Compare commits
96 Commits
f015a0deed
...
main
| Author | SHA1 | Date | |
|---|---|---|---|
|
d5eba9620c
|
|||
|
39afdd83a7
|
|||
|
34b887730a
|
|||
|
f2dc4c908e
|
|||
|
219f1f5e7d
|
|||
|
102387fdad
|
|||
|
87bd1b50a9
|
|||
|
c8cd4b95dc
|
|||
|
8348277a87
|
|||
|
e7c43e7a47
|
|||
|
4bacbfd1ab
|
|||
|
fa9ea95657
|
|||
|
3ec07c0469
|
|||
|
f41f4f8d80
|
|||
|
c9b7bbfece
|
|||
|
9de0b13ee8
|
|||
|
8b00db60eb
|
|||
|
69eb3a5e80
|
|||
|
7133e53536
|
|||
|
ebfe18aca2
|
|||
|
843572b487
|
|||
|
2cbc6aeaff
|
|||
|
f84e51d13a
|
|||
|
4e03be050a
|
|||
|
32699fcf9b
|
|||
|
b0d5c45caf
|
|||
|
280d63ed71
|
|||
|
8da7f1ab66
|
|||
|
3527892cfd
|
|||
|
4466396259
|
|||
|
142182af74
|
|||
|
0463714882
|
|||
|
62a7103423
|
|||
|
d028636e43
|
|||
|
7ca7056fac
|
|||
|
ab90cd81f9
|
|||
|
04ca8abce9
|
|||
|
08fc3995e5
|
|||
|
4b2fb25c6d
|
|||
|
17ea0ee46a
|
|||
|
1b5a5125a7
|
|||
|
978c9c4202
|
|||
|
7fc0513efc
|
|||
|
f2a1296454
|
|||
|
d52c4cbe9e
|
|||
|
1282c2b8b5
|
|||
|
f7f4fd2813
|
|||
|
46ce08e02f
|
|||
|
8a049edeeb
|
|||
|
0b7e25c792
|
|||
|
554ae23175
|
|||
|
87aa18b7cc
|
|||
|
86291f1eb5
|
|||
|
f8e2dad58a
|
|||
|
2b800c2df4
|
|||
|
9e3d534190
|
|||
|
d74479851f
|
|||
|
4ecbf6da15
|
|||
|
674b58e290
|
|||
|
ef9f88e72c
|
|||
|
97cf3f62ad
|
|||
|
3677b6adfa
|
|||
|
ca8c96306f
|
|||
|
f4f1e4b96f
|
|||
|
1bf5c0f2da
|
|||
|
773d8dffd1
|
|||
|
fb3afaf31c
|
|||
|
3fae599c6f
|
|||
|
a40fc81d0e
|
|||
|
cc468b5b14
|
|||
|
655afa77ac
|
|||
|
91c79d124a
|
|||
|
81d8a96d59
|
|||
|
f9c6f1afd1
|
|||
|
598215e50e
|
|||
|
dfa75b97ca
|
|||
|
1b8d382906
|
|||
|
e38fa9ac0e
|
|||
|
5f910d77ca
|
|||
|
329bbb411b
|
|||
|
345e1cc565
|
|||
|
a6b635fef0
|
|||
|
3c58192957
|
|||
|
c438e60e24
|
|||
|
3640039168
|
|||
|
9fd716c752
|
|||
|
f159e12400
|
|||
|
d16a66a2f5
|
|||
|
1cf1bfcfbc
|
|||
|
ff2aba4ec4
|
|||
|
557489c5ed
|
|||
|
aba4556144
|
|||
|
749b5e7864
|
|||
|
2b5f9d011f
|
|||
|
5f8d96b6ae
|
|||
|
7c2c76ebd5
|
11
.gitignore
vendored
11
.gitignore
vendored
@@ -7,3 +7,14 @@
|
||||
/result
|
||||
|
||||
.env
|
||||
|
||||
# Anything the config crate looks for
|
||||
config.ini
|
||||
config.json
|
||||
config.json5
|
||||
config.ron
|
||||
config.toml
|
||||
config.yaml
|
||||
config.yml
|
||||
|
||||
/migrations/.diesel_lock
|
||||
|
||||
1015
Cargo.lock
generated
1015
Cargo.lock
generated
File diff suppressed because it is too large
Load Diff
30
Cargo.toml
30
Cargo.toml
@@ -9,13 +9,24 @@ edition = "2024"
|
||||
build = "src/build.rs"
|
||||
|
||||
[dependencies]
|
||||
diesel = { version = "2.3.10", optional = true, features = [ "postgres" ] }
|
||||
diesel_migrations = { version = "2.3.2", optional = true, features = [ "postgres" ] }
|
||||
axum-login = { version = "0.18.0", optional = true }
|
||||
cfg-if = "1.0.4"
|
||||
chrono = { version = "0.4.45", features = ["serde"] }
|
||||
config = { version = "0.15.24", optional = true }
|
||||
diesel = { version = "2.3.10", optional = true, features = ["chrono"] }
|
||||
diesel-async = { version = "0.9.1", optional = true, features = ["postgres", "deadpool", "migrations"] }
|
||||
diesel_migrations = { version = "2.3.2", optional = true }
|
||||
dioxus = { version = "0.7.9", features = ["router", "fullstack"] }
|
||||
dioxus-html = "0.7.9"
|
||||
dotenvy = { version = "0.15.7", optional = true }
|
||||
lucide-dioxus = "3.11.0"
|
||||
fred = { version = "10.1.0", optional = true }
|
||||
lucide-dioxus = { version = "3.11.0", features = ["notifications", "account"] }
|
||||
pbkdf2 = { version = "0.13.0", optional = true, features = ["getrandom", "phc"] }
|
||||
rand = "0.10.1"
|
||||
serde = { version = "1.0.228", features = ["derive"] }
|
||||
thiserror = "2.0.18"
|
||||
tower-http = { version = "0.7.0", optional = true, features = ["fs"] }
|
||||
tower-sessions-redis-store = { version = "0.16.0", optional = true }
|
||||
tracing = "0.1.44"
|
||||
|
||||
[features]
|
||||
@@ -23,11 +34,24 @@ default = ["web"]
|
||||
web = ["dioxus/web"]
|
||||
server = [
|
||||
"dioxus/server",
|
||||
"dep:axum-login",
|
||||
"dep:config",
|
||||
"dep:diesel",
|
||||
"dep:diesel-async",
|
||||
"dep:diesel_migrations",
|
||||
"dep:dotenvy",
|
||||
"dep:fred",
|
||||
"dep:pbkdf2",
|
||||
"dep:tower-http",
|
||||
"dep:tower-sessions-redis-store",
|
||||
]
|
||||
|
||||
# Disabled until supported
|
||||
# desktop = ["dioxus/desktop"]
|
||||
# mobile = ["dioxus/mobile"]
|
||||
|
||||
# Enable wasm_js in getrandom when building for wasm32
|
||||
# This is a workaround for rand not exposing a wasm_js target
|
||||
# https://github.com/rust-random/rand/issues/1694#issuecomment-3846362044
|
||||
[target.'cfg(all(target_arch = "wasm32", target_os = "unknown"))'.dependencies]
|
||||
getrandom = { version = "0.4.3", features = ["wasm_js"] }
|
||||
|
||||
BIN
assets/favicon.ico
Normal file
BIN
assets/favicon.ico
Normal file
Binary file not shown.
|
After Width: | Height: | Size: 121 KiB |
1
assets/logo.svg
Normal file
1
assets/logo.svg
Normal file
@@ -0,0 +1 @@
|
||||
<?xml version="1.0" encoding="UTF-8" standalone="no"?> <svg viewBox="0 0 254 254" version="1.1" xml:space="preserve" xmlns="http://www.w3.org/2000/svg" xmlns:svg="http://www.w3.org/2000/svg"><clipPath clipPathUnits="userSpaceOnUse" id="clippath"><path fill="#4032a8" d="m 9.028871e-5,480.0001 v 0 C 9.028871e-5,214.90342 214.90341,1.0022047e-4 480.00009,1.0022047e-4 v 0 c 127.30393,0 249.39377,50.57128477953 339.41122,140.58874977953 90.01752,90.01746 140.58875,212.10733 140.58875,339.41125 v 0 c 0,265.09665 -214.90332,479.99997 -479.99997,479.99997 v 0 C 214.90341,960.00007 9.028871e-5,745.09675 9.028871e-5,480.0001 Z" fill-rule="evenodd" style="display:inline;fill:#4032a8;fill-opacity:.495496"/></clipPath><g><g style="fill:none;stroke:none;stroke-linecap:square;stroke-miterlimit:10" transform="matrix(0.26458333,0,0,0.26458333,0,4.5672766)"><g clip-path="url(#p.0)" transform="translate(0,-17.262248)"><path fill="#4032a8" d="m 9.028871e-5,480.0001 v 0 C 9.028871e-5,214.90342 214.90341,1e-4 480.00009,1e-4 v 0 c 127.30393,0 249.39377,50.571285 339.41122,140.58875 90.01752,90.01746 140.58875,212.10733 140.58875,339.41125 v 0 c 0,265.09665 -214.90332,479.99997 -479.99997,479.99997 v 0 C 214.90341,960.00007 9.028871e-5,745.09675 9.028871e-5,480.0001 Z" fill-rule="evenodd"/><path stroke="#ffffff" stroke-width="4" stroke-linejoin="round" stroke-linecap="butt" d="m 60.00009,480.0001 v 0 c 0,-231.9596 188.0404,-420 420,-420 v 0 c 111.3909,0 218.21957,44.24988 296.98483,123.01516 78.76532,78.76527 123.01514,185.59392 123.01514,296.98486 v 0 c 0,231.95956 -188.0404,419.99997 -419.99997,419.99997 v 0 c -231.9596,0 -420,-188.0404 -420,-419.99997 z" fill-rule="evenodd" style="stroke-width:10.6666668;stroke-dasharray:none"/><path stroke="#ffffff" stroke-width="4" stroke-linejoin="round" stroke-linecap="butt" d="m 120.00009,480.0001 v 0 c 0,-198.82251 161.17749,-360 360,-360 v 0 c 95.47794,0 187.04532,37.92846 254.55844,105.44157 67.51312,67.51309 105.44153,159.0805 105.44153,254.55844 v 0 c 0,198.82248 -161.17749,359.99997 -359.99997,359.99997 v 0 c -198.82251,0 -360,-161.17749 -360,-359.99997 z" fill-rule="evenodd" style="stroke-width:10.6666668;stroke-dasharray:none"/><path fill="#ffffff" d="m 319.01666,480.00092 v 0 c 0,-88.90915 72.0751,-160.98425 160.98425,-160.98425 v 0 c 42.69568,0 83.64264,16.96078 113.83307,47.15121 30.19037,30.1904 47.15118,71.13736 47.15118,113.83304 v 0 c 0,88.90918 -72.07507,160.98425 -160.98425,160.98425 v 0 c -88.90915,0 -160.98425,-72.07507 -160.98425,-160.98425 z" fill-rule="evenodd" style="display:inline"/><path stroke="#ffffff" stroke-width="4" stroke-linejoin="round" stroke-linecap="butt" d="m 180.00009,480.0001 v 0 c 0,-165.68542 134.31458,-300 300,-300 v 0 c 79.56497,0 155.87112,31.60704 212.13205,87.86795 56.26092,56.26092 87.86792,132.56711 87.86792,212.13205 v 0 c 0,165.6854 -134.31458,299.99997 -299.99997,299.99997 v 0 c -165.68542,0 -300,-134.31458 -300,-299.99997 z" fill-rule="evenodd" style="stroke-width:10.6666668;stroke-dasharray:none"/><path fill="#ffffff" d="M 427.60658,-273.65095 504.05265,93.386828 478.34507,135.07715 570.21183,450.80446 544.78065,501.65549 662.47712,1028.614 477.52388,620.42282 508.81779,566.37301 393.66837,305.06321 429.7686,227.61648 308.24258,-46.542095 Z" fill-rule="evenodd" style="stroke-width:1.16873" clip-path="url(#clippath)"/></g></g></g></svg>
|
||||
|
After Width: | Height: | Size: 3.3 KiB |
@@ -85,6 +85,8 @@
|
||||
tailwindcss_4
|
||||
postgresql
|
||||
];
|
||||
|
||||
rev = if builtins.hasAttr "rev" self then self.rev else self.dirtyRev;
|
||||
in
|
||||
rec {
|
||||
devShells.default = pkgs.mkShell {
|
||||
@@ -104,6 +106,7 @@
|
||||
|
||||
DAISYUI_PATH = "${daisyui}";
|
||||
DAISYUI_THEME_PATH = "${daisyui-theme}";
|
||||
GIT_REV = rev;
|
||||
|
||||
cargoLock.lockFile = ./Cargo.lock;
|
||||
|
||||
|
||||
@@ -0,0 +1,2 @@
|
||||
DROP INDEX users_username_idx;
|
||||
DROP TABLE users;
|
||||
@@ -0,0 +1,8 @@
|
||||
CREATE TABLE users (
|
||||
id INTEGER PRIMARY KEY UNIQUE NOT NULL GENERATED ALWAYS AS IDENTITY,
|
||||
username VARCHAR UNIQUE NOT NULL,
|
||||
hashed_password VARCHAR NOT NULL,
|
||||
created_at TIMESTAMPTZ NOT NULL DEFAULT NOW()
|
||||
);
|
||||
|
||||
CREATE UNIQUE INDEX users_username_idx ON users(username);
|
||||
94
src/api/auth.rs
Normal file
94
src/api/auth.rs
Normal file
@@ -0,0 +1,94 @@
|
||||
use dioxus::prelude::*;
|
||||
|
||||
use crate::models::user::{User, UserCredentials};
|
||||
use crate::util::error::Result;
|
||||
|
||||
cfg_if::cfg_if! {
|
||||
if #[cfg(feature = "server")] {
|
||||
|
||||
use dioxus::server::axum::Extension;
|
||||
|
||||
use crate::server::{auth::{AuthSession, create_user}, config::Config, database::DbPool};
|
||||
use crate::util::error::{AuthError, Contextualize, Error, ErrorType};
|
||||
|
||||
}
|
||||
}
|
||||
|
||||
#[post("/api/v1/auth/signup", mut auth: Extension<AuthSession>, db_pool: Extension<DbPool>, config: Extension<Config>)]
|
||||
pub async fn signup(credentials: UserCredentials) -> Result<User> {
|
||||
if !config.auth.open_signup {
|
||||
return Err(Error::message_here("Signup is disabled"));
|
||||
}
|
||||
|
||||
// Don't allow signup when already logged in
|
||||
if auth.user.is_some() {
|
||||
return Err(Error::message_here("Log out before creating an account"));
|
||||
}
|
||||
|
||||
let hashed_creds = credentials
|
||||
.try_hash()
|
||||
.map_err(|e| Error::message_here(e.to_string()))
|
||||
.err_context("Error hashing new user credentials")?;
|
||||
|
||||
let mut db_conn = db_pool
|
||||
.get()
|
||||
.await
|
||||
.err_context("Failed to get database pool connection")?;
|
||||
|
||||
let new_user = create_user(&mut db_conn, &hashed_creds)
|
||||
.await
|
||||
.err_context("Error creating user")?;
|
||||
|
||||
// Don't return this to the client, logging in immediately isn't strictly necessary
|
||||
if let Err(e) = auth.login(&new_user).await {
|
||||
tracing::warn!("Failed to log in user after creating: {e}");
|
||||
}
|
||||
|
||||
Ok(new_user.into())
|
||||
}
|
||||
|
||||
#[post("/api/v1/auth/login", mut auth: Extension<AuthSession>)]
|
||||
pub async fn login(credentials: UserCredentials) -> Result<User> {
|
||||
let db_user = match auth.authenticate(credentials).await {
|
||||
Ok(Some(db_user)) => Ok(db_user),
|
||||
Ok(None) => Err(Error::new_here(ErrorType::Auth(
|
||||
AuthError::InvalidCredentials,
|
||||
))),
|
||||
Err(axum_login::Error::Session(e)) => Err(Error::new_here(ErrorType::Auth(
|
||||
AuthError::Error(format!("Session error: {e}")),
|
||||
))),
|
||||
Err(axum_login::Error::Backend(e)) => Err(e),
|
||||
}
|
||||
.err_context("Error authenticating")?;
|
||||
|
||||
auth.login(&db_user)
|
||||
.await
|
||||
.map_err(|e| Error::new_here(ErrorType::Auth(AuthError::Error(e.to_string()))))
|
||||
.err_context("Error logging in")?;
|
||||
|
||||
Ok(db_user.into())
|
||||
}
|
||||
|
||||
#[post("/api/v1/auth/logout", mut auth: Extension<AuthSession>)]
|
||||
pub async fn logout() -> Result<()> {
|
||||
match auth.logout().await {
|
||||
Ok(_) => Ok(()),
|
||||
Err(axum_login::Error::Session(e)) => Err(Error::new_here(ErrorType::Auth(
|
||||
AuthError::Error(format!("Session error: {e}")),
|
||||
))),
|
||||
Err(axum_login::Error::Backend(e)) => Err(e),
|
||||
}
|
||||
.err_context("Error logging out")
|
||||
}
|
||||
|
||||
/// Retrieve the currently logged-in user, or `None` if unauthenticated
|
||||
#[get("/api/v1/auth/user", auth: Extension<AuthSession>)]
|
||||
pub async fn get_user() -> Result<Option<User>> {
|
||||
Ok(auth.user.clone().map(Into::into))
|
||||
}
|
||||
|
||||
/// Check if open signup is enabled
|
||||
#[get("/api/v1/auth/open-signup", config: Extension<Config>)]
|
||||
pub async fn open_signup() -> Result<bool> {
|
||||
Ok(config.auth.open_signup)
|
||||
}
|
||||
@@ -1 +1 @@
|
||||
|
||||
pub mod auth;
|
||||
|
||||
32
src/app.rs
Normal file
32
src/app.rs
Normal file
@@ -0,0 +1,32 @@
|
||||
use dioxus::prelude::*;
|
||||
|
||||
pub const LOGO_SVG: Asset = asset!("/assets/logo.svg");
|
||||
pub const LOGO_ICO: Asset = asset!("/assets/favicon.ico");
|
||||
const TAILWIND_CSS: Asset = asset!("/assets/tailwind.css");
|
||||
|
||||
#[derive(Debug, Clone, Routable, PartialEq)]
|
||||
#[rustfmt::skip]
|
||||
enum Route {
|
||||
#[route("/")]
|
||||
Home {},
|
||||
}
|
||||
|
||||
#[component]
|
||||
pub fn App() -> Element {
|
||||
rsx! {
|
||||
document::Link { rel: "icon", href: LOGO_ICO }
|
||||
document::Link { rel: "stylesheet", href: TAILWIND_CSS }
|
||||
Router::<Route> {}
|
||||
}
|
||||
}
|
||||
|
||||
/// Home page
|
||||
#[component]
|
||||
fn Home() -> Element {
|
||||
rsx! {
|
||||
p {
|
||||
class: "text-lg",
|
||||
"Hello, world!"
|
||||
}
|
||||
}
|
||||
}
|
||||
35
src/components/footer.rs
Normal file
35
src/components/footer.rs
Normal file
@@ -0,0 +1,35 @@
|
||||
use dioxus::prelude::*;
|
||||
|
||||
use crate::app::LOGO_SVG;
|
||||
|
||||
#[component]
|
||||
pub fn Footer() -> Element {
|
||||
rsx! {
|
||||
footer {
|
||||
class: "footer md:footer-horizontal fixed bottom-0 text-base-content/70 bg-base-300 items-center p-4",
|
||||
|
||||
aside {
|
||||
class: "flex items-center",
|
||||
|
||||
img {
|
||||
class: "w-12 h-12",
|
||||
src: LOGO_SVG,
|
||||
}
|
||||
|
||||
div {
|
||||
p {
|
||||
class: "text-xl font-bold",
|
||||
"LibreTunes",
|
||||
}
|
||||
|
||||
a {
|
||||
class: "text-sm",
|
||||
href: env!("CARGO_PKG_REPOSITORY"),
|
||||
"v" {env!("CARGO_PKG_VERSION")},
|
||||
}
|
||||
}
|
||||
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
101
src/components/form.rs
Normal file
101
src/components/form.rs
Normal file
@@ -0,0 +1,101 @@
|
||||
use dioxus::prelude::*;
|
||||
use serde::de::DeserializeOwned;
|
||||
|
||||
use crate::util::error::Error;
|
||||
|
||||
/// A simple styled form card. Parses form fields into the provided generic type, and calls the
|
||||
/// callback when submitted via button or enter key.
|
||||
#[component]
|
||||
pub fn Form<T>(
|
||||
/// Heading above the form
|
||||
title: String,
|
||||
/// Form content, placed inside a `fieldset`
|
||||
children: Element,
|
||||
/// Text displayed on the form button
|
||||
action_message: String,
|
||||
/// Form-related error. Set to a parsing error on parse failure, or can be used to display any
|
||||
/// submission error. Clears on each submit. Displays as a card between the inputs and action
|
||||
/// button, opens a modal on click.
|
||||
#[props(default)]
|
||||
error: Signal<Option<Error>>,
|
||||
/// Whether the form should display in a "loading" state, disables the action button and
|
||||
/// displays a loading animation instead. For best UX, especially on pages the user might open
|
||||
/// directly as opposed to navigate to within the app, initialize to true. This component will
|
||||
/// set it to false when run. This sequence will discourage users from submitting the form
|
||||
/// before the page is ready to handle it. Can also be used to indicate background work is
|
||||
/// taking place in the `callback`, but this is not done automatically.
|
||||
#[props(default)]
|
||||
loading: Signal<bool>,
|
||||
/// Content to display below the action button
|
||||
#[props(default)]
|
||||
extra_content: Option<Element>,
|
||||
/// Form submission callback. Called with the deserialized form inputs.
|
||||
onsubmit: Callback<T>,
|
||||
) -> Element
|
||||
where
|
||||
T: DeserializeOwned + 'static,
|
||||
{
|
||||
// Button is initialized to loading, then set back when WASM is finished loading (use_effect
|
||||
// runs only on the client)
|
||||
use_effect(move || loading.set(false));
|
||||
|
||||
rsx! {
|
||||
div {
|
||||
class: "card card-xl w-full sm:w-100 sm:h-fit bg-base-200",
|
||||
|
||||
form {
|
||||
onsubmit: move |evt| {
|
||||
evt.prevent_default();
|
||||
|
||||
let data: T = match evt.data.parsed_values() {
|
||||
Ok(data) => data,
|
||||
Err(e) => {
|
||||
let e = Error::message_here(e.to_string())
|
||||
.with_context("Failed to parse form inputs");
|
||||
|
||||
error.set(Some(e));
|
||||
return;
|
||||
}
|
||||
};
|
||||
|
||||
error.set(None);
|
||||
|
||||
onsubmit.call(data);
|
||||
},
|
||||
|
||||
class: "card-body gap-3",
|
||||
|
||||
h1 {
|
||||
class: "card-title",
|
||||
{title}
|
||||
}
|
||||
|
||||
fieldset {
|
||||
class: "fieldset pt-0 gap-1",
|
||||
{children}
|
||||
}
|
||||
|
||||
{error().map(|e| e.as_alert())}
|
||||
|
||||
div {
|
||||
class: "card-actions gap-4",
|
||||
|
||||
button {
|
||||
class: "btn btn-primary btn-block",
|
||||
disabled: loading(),
|
||||
|
||||
if loading() {
|
||||
span {
|
||||
class: "loading loading-dots"
|
||||
}
|
||||
} else {
|
||||
{action_message}
|
||||
}
|
||||
}
|
||||
|
||||
{extra_content}
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
68
src/components/form_input.rs
Normal file
68
src/components/form_input.rs
Normal file
@@ -0,0 +1,68 @@
|
||||
use dioxus::prelude::*;
|
||||
|
||||
/// A simple styled input box
|
||||
#[component]
|
||||
pub fn FormInput(
|
||||
/// The placeholder text and label. When text is entered in the input, the label is shown above
|
||||
/// the input box.
|
||||
label: String,
|
||||
#[props(default)] name: Option<String>,
|
||||
#[props(default)] required: bool,
|
||||
#[props(default)] r#type: String,
|
||||
children: Element,
|
||||
) -> Element {
|
||||
let name = name.unwrap_or(label.to_lowercase());
|
||||
|
||||
rsx! {
|
||||
div {
|
||||
class: "group/field",
|
||||
|
||||
p {
|
||||
class: "opacity-0 not-group-has-placeholder-shown/field:opacity-70 transition-opacity pl-2",
|
||||
{label.clone()}
|
||||
}
|
||||
|
||||
label {
|
||||
class: "input w-full",
|
||||
|
||||
{children}
|
||||
|
||||
input {
|
||||
name,
|
||||
required,
|
||||
r#type,
|
||||
placeholder: label,
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
#[component]
|
||||
pub fn UsernameInput() -> Element {
|
||||
rsx! {
|
||||
FormInput {
|
||||
label: "Username",
|
||||
required: true,
|
||||
|
||||
lucide_dioxus::UserRound {
|
||||
class: "opacity-50",
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
#[component]
|
||||
pub fn PasswordInput() -> Element {
|
||||
rsx! {
|
||||
FormInput {
|
||||
label: "Password",
|
||||
required: true,
|
||||
r#type: "password",
|
||||
|
||||
lucide_dioxus::KeyRound {
|
||||
class: "opacity-50",
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
@@ -1 +1,7 @@
|
||||
pub mod footer;
|
||||
pub mod form;
|
||||
pub mod form_input;
|
||||
|
||||
pub use footer::*;
|
||||
pub use form::*;
|
||||
pub use form_input::*;
|
||||
|
||||
55
src/main.rs
55
src/main.rs
@@ -1,49 +1,38 @@
|
||||
use dioxus::prelude::*;
|
||||
|
||||
pub mod api;
|
||||
pub mod app;
|
||||
pub mod components;
|
||||
pub mod models;
|
||||
pub mod pages;
|
||||
pub mod schema;
|
||||
pub mod util;
|
||||
|
||||
#[cfg(feature = "server")]
|
||||
pub mod schema;
|
||||
|
||||
#[cfg(feature = "server")]
|
||||
pub mod server;
|
||||
|
||||
const TAILWIND_CSS: Asset = asset!("/assets/tailwind.css");
|
||||
use crate::app::App;
|
||||
|
||||
#[derive(Debug, Clone, Routable, PartialEq)]
|
||||
#[rustfmt::skip]
|
||||
enum Route {
|
||||
#[route("/")]
|
||||
Home {},
|
||||
}
|
||||
|
||||
#[component]
|
||||
fn App() -> Element {
|
||||
rsx! {
|
||||
document::Link { rel: "stylesheet", href: TAILWIND_CSS }
|
||||
Router::<Route> {}
|
||||
}
|
||||
}
|
||||
|
||||
/// Home page
|
||||
#[component]
|
||||
fn Home() -> Element {
|
||||
rsx! {
|
||||
p {
|
||||
class: "text-lg",
|
||||
"Hello, world!"
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
fn main() {
|
||||
fn tracing_setup() {
|
||||
#[cfg(debug_assertions)]
|
||||
dioxus::logger::init(tracing::Level::DEBUG).expect("Failed to initialize tracing logger");
|
||||
|
||||
#[cfg(feature = "server")]
|
||||
server::main();
|
||||
#[cfg(not(debug_assertions))]
|
||||
dioxus::logger::init(tracing::Level::INFO).expect("Failed to initialize tracing logger");
|
||||
}
|
||||
|
||||
#[cfg(not(feature = "server"))]
|
||||
fn main() {
|
||||
tracing_setup();
|
||||
dioxus::launch(App);
|
||||
}
|
||||
|
||||
#[cfg(feature = "server")]
|
||||
fn main() -> std::process::ExitCode {
|
||||
tracing_setup();
|
||||
|
||||
let Err(e) = server::main();
|
||||
tracing::error!("Server main failed:\n{e}");
|
||||
|
||||
std::process::ExitCode::FAILURE
|
||||
}
|
||||
|
||||
@@ -1 +1 @@
|
||||
|
||||
pub mod user;
|
||||
|
||||
147
src/models/user.rs
Normal file
147
src/models/user.rs
Normal file
@@ -0,0 +1,147 @@
|
||||
//! Various user types. Some types marked server-only to help prevent
|
||||
//! leaking passwords to the frontend
|
||||
|
||||
use serde::{Deserialize, Serialize};
|
||||
|
||||
/// Standard informational user type, contains no password information
|
||||
#[derive(Clone, Debug, Deserialize, Serialize)]
|
||||
#[cfg_attr(feature = "server", derive(Queryable, Selectable, Identifiable))]
|
||||
#[cfg_attr(feature = "server", diesel(table_name = crate::schema::users,
|
||||
check_for_backend(diesel::pg::Pg)))]
|
||||
pub struct User {
|
||||
pub id: i32,
|
||||
pub username: String,
|
||||
pub created_at: chrono::DateTime<chrono::Local>,
|
||||
}
|
||||
|
||||
/// Plaintext user credentials, used for login/signup form
|
||||
#[derive(Deserialize, Serialize)]
|
||||
pub struct UserCredentials {
|
||||
pub username: String,
|
||||
pub password: String,
|
||||
}
|
||||
|
||||
cfg_if::cfg_if! {
|
||||
if #[cfg(feature = "server")] {
|
||||
|
||||
use diesel::{
|
||||
deserialize::{FromSql, FromSqlRow},
|
||||
expression::AsExpression,
|
||||
prelude::*,
|
||||
serialize::ToSql,
|
||||
sql_types,
|
||||
};
|
||||
use pbkdf2::{
|
||||
PasswordHasher, PasswordVerifier, Pbkdf2, password_hash::Error::PasswordInvalid,
|
||||
phc::PasswordHash,
|
||||
};
|
||||
|
||||
use crate::util::error::{Error, Result};
|
||||
|
||||
/// Newtype for a `String`-represented hashed password
|
||||
#[derive(Clone, Debug, AsExpression, FromSqlRow)]
|
||||
#[diesel(sql_type = sql_types::Text)]
|
||||
pub struct HashedPassword(String);
|
||||
|
||||
impl HashedPassword {
|
||||
/// Check a password attempt against this hashed password
|
||||
///
|
||||
/// # Returns
|
||||
///
|
||||
/// `Ok(true)` for a correct password
|
||||
/// `Ok(false)` for an incorrect password
|
||||
/// `Err` for a hashing error
|
||||
pub fn check(&self, password_attempt: String) -> Result<bool> {
|
||||
let pw_hash = PasswordHash::new(&self.0)
|
||||
.map_err(|e| Error::message_here(format!("Error parsing `HashedPassword`: {e}")))?;
|
||||
|
||||
match Pbkdf2::default().verify_password(password_attempt.as_bytes(), &pw_hash) {
|
||||
Ok(()) => Ok(true),
|
||||
Err(PasswordInvalid) => Ok(false),
|
||||
Err(e) => Err(Error::message_here(format!(
|
||||
"Error comparing password attempt against hash: {e}"
|
||||
))),
|
||||
}
|
||||
}
|
||||
|
||||
/// Returns the "session auth hash" for `axum-login`, just the hashed password as bytes
|
||||
pub fn auth_hash(&self) -> &[u8] {
|
||||
self.0.as_bytes()
|
||||
}
|
||||
}
|
||||
|
||||
impl<DB> FromSql<diesel::sql_types::Text, DB> for HashedPassword
|
||||
where
|
||||
DB: diesel::backend::Backend,
|
||||
String: FromSql<sql_types::Text, DB>,
|
||||
{
|
||||
fn from_sql(bytes: DB::RawValue<'_>) -> diesel::deserialize::Result<Self> {
|
||||
Ok(Self(String::from_sql(bytes)?))
|
||||
}
|
||||
}
|
||||
|
||||
impl<DB> ToSql<diesel::sql_types::Text, DB> for HashedPassword
|
||||
where
|
||||
DB: diesel::backend::Backend,
|
||||
String: ToSql<sql_types::Text, DB>,
|
||||
{
|
||||
fn to_sql<'b>(
|
||||
&'b self,
|
||||
out: &mut diesel::serialize::Output<'b, '_, DB>,
|
||||
) -> diesel::serialize::Result {
|
||||
self.0.to_sql(out)
|
||||
}
|
||||
}
|
||||
|
||||
/// User as it appears in the database, with hashed password
|
||||
#[derive(Clone, Debug, Identifiable, Queryable, Selectable)]
|
||||
#[diesel(table_name = crate::schema::users, check_for_backend(diesel::pg::Pg))]
|
||||
pub struct DbUser {
|
||||
pub id: i32,
|
||||
pub username: String,
|
||||
pub hashed_password: HashedPassword,
|
||||
pub created_at: chrono::DateTime<chrono::Local>,
|
||||
}
|
||||
|
||||
impl From<DbUser> for User {
|
||||
fn from(db_user: DbUser) -> Self {
|
||||
User {
|
||||
id: db_user.id,
|
||||
username: db_user.username,
|
||||
created_at: db_user.created_at,
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
/// User credentials with hashed password
|
||||
#[derive(Clone, Debug, Insertable, Queryable, Selectable)]
|
||||
#[diesel(table_name = crate::schema::users, check_for_backend(diesel::pg::Pg))]
|
||||
pub struct HashedUserCredentials {
|
||||
username: String,
|
||||
hashed_password: HashedPassword,
|
||||
}
|
||||
|
||||
impl From<DbUser> for HashedUserCredentials {
|
||||
fn from(db_user: DbUser) -> Self {
|
||||
HashedUserCredentials {
|
||||
username: db_user.username,
|
||||
hashed_password: db_user.hashed_password,
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
impl UserCredentials {
|
||||
/// Attempt to convert into `HashedUserCredentials` by hashing the password. Yields a PBKDF2
|
||||
/// error on failure.
|
||||
pub fn try_hash(self) -> Result<HashedUserCredentials, pbkdf2::password_hash::Error> {
|
||||
let hashed_password = Pbkdf2::default().hash_password(self.password.as_bytes())?;
|
||||
|
||||
Ok(HashedUserCredentials {
|
||||
username: self.username,
|
||||
hashed_password: HashedPassword(hashed_password.to_string()),
|
||||
})
|
||||
}
|
||||
}
|
||||
|
||||
}
|
||||
}
|
||||
@@ -1 +1,10 @@
|
||||
// @generated automatically by Diesel CLI.
|
||||
|
||||
diesel::table! {
|
||||
users (id) {
|
||||
id -> Int4,
|
||||
username -> Varchar,
|
||||
hashed_password -> Varchar,
|
||||
created_at -> Timestamptz,
|
||||
}
|
||||
}
|
||||
|
||||
122
src/server/auth.rs
Normal file
122
src/server/auth.rs
Normal file
@@ -0,0 +1,122 @@
|
||||
use axum_login::{AuthManagerLayer, AuthUser, AuthnBackend, UserId};
|
||||
use diesel::prelude::*;
|
||||
use diesel_async::RunQueryDsl;
|
||||
use tower_sessions_redis_store::RedisStore;
|
||||
|
||||
use crate::models::user::{DbUser, HashedUserCredentials, UserCredentials};
|
||||
use crate::server::{
|
||||
database::{DbConn, DbPool},
|
||||
key_val_store::KeyValPool,
|
||||
};
|
||||
use crate::util::error::{Contextualize, Error, Result};
|
||||
|
||||
pub type AuthLayer = AuthManagerLayer<AuthBackend, RedisStore<KeyValPool>>;
|
||||
pub type AuthSession = axum_login::AuthSession<AuthBackend>;
|
||||
|
||||
impl AuthUser for DbUser {
|
||||
type Id = i32;
|
||||
|
||||
fn id(&self) -> Self::Id {
|
||||
self.id
|
||||
}
|
||||
|
||||
fn session_auth_hash(&self) -> &[u8] {
|
||||
self.hashed_password.auth_hash()
|
||||
}
|
||||
}
|
||||
|
||||
#[derive(Clone)]
|
||||
pub struct AuthBackend {
|
||||
pub db_pool: DbPool,
|
||||
}
|
||||
|
||||
impl AuthnBackend for AuthBackend {
|
||||
type User = DbUser;
|
||||
type Credentials = UserCredentials;
|
||||
type Error = Error;
|
||||
|
||||
async fn authenticate(
|
||||
&self,
|
||||
attempt_creds: Self::Credentials,
|
||||
) -> Result<Option<Self::User>, Self::Error> {
|
||||
let mut db_conn = self
|
||||
.db_pool
|
||||
.get()
|
||||
.await
|
||||
.err_context("Failed to get database pool connection")?;
|
||||
|
||||
let user = get_user_by_username(&mut db_conn, attempt_creds.username)
|
||||
.await
|
||||
.err_context("Error fetching user for authentication check")?;
|
||||
|
||||
let Some(user) = user else { return Ok(None) };
|
||||
|
||||
let password_result = user
|
||||
.hashed_password
|
||||
.check(attempt_creds.password)
|
||||
.err_context("Error checking user password attempt")?;
|
||||
|
||||
if password_result {
|
||||
Ok(Some(user))
|
||||
} else {
|
||||
Ok(None)
|
||||
}
|
||||
}
|
||||
|
||||
async fn get_user(&self, user_id: &UserId<Self>) -> Result<Option<Self::User>, Self::Error> {
|
||||
let mut db_conn = self
|
||||
.db_pool
|
||||
.get()
|
||||
.await
|
||||
.err_context("Failed to get database pool connection")?;
|
||||
|
||||
get_user_by_id(&mut db_conn, *user_id)
|
||||
.await
|
||||
.err_context("Failed fetching user for session")
|
||||
}
|
||||
}
|
||||
|
||||
pub async fn create_user(
|
||||
db_conn: &mut DbConn,
|
||||
credentials: &HashedUserCredentials,
|
||||
) -> Result<DbUser> {
|
||||
diesel::insert_into(crate::schema::users::table)
|
||||
.values(credentials)
|
||||
.get_result(db_conn)
|
||||
.await
|
||||
.err_context("Error creating user")
|
||||
}
|
||||
|
||||
pub async fn get_user_by_id(db_conn: &mut DbConn, id: i32) -> Result<Option<DbUser>> {
|
||||
crate::schema::users::table
|
||||
.find(id)
|
||||
.first(db_conn)
|
||||
.await
|
||||
.optional()
|
||||
.err_context("Error fetching user from database by id")
|
||||
}
|
||||
|
||||
pub async fn get_user_by_username(
|
||||
db_conn: &mut DbConn,
|
||||
username: String,
|
||||
) -> Result<Option<DbUser>> {
|
||||
crate::schema::users::table
|
||||
.filter(crate::schema::users::username.eq(username))
|
||||
.first(db_conn)
|
||||
.await
|
||||
.optional()
|
||||
.err_context("Error fetching user from database by username")
|
||||
}
|
||||
|
||||
/// Create the authentication middleware layer
|
||||
pub fn build_auth_layer(db_pool: DbPool, key_val_pool: KeyValPool, use_secure: bool) -> AuthLayer {
|
||||
use axum_login::{AuthManagerLayerBuilder, tower_sessions::SessionManagerLayer};
|
||||
use tower_sessions_redis_store::RedisStore;
|
||||
|
||||
let auth_session_store = RedisStore::new(key_val_pool);
|
||||
let session_layer = SessionManagerLayer::new(auth_session_store).with_secure(use_secure);
|
||||
|
||||
let auth_backend = AuthBackend { db_pool };
|
||||
|
||||
AuthManagerLayerBuilder::new(auth_backend, session_layer).build()
|
||||
}
|
||||
193
src/server/config.rs
Normal file
193
src/server/config.rs
Normal file
@@ -0,0 +1,193 @@
|
||||
use std::path::PathBuf;
|
||||
|
||||
use serde::Deserialize;
|
||||
|
||||
/// Enable secure cookies by default only in release mode
|
||||
/// (Secure cookies can't be set over HTTP. Rough assumption: development is done over HTTP)
|
||||
const DEFAULT_COOKIES_SECURE: bool = cfg!(not(debug_assertions));
|
||||
|
||||
#[derive(Debug, Clone, Deserialize)]
|
||||
pub struct AuthConfig {
|
||||
pub open_signup: bool,
|
||||
pub cookies_secure: bool,
|
||||
}
|
||||
|
||||
/// Build a connection URI from parts
|
||||
fn format_uri(
|
||||
scheme: &str,
|
||||
username: &Option<String>,
|
||||
password: &Option<String>,
|
||||
host: &str,
|
||||
port: &Option<u16>,
|
||||
path: &Option<String>,
|
||||
) -> String {
|
||||
let mut url = format!("{scheme}://");
|
||||
|
||||
if let Some(username) = username {
|
||||
url.push_str(username);
|
||||
|
||||
if let Some(password) = password {
|
||||
url.push_str(&format!(":{password}"));
|
||||
}
|
||||
|
||||
url.push('@');
|
||||
}
|
||||
|
||||
url.push_str(host);
|
||||
|
||||
if let Some(port) = port {
|
||||
url.push_str(&format!(":{port}"));
|
||||
}
|
||||
|
||||
if let Some(path) = path {
|
||||
url.push_str(&format!("/{path}"));
|
||||
}
|
||||
|
||||
url
|
||||
}
|
||||
|
||||
#[derive(Debug, Clone, Deserialize)]
|
||||
pub struct DatabaseConfig {
|
||||
#[serde(flatten)]
|
||||
connection: DatabaseConnectionConfig,
|
||||
}
|
||||
|
||||
impl DatabaseConfig {
|
||||
/// Get the configured database connection URI
|
||||
pub fn connection_uri(&self) -> String {
|
||||
self.connection.as_uri()
|
||||
}
|
||||
}
|
||||
|
||||
#[derive(Debug, Clone, Deserialize)]
|
||||
#[serde(untagged)]
|
||||
enum DatabaseConnectionConfig {
|
||||
FromUrl {
|
||||
url: String,
|
||||
},
|
||||
FromParts {
|
||||
host: String,
|
||||
port: Option<u16>,
|
||||
database: Option<String>,
|
||||
username: Option<String>,
|
||||
password: Option<String>,
|
||||
},
|
||||
}
|
||||
|
||||
impl DatabaseConnectionConfig {
|
||||
/// Convert this configuration into the Postgres connection URI
|
||||
pub fn as_uri(&self) -> String {
|
||||
match self {
|
||||
Self::FromUrl { url } => url.clone(),
|
||||
Self::FromParts {
|
||||
host,
|
||||
port,
|
||||
database,
|
||||
username,
|
||||
password,
|
||||
} => format_uri("postgres", username, password, host, port, database),
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
#[derive(Debug, Clone, Deserialize)]
|
||||
#[serde(untagged)]
|
||||
enum KeyValStoreConnectionConfig {
|
||||
FromUrl {
|
||||
url: String,
|
||||
},
|
||||
FromParts {
|
||||
scheme: Option<String>,
|
||||
host: String,
|
||||
port: Option<u16>,
|
||||
database: Option<String>,
|
||||
username: Option<String>,
|
||||
password: Option<String>,
|
||||
},
|
||||
}
|
||||
|
||||
impl KeyValStoreConnectionConfig {
|
||||
/// Convert this configuration into the Redis connection URI
|
||||
pub fn as_uri(&self) -> String {
|
||||
match self {
|
||||
Self::FromUrl { url } => url.clone(),
|
||||
Self::FromParts {
|
||||
scheme,
|
||||
host,
|
||||
port,
|
||||
database,
|
||||
username,
|
||||
password,
|
||||
} => format_uri(
|
||||
scheme.as_deref().unwrap_or("redis"),
|
||||
username,
|
||||
password,
|
||||
host,
|
||||
port,
|
||||
database,
|
||||
),
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
#[derive(Debug, Clone, Deserialize)]
|
||||
pub struct KeyValStoreConfig {
|
||||
#[serde(flatten)]
|
||||
connection: KeyValStoreConnectionConfig,
|
||||
}
|
||||
|
||||
impl KeyValStoreConfig {
|
||||
/// Get the configured database connection URI
|
||||
pub fn connection_uri(&self) -> String {
|
||||
self.connection.as_uri()
|
||||
}
|
||||
}
|
||||
|
||||
#[derive(Debug, Clone, Deserialize)]
|
||||
pub struct ServerConfig {
|
||||
pub public_path: PathBuf,
|
||||
}
|
||||
|
||||
#[derive(Debug, Clone, Deserialize)]
|
||||
/// Top-level application configuration
|
||||
pub struct Config {
|
||||
pub auth: AuthConfig,
|
||||
pub database: DatabaseConfig,
|
||||
pub key_val_store: KeyValStoreConfig,
|
||||
pub server: ServerConfig,
|
||||
}
|
||||
|
||||
/// Parse configuration from the expected files and environment variables
|
||||
pub fn load_config() -> Result<Config, config::ConfigError> {
|
||||
use config::{Environment, File};
|
||||
|
||||
let pkg_name = env!("CARGO_PKG_NAME");
|
||||
|
||||
config::Config::builder()
|
||||
.set_default("server.port", 8080)?
|
||||
.set_default("auth.open_signup", false)?
|
||||
.set_default("auth.cookies_secure", DEFAULT_COOKIES_SECURE)?
|
||||
.set_default("server.public_path", default_public_dir())?
|
||||
.add_source(File::with_name(&format!("/etc/{pkg_name}/config")).required(false))
|
||||
.add_source(File::with_name(&format!("/etc/{pkg_name}")).required(false))
|
||||
.add_source(File::with_name("config").required(false))
|
||||
.add_source(Environment::with_prefix(pkg_name).separator("_"))
|
||||
.build()?
|
||||
.try_deserialize()
|
||||
}
|
||||
|
||||
/// Provide a sane default for the public path, using the same sources as Dioxus does internally.
|
||||
/// Checks the `DIOXUS_PUBLIC_PATH` environment variable, then tries relative to the path of this
|
||||
/// executable
|
||||
fn default_public_dir() -> Option<String> {
|
||||
std::env::var("DIOXUS_PUBLIC_PATH").ok().or_else(|| {
|
||||
std::env::current_exe().ok().and_then(|path| {
|
||||
path.parent()
|
||||
.expect("current executable path must have a parent")
|
||||
.join("public")
|
||||
.into_os_string()
|
||||
.into_string()
|
||||
.ok()
|
||||
})
|
||||
})
|
||||
}
|
||||
40
src/server/database.rs
Normal file
40
src/server/database.rs
Normal file
@@ -0,0 +1,40 @@
|
||||
use diesel_async::{
|
||||
AsyncMigrationHarness, AsyncPgConnection,
|
||||
pooled_connection::{AsyncDieselConnectionManager, deadpool::Pool},
|
||||
};
|
||||
use diesel_migrations::{EmbeddedMigrations, MigrationHarness, embed_migrations};
|
||||
|
||||
use crate::util::error::{Contextualize, Error, ErrorType};
|
||||
|
||||
pub const DB_MIGRATIONS: EmbeddedMigrations = embed_migrations!();
|
||||
|
||||
pub type DbPool = Pool<AsyncPgConnection>;
|
||||
pub type DbConn = AsyncPgConnection;
|
||||
|
||||
/// Connect to the database using the given URI, and perform migrations
|
||||
pub async fn setup<S: Into<String>>(database_uri: S) -> Result<DbPool, Error> {
|
||||
let pool_manager = AsyncDieselConnectionManager::<AsyncPgConnection>::new(database_uri);
|
||||
|
||||
let pool = Pool::builder(pool_manager)
|
||||
.build()
|
||||
// At time of writing only the `NoRuntimeSpecified` error is possible from the builder,
|
||||
// which should only occur when configuring timeouts without a `Runtime`
|
||||
.map_err(|e| ErrorType::Database(e.to_string()))
|
||||
.err_context("Error creating pool for database connections")?;
|
||||
|
||||
tracing::debug!("Establishing connection to database for migrations...");
|
||||
|
||||
let migration_conn = pool
|
||||
.get()
|
||||
.await
|
||||
.err_context("Failed to get connection to database")?;
|
||||
|
||||
tracing::debug!("Running migrations...");
|
||||
|
||||
AsyncMigrationHarness::new(migration_conn)
|
||||
.run_pending_migrations(DB_MIGRATIONS)
|
||||
.map_err(|e| ErrorType::Database(e.to_string()))
|
||||
.err_context("Failed to run pending database migrations")?;
|
||||
|
||||
Ok(pool)
|
||||
}
|
||||
29
src/server/key_val_store.rs
Normal file
29
src/server/key_val_store.rs
Normal file
@@ -0,0 +1,29 @@
|
||||
use fred::prelude::*;
|
||||
|
||||
use crate::util::error::{Contextualize, Error, ErrorType};
|
||||
|
||||
const KEY_VAL_POOL_SIZE: usize = 4;
|
||||
|
||||
pub type KeyValPool = Pool;
|
||||
|
||||
pub async fn setup(connection_uri: &str) -> Result<KeyValPool, Error> {
|
||||
let config = Config::from_url(connection_uri)
|
||||
.map_err(|e| ErrorType::KeyValStore(e.to_string()))
|
||||
.err_context("Error creating key-value store config")?;
|
||||
|
||||
let pool = Builder::from_config(config)
|
||||
.build_pool(KEY_VAL_POOL_SIZE)
|
||||
// At time of writing the only error that could occur here is if config is not provided.
|
||||
// Since we're building a pool `from_config`, this shouldn't be possible
|
||||
.map_err(|e| ErrorType::KeyValStore(e.to_string()))
|
||||
.err_context("Error creating pool for key-value store")?;
|
||||
|
||||
tracing::debug!("Establishing connection to key-value store...");
|
||||
|
||||
pool.init()
|
||||
.await
|
||||
.map_err(|e| ErrorType::KeyValStore(e.to_string()))
|
||||
.err_context("Error connecting to key-value store")?;
|
||||
|
||||
Ok(pool)
|
||||
}
|
||||
@@ -1,6 +1,77 @@
|
||||
pub fn main() {
|
||||
#[cfg(feature = "server")]
|
||||
use dioxus::{
|
||||
fullstack::axum::{Router, middleware::from_fn},
|
||||
server::axum::Extension,
|
||||
};
|
||||
use tower_http::services::ServeFile;
|
||||
|
||||
use crate::App;
|
||||
use crate::app::LOGO_ICO;
|
||||
use crate::server::{
|
||||
auth::build_auth_layer,
|
||||
config::{self, Config},
|
||||
database, key_val_store,
|
||||
require_auth_mw::require_auth_middleware,
|
||||
};
|
||||
use crate::util::error::{Contextualize, Error, Result};
|
||||
|
||||
pub fn main() -> Result<std::convert::Infallible> {
|
||||
if let Err(e) = dotenvy::dotenv() {
|
||||
tracing::warn!("Error reading .env: {e}");
|
||||
}
|
||||
|
||||
tracing::debug!("Loading configuration...");
|
||||
let config = config::load_config()
|
||||
.map_err(|e| Error::message_here(e.to_string()))
|
||||
.err_context("Failed to load config")?;
|
||||
|
||||
// Dioxus doesn't expose a way to configure the public path other than this environment
|
||||
// variable, and also doesn't provide a way to read what the public path is. As a workaround we
|
||||
// expose a config option and set this variable that Dioxus expects.
|
||||
// SAFETY: "This function is safe to call in a single-threaded program."
|
||||
unsafe {
|
||||
std::env::set_var("DIOXUS_PUBLIC_PATH", config.server.public_path.clone());
|
||||
}
|
||||
|
||||
// `Ok(...?)` is because `dioxus::serve` expects an `anyhow::Result`
|
||||
dioxus::serve(move || {
|
||||
let config = config.clone();
|
||||
async move { Ok(router_setup(config).await?) }
|
||||
});
|
||||
}
|
||||
|
||||
/// Set up the axum Router
|
||||
async fn router_setup(config: Config) -> Result<Router> {
|
||||
let db_pool = database::setup(config.database.connection_uri())
|
||||
.await
|
||||
.err_context("Failed database setup")?;
|
||||
|
||||
let key_val_pool = key_val_store::setup(&config.key_val_store.connection_uri())
|
||||
.await
|
||||
.err_context("Failed key-value store setup")?;
|
||||
|
||||
let favicon_path = {
|
||||
// Resolve the favicon path
|
||||
let asset_path = LOGO_ICO.resolve();
|
||||
|
||||
// If the asset path starts with "/", strip it. Otherwise it behaves as an "absolute path"
|
||||
// and replaces the base path in the join operation. This is necessary because Dioxus will
|
||||
// produce a path like "/assets/" in the call to `resolve`
|
||||
let asset_path_rel = asset_path.strip_prefix("/").unwrap_or(&asset_path);
|
||||
|
||||
config.server.public_path.join(asset_path_rel)
|
||||
};
|
||||
|
||||
tracing::debug!("Favicon path: {}", favicon_path.display());
|
||||
|
||||
let auth_layer = build_auth_layer(db_pool.clone(), key_val_pool, config.auth.cookies_secure);
|
||||
|
||||
let router = dioxus::server::router(App)
|
||||
.layer(from_fn(require_auth_middleware))
|
||||
.layer(Extension(config))
|
||||
.layer(Extension(db_pool))
|
||||
.layer(auth_layer)
|
||||
.nest_service("/favicon.ico", ServeFile::new(favicon_path));
|
||||
|
||||
tracing::info!("Setup complete, returning Router...");
|
||||
Ok(router)
|
||||
}
|
||||
|
||||
@@ -1,3 +1,8 @@
|
||||
pub mod auth;
|
||||
pub mod config;
|
||||
pub mod database;
|
||||
pub mod key_val_store;
|
||||
pub mod main;
|
||||
pub mod require_auth_mw;
|
||||
|
||||
pub use main::main;
|
||||
|
||||
63
src/server/require_auth_mw.rs
Normal file
63
src/server/require_auth_mw.rs
Normal file
@@ -0,0 +1,63 @@
|
||||
use dioxus::fullstack::{
|
||||
axum::{body::Body, extract::Request, middleware::Next},
|
||||
extract::FromRequestParts,
|
||||
http::Response,
|
||||
};
|
||||
use dioxus::prelude::*;
|
||||
|
||||
use crate::server::auth::AuthSession;
|
||||
|
||||
#[cfg(not(debug_assertions))]
|
||||
const ALLOWED_PATH_PREFIX: [&str; 1] = ["/assets/"];
|
||||
|
||||
#[cfg(debug_assertions)]
|
||||
const ALLOWED_PATH_PREFIX: [&str; 2] = ["/assets/", "/wasm/"];
|
||||
|
||||
const ALLOWED_PATHS: [&str; 6] = [
|
||||
"/login",
|
||||
"/signup",
|
||||
"/api/v1/auth/login",
|
||||
"/api/v1/auth/signup",
|
||||
"/api/v1/auth/user",
|
||||
"/api/v1/auth/open-signup",
|
||||
];
|
||||
|
||||
/// Axum middleware to redirect an unauthenticated request to /login unless it matches one of the allowed paths
|
||||
pub async fn require_auth_middleware(
|
||||
req: Request,
|
||||
next: Next,
|
||||
) -> Result<Response<Body>, (StatusCode, &'static str)> {
|
||||
let path = req.uri().path();
|
||||
|
||||
if ALLOWED_PATH_PREFIX
|
||||
.iter()
|
||||
.any(|prefix| path.starts_with(prefix))
|
||||
|| ALLOWED_PATHS.contains(&path)
|
||||
{
|
||||
let response = next.run(req).await;
|
||||
return Ok(response);
|
||||
}
|
||||
|
||||
let (mut parts, body) = req.into_parts();
|
||||
|
||||
let auth_session = AuthSession::from_request_parts(&mut parts, &()).await?;
|
||||
|
||||
if auth_session.user.is_none() {
|
||||
let response = Response::builder()
|
||||
.status(StatusCode::TEMPORARY_REDIRECT)
|
||||
.header("Location", "/login")
|
||||
.body(Body::empty())
|
||||
.map_err(|_| {
|
||||
(
|
||||
StatusCode::INTERNAL_SERVER_ERROR,
|
||||
"Failed to build response",
|
||||
)
|
||||
})?;
|
||||
|
||||
return Ok(response);
|
||||
}
|
||||
|
||||
let req = Request::from_parts(parts, body);
|
||||
let response = next.run(req).await;
|
||||
Ok(response)
|
||||
}
|
||||
375
src/util/error.rs
Normal file
375
src/util/error.rs
Normal file
@@ -0,0 +1,375 @@
|
||||
use std::fmt;
|
||||
use std::panic::Location;
|
||||
|
||||
use dioxus::prelude::*;
|
||||
use serde::{Deserialize, Serialize};
|
||||
|
||||
/// A location in the source code
|
||||
/// A thin wrapper over `std::panic::Location`, which isn't `Serialize` or `Deserialize`
|
||||
#[derive(Debug, Clone, Serialize, Deserialize)]
|
||||
pub struct ErrorLocation {
|
||||
file: String,
|
||||
line: u32,
|
||||
}
|
||||
|
||||
impl ErrorLocation {
|
||||
/// Creates a new `ErrorLocation` with the file and line number of the caller.
|
||||
#[track_caller]
|
||||
pub fn here() -> Self {
|
||||
let location = Location::caller();
|
||||
|
||||
ErrorLocation {
|
||||
file: location.file().to_string(),
|
||||
line: location.line(),
|
||||
}
|
||||
}
|
||||
|
||||
/// Get a link to the source code based on the repository URL from Cargo and the Git commit
|
||||
/// from the build script. Uses a format supported by GitHub, Gitea, and GitLab.
|
||||
pub fn source_link(&self) -> String {
|
||||
format!(
|
||||
"{}/blob/{}/{}#L{}",
|
||||
env!("CARGO_PKG_REPOSITORY"),
|
||||
env!("GIT_REV"),
|
||||
self.file,
|
||||
self.line
|
||||
)
|
||||
}
|
||||
}
|
||||
|
||||
impl fmt::Display for ErrorLocation {
|
||||
fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
|
||||
write!(f, "{}:{}", self.file, self.line)
|
||||
}
|
||||
}
|
||||
|
||||
pub type Result<T, E = Error> = std::result::Result<T, E>;
|
||||
|
||||
/// Generate a random string to use as an id for the modal
|
||||
/// This allows multiple toast/modal to be present
|
||||
fn rand_modal_id() -> String {
|
||||
use rand::RngExt;
|
||||
|
||||
let mut rng = rand::rng();
|
||||
|
||||
let random_str = (0..5)
|
||||
.map(|_| rng.sample(rand::distr::Alphanumeric) as char)
|
||||
.collect::<String>();
|
||||
|
||||
format!("err-modal-{random_str}")
|
||||
}
|
||||
|
||||
#[derive(Debug, Clone, Deserialize, Serialize, thiserror::Error)]
|
||||
pub struct Error {
|
||||
#[source]
|
||||
/// The error type and data
|
||||
source: ErrorType,
|
||||
|
||||
/// The location where the error was created
|
||||
from: ErrorLocation,
|
||||
|
||||
/// Context added to the error, and location where it was added
|
||||
context: Vec<(ErrorLocation, String)>,
|
||||
}
|
||||
|
||||
impl Error {
|
||||
/// Creates a new `Error` at this location with the given error type
|
||||
#[track_caller]
|
||||
pub fn new_here(source: ErrorType) -> Self {
|
||||
Error::new(source, ErrorLocation::here())
|
||||
}
|
||||
|
||||
/// Creates a new `Error` with the given location and error type
|
||||
pub fn new(source: ErrorType, from: ErrorLocation) -> Self {
|
||||
Error {
|
||||
source,
|
||||
from,
|
||||
context: Vec::new(),
|
||||
}
|
||||
}
|
||||
|
||||
/// Creates a new basic `Error` at this location with the given message
|
||||
#[track_caller]
|
||||
pub fn message_here<S: Into<String>>(message: S) -> Self {
|
||||
Error::new(ErrorType::Error(message.into()), ErrorLocation::here())
|
||||
}
|
||||
|
||||
/// Adds a context message to the error
|
||||
#[track_caller]
|
||||
pub fn with_context(mut self, context: impl Into<String>) -> Self {
|
||||
self.context.push((ErrorLocation::here(), context.into()));
|
||||
self
|
||||
}
|
||||
|
||||
/// Retrieve the "top" message of the error. Uses either the most recent context entry, or the
|
||||
/// source message if no context has been added.
|
||||
pub fn top_message(&self) -> String {
|
||||
if let Some((_location, message)) = self.context.last() {
|
||||
message.clone()
|
||||
} else {
|
||||
self.source.to_string()
|
||||
}
|
||||
}
|
||||
|
||||
/// Get the original cause of this error
|
||||
/// Like `std::error::Error::source` but doesn't return an `Option`
|
||||
pub fn source(&self) -> &ErrorType {
|
||||
&self.source
|
||||
}
|
||||
|
||||
/// Display this error as a modal dialog activated by a checkbox with the given id
|
||||
pub fn as_modal(&self, id: String) -> Element {
|
||||
rsx! {
|
||||
input {
|
||||
r#type: "checkbox",
|
||||
class: "modal-toggle",
|
||||
id: &id,
|
||||
}
|
||||
|
||||
div {
|
||||
class: "modal",
|
||||
role: "dialog",
|
||||
|
||||
div {
|
||||
class: "modal-box border border-error bg-soft-error max-w-200",
|
||||
|
||||
h2 {
|
||||
class: "flex items-center gap-3 text-lg",
|
||||
|
||||
lucide_dioxus::CircleAlert {
|
||||
class: "shrink-0",
|
||||
}
|
||||
{self.top_message()}
|
||||
}
|
||||
|
||||
p {
|
||||
class: "text-base-content/70 py-3",
|
||||
"Details"
|
||||
}
|
||||
|
||||
div {
|
||||
class: "md:grid md:grid-cols-[fit-content(calc(var(--spacing)*30))_auto] md:gap-1 md:gap-x-2 mb-6",
|
||||
|
||||
for (location, message) in self.context.iter().rev().chain(std::iter::once(&(
|
||||
self.from.clone(),
|
||||
self.source.to_string(),
|
||||
))) {
|
||||
a {
|
||||
class: "text-base-content/80 interact underline",
|
||||
target: "_blank",
|
||||
href: location.source_link(),
|
||||
{location.to_string()}
|
||||
}
|
||||
|
||||
p {
|
||||
class: "ml-3 md:ml-0",
|
||||
{message.to_string()}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
a {
|
||||
class: "text-base-content/50 interact underline",
|
||||
target: "_blank",
|
||||
href: format!("{}/issues/new", env!("CARGO_PKG_REPOSITORY")),
|
||||
"Report an issue"
|
||||
}
|
||||
|
||||
label {
|
||||
class: "absolute right-1 top-1 interact hover:bg-base-100/70 p-1 rounded-full",
|
||||
r#for: &id,
|
||||
lucide_dioxus::X {
|
||||
class: "size-7 md:size-5",
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
label {
|
||||
class: "modal-backdrop cursor-pointer",
|
||||
r#for: id,
|
||||
"Close",
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
/// Convert this error into an alert label, tied to the given modal id
|
||||
fn as_alert_for(&self, modal_id: String) -> Element {
|
||||
rsx! {
|
||||
label {
|
||||
class: "alert alert-error alert-soft cursor-pointer",
|
||||
role: "alert",
|
||||
r#for: modal_id,
|
||||
lucide_dioxus::CircleAlert {}
|
||||
|
||||
p {
|
||||
class: "max-w-120 text-ellipsis line-clamp-3",
|
||||
{self.top_message()}
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
/// Convert this error to a toast message, which opens a modal when clicked
|
||||
pub fn as_toast(&self) -> Element {
|
||||
let modal_id = rand_modal_id();
|
||||
|
||||
rsx! {
|
||||
{self.as_modal(modal_id.clone())}
|
||||
|
||||
div {
|
||||
class: "toast z-99",
|
||||
{self.as_alert_for(modal_id)}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
/// Convert this error into an alert label, which opens a modal when clicked
|
||||
pub fn as_alert(&self) -> Element {
|
||||
let modal_id = rand_modal_id();
|
||||
|
||||
rsx! {
|
||||
{self.as_modal(modal_id.clone())}
|
||||
{self.as_alert_for(modal_id)}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
impl fmt::Display for Error {
|
||||
fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
|
||||
// Write the error type and its context
|
||||
writeln!(f, "Error: {}", self.top_message())?;
|
||||
write!(f, "Context:")?;
|
||||
|
||||
for (location, message) in self.context.iter().rev().chain(std::iter::once(&(
|
||||
self.from.clone(),
|
||||
self.source.to_string(),
|
||||
))) {
|
||||
write!(f, "\n - {location}: {message}")?;
|
||||
}
|
||||
|
||||
Ok(())
|
||||
}
|
||||
}
|
||||
|
||||
impl From<ServerFnError> for Error {
|
||||
#[track_caller]
|
||||
fn from(err: ServerFnError) -> Error {
|
||||
Error::new_here(ErrorType::ServerFnError(err))
|
||||
}
|
||||
}
|
||||
|
||||
#[cfg(feature = "server")]
|
||||
impl dioxus_fullstack::AsStatusCode for Error {
|
||||
fn as_status_code(&self) -> StatusCode {
|
||||
match &self.source {
|
||||
ErrorType::Auth(AuthError::InvalidCredentials | AuthError::Unauthorized) => {
|
||||
StatusCode::UNAUTHORIZED
|
||||
}
|
||||
ErrorType::Database(msg) if *msg == (diesel::result::Error::NotFound).to_string() => {
|
||||
StatusCode::NOT_FOUND
|
||||
}
|
||||
ErrorType::ServerFnError(e) => e.as_status_code(),
|
||||
_ => StatusCode::INTERNAL_SERVER_ERROR,
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
pub trait Contextualize<R> {
|
||||
/// Add context to the `Result` if it is an `Err`.
|
||||
#[track_caller]
|
||||
fn err_context(self, context: impl Into<String>) -> R;
|
||||
}
|
||||
|
||||
impl<T, E: Into<Error>> Contextualize<Result<T>> for std::result::Result<T, E> {
|
||||
#[track_caller]
|
||||
fn err_context(self, context: impl Into<String>) -> Result<T> {
|
||||
// Closures can't (currently) `track_caller`, so a simple map_err doesn't work
|
||||
// See https://github.com/rust-lang/rust/issues/87417
|
||||
match self {
|
||||
Ok(e) => Ok(e),
|
||||
Err(e) => Err(e.into().with_context(context)),
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
impl<T> Contextualize<Result<T>> for Option<T> {
|
||||
#[track_caller]
|
||||
fn err_context(self, context: impl Into<String>) -> Result<T> {
|
||||
self.ok_or(Error::new_here(ErrorType::Error(context.into())))
|
||||
}
|
||||
}
|
||||
|
||||
impl<T, E: Into<Error>> Contextualize<Result<T>> for E {
|
||||
#[track_caller]
|
||||
fn err_context(self, context: impl Into<String>) -> Result<T> {
|
||||
Err(self.into().with_context(context))
|
||||
}
|
||||
}
|
||||
|
||||
#[derive(Debug, Clone, thiserror::Error, Deserialize, Serialize)]
|
||||
pub enum ErrorType {
|
||||
#[error("Authentication error: {0}")]
|
||||
Auth(AuthError),
|
||||
|
||||
// Using string to represent Diesel errors, because Diesel's Error type is not `Serialize`,
|
||||
// and Diesel is only available on the server
|
||||
#[error("Database error: {0}")]
|
||||
Database(String),
|
||||
|
||||
#[error("{0}")]
|
||||
Error(String),
|
||||
|
||||
#[error("Server function error: {0}")]
|
||||
ServerFnError(ServerFnError),
|
||||
|
||||
// Using string to represent Fred errors, because Fred's Error type is not `Serialize`,
|
||||
// and Fred is only available on the server
|
||||
#[error("Key-value store error: {0}")]
|
||||
KeyValStore(String),
|
||||
}
|
||||
|
||||
impl From<ErrorType> for Error {
|
||||
#[track_caller]
|
||||
fn from(err: ErrorType) -> Self {
|
||||
Error::new_here(err)
|
||||
}
|
||||
}
|
||||
|
||||
#[cfg(feature = "server")]
|
||||
impl From<diesel::result::Error> for Error {
|
||||
#[track_caller]
|
||||
fn from(err: diesel::result::Error) -> Self {
|
||||
Error::new_here(ErrorType::Database(format!("{err}")))
|
||||
}
|
||||
}
|
||||
|
||||
// This would capture any `deapool::PoolError` and treat it as a database error
|
||||
// but we're only using `deadpool` for our database, so it's fine
|
||||
#[cfg(feature = "server")]
|
||||
impl From<diesel_async::pooled_connection::deadpool::PoolError> for Error {
|
||||
#[track_caller]
|
||||
fn from(err: diesel_async::pooled_connection::deadpool::PoolError) -> Self {
|
||||
Error::new_here(ErrorType::Database(format!("{err}")))
|
||||
}
|
||||
}
|
||||
|
||||
#[cfg(feature = "server")]
|
||||
impl From<fred::error::Error> for Error {
|
||||
#[track_caller]
|
||||
fn from(err: fred::error::Error) -> Self {
|
||||
Error::new_here(ErrorType::KeyValStore(format!("{err}")))
|
||||
}
|
||||
}
|
||||
|
||||
#[derive(Debug, Clone, thiserror::Error, Deserialize, Serialize)]
|
||||
pub enum AuthError {
|
||||
#[error("Invalid credentials")]
|
||||
InvalidCredentials,
|
||||
|
||||
#[error("{0}")]
|
||||
Error(String),
|
||||
|
||||
#[error("Unauthorized")]
|
||||
Unauthorized,
|
||||
}
|
||||
@@ -1 +1 @@
|
||||
|
||||
pub mod error;
|
||||
|
||||
@@ -10,10 +10,20 @@
|
||||
@source not "*";
|
||||
@source "./src/**/*.{rs,html,css}";
|
||||
|
||||
@theme {
|
||||
/* Copied out of DaisyUI theme, which doesn't make the color available */
|
||||
--color-soft-error: color-mix(in oklab, var(--color-error, var(--color-base-content)) 8%, var(--color-base-100));
|
||||
}
|
||||
|
||||
@layer utilities {
|
||||
.interact {
|
||||
@apply cursor-pointer;
|
||||
@apply hover:text-base-content/70;
|
||||
@apply active:text-primary active:translate-y-[.5px] active:shadow-(--btn-shadow);
|
||||
}
|
||||
|
||||
.input:focus-within {
|
||||
outline-width: 1px;
|
||||
outline-offset: 0px;
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user