use actix_cors::Cors; use actix_identity::config::LogoutBehaviour; use actix_identity::IdentityMiddleware; use actix_remote_ip::RemoteIPConfig; use actix_session::storage::CookieSessionStore; use actix_session::SessionMiddleware; use actix_web::cookie::{Key, SameSite}; use actix_web::middleware::Logger; use actix_web::web::Data; use actix_web::{web, App, HttpServer}; use light_openid::basic_state_manager::BasicStateManager; use remote_backend::app_config::AppConfig; use remote_backend::constants; use remote_backend::controllers::{auth_controller, server_controller, vm_controller}; use remote_backend::middlewares::auth_middleware::AuthChecker; use std::time::Duration; #[actix_web::main] async fn main() -> std::io::Result<()> { env_logger::init_from_env(env_logger::Env::new().default_filter_or("info")); let state_manager = Data::new(BasicStateManager::new()); HttpServer::new(move || { let session_mw = SessionMiddleware::builder( CookieSessionStore::default(), Key::from(AppConfig::get().secret().as_bytes()), ) .cookie_name(constants::SESSION_COOKIE_NAME.to_string()) .cookie_secure(AppConfig::get().cookie_secure) .cookie_same_site(SameSite::Strict) .cookie_domain(AppConfig::get().cookie_domain()) .cookie_http_only(true) .build(); let identity_middleware = IdentityMiddleware::builder() .logout_behaviour(LogoutBehaviour::PurgeSession) .visit_deadline(Some(Duration::from_secs( constants::MAX_INACTIVITY_DURATION, ))) .login_deadline(Some(Duration::from_secs(constants::MAX_SESSION_DURATION))) .build(); let cors = Cors::default() .allowed_origin(&AppConfig::get().website_origin) .allowed_methods(vec!["GET", "POST", "PUT", "PATCH", "DELETE"]) .allowed_header("X-Auth-Token") .allow_any_header() .supports_credentials() .max_age(3600); App::new() .wrap(Logger::default()) .wrap(AuthChecker) .wrap(identity_middleware) .wrap(session_mw) .wrap(cors) .app_data(state_manager.clone()) .app_data(Data::new(RemoteIPConfig { proxy: AppConfig::get().proxy_ip.clone(), })) .route( "/api/server/config", web::get().to(server_controller::config), ) .route( "/api/auth/start_oidc", web::get().to(auth_controller::start_oidc), ) .route( "/api/auth/finish_oidc", web::post().to(auth_controller::finish_oidc), ) .route( "/api/auth/user", web::get().to(auth_controller::current_user), ) .route( "/api/auth/sign_out", web::get().to(auth_controller::sign_out), ) .route("/api/vm/list", web::get().to(vm_controller::list)) }) .bind(&AppConfig::get().listen_address)? .run() .await }