pierre/VirtWeb
1
0
Fork 0
Code Issues Pull Requests 4 Packages Projects Releases 5 Wiki Activity

Can sign out

Browse Source
This commit is contained in:
Pierre HUBERT
2023-09-04 15:12:00 +02:00
parent 44d565c6da
commit d67f42abc5
9 changed files with 184 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
virtweb_backend/src/app_config.rs
View File

@ -81,6 +81,18 @@ impl AppConfig {
&ARGS
}
/// Get auth cookie domain
pub fn cookie_domain(&self) -> Option<String> {
let domain = self.website_origin.split_once("://")?.1;
Some(
domain
.split_once(':')
.map(|s| s.0)
.unwrap_or(domain)
.to_string(),
)
}
/// Get app secret
pub fn secret(&self) -> &str {
let mut secret = self.secret.as_str();

4
virtweb_backend/src/main.rs
View File

@ -34,6 +34,8 @@ async fn main() -> std::io::Result<()> {
.cookie_name(SESSION_COOKIE_NAME.to_string())
.cookie_secure(AppConfig::get().cookie_secure)
.cookie_same_site(SameSite::Strict)
.cookie_domain(AppConfig::get().cookie_domain())
.cookie_http_only(true)
.build();
let identity_middleware = IdentityMiddleware::builder()
@ -51,11 +53,11 @@ async fn main() -> std::io::Result<()> {
.max_age(3600);
App::new()
.wrap(cors)
.wrap(Logger::default())
.wrap(AuthChecker)
.wrap(identity_middleware)
.wrap(session_mw)
.wrap(cors)
.app_data(state_manager.clone())
.app_data(Data::new(RemoteIPConfig {
proxy: AppConfig::get().proxy_ip.clone(),

6
virtweb_backend/src/middlewares/auth_middleware.rs
View File

@ -71,7 +71,7 @@ where
"Failed to extract authentication information from request! {e}"
);
return Ok(req
.into_response(HttpResponse::InternalServerError().finish())
.into_response(HttpResponse::PreconditionFailed().finish())
.map_into_right_body());
}
};
@ -81,7 +81,9 @@ where
"User attempted to access privileged route without authentication!"
);
return Ok(req
.into_response(HttpResponse::Unauthorized().json("Please authenticate!"))
.into_response(
HttpResponse::PreconditionFailed().json("Please authenticate!"),
)
.map_into_right_body());
}
}