed only for development
+    /// purpose, it should NEVER be used in production
+    #[arg(long, env)]
+    pub unsecure_disable_auth: bool,
+
    /// Disable local auth
    #[arg(long, env)]
    pub disable_local_auth: bool,
--- a/virtweb_backend/src/controllers/auth_controller.rs
+++ b/virtweb_backend/src/controllers/auth_controller.rs
@ -124,7 +124,7 @@ struct CurrentUser {
 /// Get current authenticated user
 pub async fn current_user(auth: AuthExtractor) -> impl Responder {
    HttpResponse::Ok().json(CurrentUser {
-        id: auth.id().unwrap(),
+        id: auth.id().unwrap_or_else(|| "Anonymous".to_string()),
    })
 }

--- a/virtweb_backend/src/controllers/server_controller.rs
+++ b/virtweb_backend/src/controllers/server_controller.rs
@ -11,6 +11,7 @@ pub async fn root_index() -> impl Responder {

 #[derive(serde::Serialize)]
 struct StaticConfig {
+    auth_disabled: bool,
    local_auth_enabled: bool,
    oidc_auth_enabled: bool,
    iso_mimetypes: &'static [&'static str],
@ -19,6 +20,7 @@ struct StaticConfig {

 pub async fn static_config(local_auth: LocalAuthEnabled) -> impl Responder {
    HttpResponse::Ok().json(StaticConfig {
+        auth_disabled: AppConfig::get().unsecure_disable_auth,
        local_auth_enabled: *local_auth,
        oidc_auth_enabled: !AppConfig::get().disable_oidc,
        iso_mimetypes: &constants::ALLOWED_ISO_MIME_TYPES,
--- a/virtweb_backend/src/middlewares/auth_middleware.rs
+++ b/virtweb_backend/src/middlewares/auth_middleware.rs
@ -1,6 +1,7 @@
 use std::future::{ready, Ready};
 use std::rc::Rc;

+use crate::app_config::AppConfig;
 use crate::constants;
 use crate::extractors::auth_extractor::AuthExtractor;
 use actix_web::body::EitherBody;
@ -60,8 +61,10 @@ where
        let service = Rc::clone(&self.service);

        Box::pin(async move {
+            let auth_disabled = AppConfig::get().unsecure_disable_auth;
+
            // Check authentication, if required
-            if !constants::ROUTES_WITHOUT_AUTH.contains(&req.path()) {
+            if !auth_disabled && !constants::ROUTES_WITHOUT_AUTH.contains(&req.path()) {
                let auth = match AuthExtractor::from_request(req.request(), &mut Payload::None)
                    .into_inner()
                {