Add API tokens support (#9)

Make it possible to create token authorized to query predetermined set of routes. Reviewed-on: #9 Co-authored-by: Pierre HUBERT <pierre.git@communiquons.org> Co-committed-by: Pierre HUBERT <pierre.git@communiquons.org>
2024-04-23 17:04:43 +00:00
parent 149e3f4d72
commit c7de64cc02
33 changed files with 2686 additions and 60 deletions
--- a/virtweb_backend/src/main.rs
+++ b/virtweb_backend/src/main.rs
@ -22,8 +22,8 @@ use virtweb_backend::constants::{
    MAX_INACTIVITY_DURATION, MAX_SESSION_DURATION, SESSION_COOKIE_NAME,
 };
 use virtweb_backend::controllers::{
-    auth_controller, iso_controller, network_controller, nwfilter_controller, server_controller,
-    static_controller, vm_controller,
+    api_tokens_controller, auth_controller, iso_controller, network_controller,
+    nwfilter_controller, server_controller, static_controller, vm_controller,
 };
 use virtweb_backend::libvirt_client::LibVirtClient;
 use virtweb_backend::middlewares::auth_middleware::AuthChecker;
@ -50,6 +50,7 @@ async fn main() -> std::io::Result<()> {
    files_utils::create_directory_if_missing(AppConfig::get().disks_storage_path()).unwrap();
    files_utils::create_directory_if_missing(AppConfig::get().nat_path()).unwrap();
    files_utils::create_directory_if_missing(AppConfig::get().definitions_path()).unwrap();
+    files_utils::create_directory_if_missing(AppConfig::get().api_tokens_path()).unwrap();

    let conn = Data::new(LibVirtClient(
        LibVirtActor::connect()
@ -84,7 +85,7 @@ async fn main() -> std::io::Result<()> {

        let mut cors = Cors::default()
            .allowed_origin(&AppConfig::get().website_origin)
-            .allowed_methods(vec!["GET", "POST", "DELETE", "PUT"])
+            .allowed_methods(vec!["GET", "POST", "DELETE", "PUT", "PATCH"])
            .allowed_headers(vec![header::AUTHORIZATION, header::ACCEPT])
            .allowed_header(header::CONTENT_TYPE)
            .supports_credentials()
@ -276,6 +277,27 @@ async fn main() -> std::io::Result<()> {
                "/api/nwfilter/{uid}",
                web::delete().to(nwfilter_controller::delete),
            )
+            // API tokens controller
+            .route(
+                "/api/token/create",
+                web::post().to(api_tokens_controller::create),
+            )
+            .route(
+                "/api/token/list",
+                web::get().to(api_tokens_controller::list),
+            )
+            .route(
+                "/api/token/{uid}",
+                web::get().to(api_tokens_controller::get_single),
+            )
+            .route(
+                "/api/token/{uid}",
+                web::patch().to(api_tokens_controller::update),
+            )
+            .route(
+                "/api/token/{uid}",
+                web::delete().to(api_tokens_controller::delete),
+            )
            // Static assets
            .route("/", web::get().to(static_controller::root_index))
            .route(