Compare commits
2 Commits
main
...
fb3408ae33
| Author | SHA1 | Date | |
|---|---|---|---|
|
fb3408ae33
|
|||
|
680d59c173
|
11
.gitignore
vendored
11
.gitignore
vendored
@@ -7,14 +7,3 @@
|
|||||||
/result
|
/result
|
||||||
|
|
||||||
.env
|
.env
|
||||||
|
|
||||||
# Anything the config crate looks for
|
|
||||||
config.ini
|
|
||||||
config.json
|
|
||||||
config.json5
|
|
||||||
config.ron
|
|
||||||
config.toml
|
|
||||||
config.yaml
|
|
||||||
config.yml
|
|
||||||
|
|
||||||
/migrations/.diesel_lock
|
|
||||||
|
|||||||
939
Cargo.lock
generated
939
Cargo.lock
generated
File diff suppressed because it is too large
Load Diff
25
Cargo.toml
25
Cargo.toml
@@ -9,24 +9,15 @@ edition = "2024"
|
|||||||
build = "src/build.rs"
|
build = "src/build.rs"
|
||||||
|
|
||||||
[dependencies]
|
[dependencies]
|
||||||
axum-login = { version = "0.18.0", optional = true }
|
diesel = { version = "2.3.10", optional = true, features = [ "postgres" ] }
|
||||||
cfg-if = "1.0.4"
|
diesel_migrations = { version = "2.3.2", optional = true, features = [ "postgres" ] }
|
||||||
chrono = { version = "0.4.45", features = ["serde"] }
|
|
||||||
config = { version = "0.15.24", optional = true }
|
|
||||||
diesel = { version = "2.3.10", optional = true, features = ["chrono"] }
|
|
||||||
diesel-async = { version = "0.9.1", optional = true, features = ["postgres", "deadpool", "migrations"] }
|
|
||||||
diesel_migrations = { version = "2.3.2", optional = true }
|
|
||||||
dioxus = { version = "0.7.9", features = ["router", "fullstack"] }
|
dioxus = { version = "0.7.9", features = ["router", "fullstack"] }
|
||||||
dioxus-html = "0.7.9"
|
|
||||||
dotenvy = { version = "0.15.7", optional = true }
|
dotenvy = { version = "0.15.7", optional = true }
|
||||||
fred = { version = "10.1.0", optional = true }
|
lucide-dioxus = { version = "3.11.0", features = ["notifications"] }
|
||||||
lucide-dioxus = { version = "3.11.0", features = ["notifications", "account"] }
|
|
||||||
pbkdf2 = { version = "0.13.0", optional = true, features = ["getrandom", "phc"] }
|
|
||||||
rand = "0.10.1"
|
rand = "0.10.1"
|
||||||
serde = { version = "1.0.228", features = ["derive"] }
|
serde = { version = "1.0.228", features = ["derive"] }
|
||||||
thiserror = "2.0.18"
|
thiserror = "2.0.18"
|
||||||
tower-http = { version = "0.7.0", optional = true, features = ["fs"] }
|
tokio = { version = "1.52.3", optional = true, features = ["macros", "rt-multi-thread"] }
|
||||||
tower-sessions-redis-store = { version = "0.16.0", optional = true }
|
|
||||||
tracing = "0.1.44"
|
tracing = "0.1.44"
|
||||||
|
|
||||||
[features]
|
[features]
|
||||||
@@ -34,16 +25,10 @@ default = ["web"]
|
|||||||
web = ["dioxus/web"]
|
web = ["dioxus/web"]
|
||||||
server = [
|
server = [
|
||||||
"dioxus/server",
|
"dioxus/server",
|
||||||
"dep:axum-login",
|
|
||||||
"dep:config",
|
|
||||||
"dep:diesel",
|
"dep:diesel",
|
||||||
"dep:diesel-async",
|
|
||||||
"dep:diesel_migrations",
|
"dep:diesel_migrations",
|
||||||
"dep:dotenvy",
|
"dep:dotenvy",
|
||||||
"dep:fred",
|
"dep:tokio",
|
||||||
"dep:pbkdf2",
|
|
||||||
"dep:tower-http",
|
|
||||||
"dep:tower-sessions-redis-store",
|
|
||||||
]
|
]
|
||||||
|
|
||||||
# Disabled until supported
|
# Disabled until supported
|
||||||
|
|||||||
Binary file not shown.
|
Before Width: | Height: | Size: 121 KiB |
@@ -1 +0,0 @@
|
|||||||
<?xml version="1.0" encoding="UTF-8" standalone="no"?> <svg viewBox="0 0 254 254" version="1.1" xml:space="preserve" xmlns="http://www.w3.org/2000/svg" xmlns:svg="http://www.w3.org/2000/svg"><clipPath clipPathUnits="userSpaceOnUse" id="clippath"><path fill="#4032a8" d="m 9.028871e-5,480.0001 v 0 C 9.028871e-5,214.90342 214.90341,1.0022047e-4 480.00009,1.0022047e-4 v 0 c 127.30393,0 249.39377,50.57128477953 339.41122,140.58874977953 90.01752,90.01746 140.58875,212.10733 140.58875,339.41125 v 0 c 0,265.09665 -214.90332,479.99997 -479.99997,479.99997 v 0 C 214.90341,960.00007 9.028871e-5,745.09675 9.028871e-5,480.0001 Z" fill-rule="evenodd" style="display:inline;fill:#4032a8;fill-opacity:.495496"/></clipPath><g><g style="fill:none;stroke:none;stroke-linecap:square;stroke-miterlimit:10" transform="matrix(0.26458333,0,0,0.26458333,0,4.5672766)"><g clip-path="url(#p.0)" transform="translate(0,-17.262248)"><path fill="#4032a8" d="m 9.028871e-5,480.0001 v 0 C 9.028871e-5,214.90342 214.90341,1e-4 480.00009,1e-4 v 0 c 127.30393,0 249.39377,50.571285 339.41122,140.58875 90.01752,90.01746 140.58875,212.10733 140.58875,339.41125 v 0 c 0,265.09665 -214.90332,479.99997 -479.99997,479.99997 v 0 C 214.90341,960.00007 9.028871e-5,745.09675 9.028871e-5,480.0001 Z" fill-rule="evenodd"/><path stroke="#ffffff" stroke-width="4" stroke-linejoin="round" stroke-linecap="butt" d="m 60.00009,480.0001 v 0 c 0,-231.9596 188.0404,-420 420,-420 v 0 c 111.3909,0 218.21957,44.24988 296.98483,123.01516 78.76532,78.76527 123.01514,185.59392 123.01514,296.98486 v 0 c 0,231.95956 -188.0404,419.99997 -419.99997,419.99997 v 0 c -231.9596,0 -420,-188.0404 -420,-419.99997 z" fill-rule="evenodd" style="stroke-width:10.6666668;stroke-dasharray:none"/><path stroke="#ffffff" stroke-width="4" stroke-linejoin="round" stroke-linecap="butt" d="m 120.00009,480.0001 v 0 c 0,-198.82251 161.17749,-360 360,-360 v 0 c 95.47794,0 187.04532,37.92846 254.55844,105.44157 67.51312,67.51309 105.44153,159.0805 105.44153,254.55844 v 0 c 0,198.82248 -161.17749,359.99997 -359.99997,359.99997 v 0 c -198.82251,0 -360,-161.17749 -360,-359.99997 z" fill-rule="evenodd" style="stroke-width:10.6666668;stroke-dasharray:none"/><path fill="#ffffff" d="m 319.01666,480.00092 v 0 c 0,-88.90915 72.0751,-160.98425 160.98425,-160.98425 v 0 c 42.69568,0 83.64264,16.96078 113.83307,47.15121 30.19037,30.1904 47.15118,71.13736 47.15118,113.83304 v 0 c 0,88.90918 -72.07507,160.98425 -160.98425,160.98425 v 0 c -88.90915,0 -160.98425,-72.07507 -160.98425,-160.98425 z" fill-rule="evenodd" style="display:inline"/><path stroke="#ffffff" stroke-width="4" stroke-linejoin="round" stroke-linecap="butt" d="m 180.00009,480.0001 v 0 c 0,-165.68542 134.31458,-300 300,-300 v 0 c 79.56497,0 155.87112,31.60704 212.13205,87.86795 56.26092,56.26092 87.86792,132.56711 87.86792,212.13205 v 0 c 0,165.6854 -134.31458,299.99997 -299.99997,299.99997 v 0 c -165.68542,0 -300,-134.31458 -300,-299.99997 z" fill-rule="evenodd" style="stroke-width:10.6666668;stroke-dasharray:none"/><path fill="#ffffff" d="M 427.60658,-273.65095 504.05265,93.386828 478.34507,135.07715 570.21183,450.80446 544.78065,501.65549 662.47712,1028.614 477.52388,620.42282 508.81779,566.37301 393.66837,305.06321 429.7686,227.61648 308.24258,-46.542095 Z" fill-rule="evenodd" style="stroke-width:1.16873" clip-path="url(#clippath)"/></g></g></g></svg>
|
|
||||||
|
Before Width: | Height: | Size: 3.3 KiB |
@@ -1,2 +0,0 @@
|
|||||||
DROP INDEX users_username_idx;
|
|
||||||
DROP TABLE users;
|
|
||||||
@@ -1,8 +0,0 @@
|
|||||||
CREATE TABLE users (
|
|
||||||
id INTEGER PRIMARY KEY UNIQUE NOT NULL GENERATED ALWAYS AS IDENTITY,
|
|
||||||
username VARCHAR UNIQUE NOT NULL,
|
|
||||||
hashed_password VARCHAR NOT NULL,
|
|
||||||
created_at TIMESTAMPTZ NOT NULL DEFAULT NOW()
|
|
||||||
);
|
|
||||||
|
|
||||||
CREATE UNIQUE INDEX users_username_idx ON users(username);
|
|
||||||
@@ -1,94 +0,0 @@
|
|||||||
use dioxus::prelude::*;
|
|
||||||
|
|
||||||
use crate::models::user::{User, UserCredentials};
|
|
||||||
use crate::util::error::Result;
|
|
||||||
|
|
||||||
cfg_if::cfg_if! {
|
|
||||||
if #[cfg(feature = "server")] {
|
|
||||||
|
|
||||||
use dioxus::server::axum::Extension;
|
|
||||||
|
|
||||||
use crate::server::{auth::{AuthSession, create_user}, config::Config, database::DbPool};
|
|
||||||
use crate::util::error::{AuthError, Contextualize, Error, ErrorType};
|
|
||||||
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
#[post("/api/v1/auth/signup", mut auth: Extension<AuthSession>, db_pool: Extension<DbPool>, config: Extension<Config>)]
|
|
||||||
pub async fn signup(credentials: UserCredentials) -> Result<User> {
|
|
||||||
if !config.auth.open_signup {
|
|
||||||
return Err(Error::message_here("Signup is disabled"));
|
|
||||||
}
|
|
||||||
|
|
||||||
// Don't allow signup when already logged in
|
|
||||||
if auth.user.is_some() {
|
|
||||||
return Err(Error::message_here("Log out before creating an account"));
|
|
||||||
}
|
|
||||||
|
|
||||||
let hashed_creds = credentials
|
|
||||||
.try_hash()
|
|
||||||
.map_err(|e| Error::message_here(e.to_string()))
|
|
||||||
.err_context("Error hashing new user credentials")?;
|
|
||||||
|
|
||||||
let mut db_conn = db_pool
|
|
||||||
.get()
|
|
||||||
.await
|
|
||||||
.err_context("Failed to get database pool connection")?;
|
|
||||||
|
|
||||||
let new_user = create_user(&mut db_conn, &hashed_creds)
|
|
||||||
.await
|
|
||||||
.err_context("Error creating user")?;
|
|
||||||
|
|
||||||
// Don't return this to the client, logging in immediately isn't strictly necessary
|
|
||||||
if let Err(e) = auth.login(&new_user).await {
|
|
||||||
tracing::warn!("Failed to log in user after creating: {e}");
|
|
||||||
}
|
|
||||||
|
|
||||||
Ok(new_user.into())
|
|
||||||
}
|
|
||||||
|
|
||||||
#[post("/api/v1/auth/login", mut auth: Extension<AuthSession>)]
|
|
||||||
pub async fn login(credentials: UserCredentials) -> Result<User> {
|
|
||||||
let db_user = match auth.authenticate(credentials).await {
|
|
||||||
Ok(Some(db_user)) => Ok(db_user),
|
|
||||||
Ok(None) => Err(Error::new_here(ErrorType::Auth(
|
|
||||||
AuthError::InvalidCredentials,
|
|
||||||
))),
|
|
||||||
Err(axum_login::Error::Session(e)) => Err(Error::new_here(ErrorType::Auth(
|
|
||||||
AuthError::Error(format!("Session error: {e}")),
|
|
||||||
))),
|
|
||||||
Err(axum_login::Error::Backend(e)) => Err(e),
|
|
||||||
}
|
|
||||||
.err_context("Error authenticating")?;
|
|
||||||
|
|
||||||
auth.login(&db_user)
|
|
||||||
.await
|
|
||||||
.map_err(|e| Error::new_here(ErrorType::Auth(AuthError::Error(e.to_string()))))
|
|
||||||
.err_context("Error logging in")?;
|
|
||||||
|
|
||||||
Ok(db_user.into())
|
|
||||||
}
|
|
||||||
|
|
||||||
#[post("/api/v1/auth/logout", mut auth: Extension<AuthSession>)]
|
|
||||||
pub async fn logout() -> Result<()> {
|
|
||||||
match auth.logout().await {
|
|
||||||
Ok(_) => Ok(()),
|
|
||||||
Err(axum_login::Error::Session(e)) => Err(Error::new_here(ErrorType::Auth(
|
|
||||||
AuthError::Error(format!("Session error: {e}")),
|
|
||||||
))),
|
|
||||||
Err(axum_login::Error::Backend(e)) => Err(e),
|
|
||||||
}
|
|
||||||
.err_context("Error logging out")
|
|
||||||
}
|
|
||||||
|
|
||||||
/// Retrieve the currently logged-in user, or `None` if unauthenticated
|
|
||||||
#[get("/api/v1/auth/user", auth: Extension<AuthSession>)]
|
|
||||||
pub async fn get_user() -> Result<Option<User>> {
|
|
||||||
Ok(auth.user.clone().map(Into::into))
|
|
||||||
}
|
|
||||||
|
|
||||||
/// Check if open signup is enabled
|
|
||||||
#[get("/api/v1/auth/open-signup", config: Extension<Config>)]
|
|
||||||
pub async fn open_signup() -> Result<bool> {
|
|
||||||
Ok(config.auth.open_signup)
|
|
||||||
}
|
|
||||||
@@ -1 +1 @@
|
|||||||
pub mod auth;
|
|
||||||
|
|||||||
@@ -1,7 +1,5 @@
|
|||||||
use dioxus::prelude::*;
|
use dioxus::prelude::*;
|
||||||
|
|
||||||
pub const LOGO_SVG: Asset = asset!("/assets/logo.svg");
|
|
||||||
pub const LOGO_ICO: Asset = asset!("/assets/favicon.ico");
|
|
||||||
const TAILWIND_CSS: Asset = asset!("/assets/tailwind.css");
|
const TAILWIND_CSS: Asset = asset!("/assets/tailwind.css");
|
||||||
|
|
||||||
#[derive(Debug, Clone, Routable, PartialEq)]
|
#[derive(Debug, Clone, Routable, PartialEq)]
|
||||||
@@ -14,7 +12,6 @@ enum Route {
|
|||||||
#[component]
|
#[component]
|
||||||
pub fn App() -> Element {
|
pub fn App() -> Element {
|
||||||
rsx! {
|
rsx! {
|
||||||
document::Link { rel: "icon", href: LOGO_ICO }
|
|
||||||
document::Link { rel: "stylesheet", href: TAILWIND_CSS }
|
document::Link { rel: "stylesheet", href: TAILWIND_CSS }
|
||||||
Router::<Route> {}
|
Router::<Route> {}
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -1,35 +0,0 @@
|
|||||||
use dioxus::prelude::*;
|
|
||||||
|
|
||||||
use crate::app::LOGO_SVG;
|
|
||||||
|
|
||||||
#[component]
|
|
||||||
pub fn Footer() -> Element {
|
|
||||||
rsx! {
|
|
||||||
footer {
|
|
||||||
class: "footer md:footer-horizontal fixed bottom-0 text-base-content/70 bg-base-300 items-center p-4",
|
|
||||||
|
|
||||||
aside {
|
|
||||||
class: "flex items-center",
|
|
||||||
|
|
||||||
img {
|
|
||||||
class: "w-12 h-12",
|
|
||||||
src: LOGO_SVG,
|
|
||||||
}
|
|
||||||
|
|
||||||
div {
|
|
||||||
p {
|
|
||||||
class: "text-xl font-bold",
|
|
||||||
"LibreTunes",
|
|
||||||
}
|
|
||||||
|
|
||||||
a {
|
|
||||||
class: "text-sm",
|
|
||||||
href: env!("CARGO_PKG_REPOSITORY"),
|
|
||||||
"v" {env!("CARGO_PKG_VERSION")},
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
@@ -1,101 +0,0 @@
|
|||||||
use dioxus::prelude::*;
|
|
||||||
use serde::de::DeserializeOwned;
|
|
||||||
|
|
||||||
use crate::util::error::Error;
|
|
||||||
|
|
||||||
/// A simple styled form card. Parses form fields into the provided generic type, and calls the
|
|
||||||
/// callback when submitted via button or enter key.
|
|
||||||
#[component]
|
|
||||||
pub fn Form<T>(
|
|
||||||
/// Heading above the form
|
|
||||||
title: String,
|
|
||||||
/// Form content, placed inside a `fieldset`
|
|
||||||
children: Element,
|
|
||||||
/// Text displayed on the form button
|
|
||||||
action_message: String,
|
|
||||||
/// Form-related error. Set to a parsing error on parse failure, or can be used to display any
|
|
||||||
/// submission error. Clears on each submit. Displays as a card between the inputs and action
|
|
||||||
/// button, opens a modal on click.
|
|
||||||
#[props(default)]
|
|
||||||
error: Signal<Option<Error>>,
|
|
||||||
/// Whether the form should display in a "loading" state, disables the action button and
|
|
||||||
/// displays a loading animation instead. For best UX, especially on pages the user might open
|
|
||||||
/// directly as opposed to navigate to within the app, initialize to true. This component will
|
|
||||||
/// set it to false when run. This sequence will discourage users from submitting the form
|
|
||||||
/// before the page is ready to handle it. Can also be used to indicate background work is
|
|
||||||
/// taking place in the `callback`, but this is not done automatically.
|
|
||||||
#[props(default)]
|
|
||||||
loading: Signal<bool>,
|
|
||||||
/// Content to display below the action button
|
|
||||||
#[props(default)]
|
|
||||||
extra_content: Option<Element>,
|
|
||||||
/// Form submission callback. Called with the deserialized form inputs.
|
|
||||||
onsubmit: Callback<T>,
|
|
||||||
) -> Element
|
|
||||||
where
|
|
||||||
T: DeserializeOwned + 'static,
|
|
||||||
{
|
|
||||||
// Button is initialized to loading, then set back when WASM is finished loading (use_effect
|
|
||||||
// runs only on the client)
|
|
||||||
use_effect(move || loading.set(false));
|
|
||||||
|
|
||||||
rsx! {
|
|
||||||
div {
|
|
||||||
class: "card card-xl w-full sm:w-100 sm:h-fit bg-base-200",
|
|
||||||
|
|
||||||
form {
|
|
||||||
onsubmit: move |evt| {
|
|
||||||
evt.prevent_default();
|
|
||||||
|
|
||||||
let data: T = match evt.data.parsed_values() {
|
|
||||||
Ok(data) => data,
|
|
||||||
Err(e) => {
|
|
||||||
let e = Error::message_here(e.to_string())
|
|
||||||
.with_context("Failed to parse form inputs");
|
|
||||||
|
|
||||||
error.set(Some(e));
|
|
||||||
return;
|
|
||||||
}
|
|
||||||
};
|
|
||||||
|
|
||||||
error.set(None);
|
|
||||||
|
|
||||||
onsubmit.call(data);
|
|
||||||
},
|
|
||||||
|
|
||||||
class: "card-body gap-3",
|
|
||||||
|
|
||||||
h1 {
|
|
||||||
class: "card-title",
|
|
||||||
{title}
|
|
||||||
}
|
|
||||||
|
|
||||||
fieldset {
|
|
||||||
class: "fieldset pt-0 gap-1",
|
|
||||||
{children}
|
|
||||||
}
|
|
||||||
|
|
||||||
{error().map(|e| e.as_alert())}
|
|
||||||
|
|
||||||
div {
|
|
||||||
class: "card-actions gap-4",
|
|
||||||
|
|
||||||
button {
|
|
||||||
class: "btn btn-primary btn-block",
|
|
||||||
disabled: loading(),
|
|
||||||
|
|
||||||
if loading() {
|
|
||||||
span {
|
|
||||||
class: "loading loading-dots"
|
|
||||||
}
|
|
||||||
} else {
|
|
||||||
{action_message}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
{extra_content}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
@@ -1,68 +0,0 @@
|
|||||||
use dioxus::prelude::*;
|
|
||||||
|
|
||||||
/// A simple styled input box
|
|
||||||
#[component]
|
|
||||||
pub fn FormInput(
|
|
||||||
/// The placeholder text and label. When text is entered in the input, the label is shown above
|
|
||||||
/// the input box.
|
|
||||||
label: String,
|
|
||||||
#[props(default)] name: Option<String>,
|
|
||||||
#[props(default)] required: bool,
|
|
||||||
#[props(default)] r#type: String,
|
|
||||||
children: Element,
|
|
||||||
) -> Element {
|
|
||||||
let name = name.unwrap_or(label.to_lowercase());
|
|
||||||
|
|
||||||
rsx! {
|
|
||||||
div {
|
|
||||||
class: "group/field",
|
|
||||||
|
|
||||||
p {
|
|
||||||
class: "opacity-0 not-group-has-placeholder-shown/field:opacity-70 transition-opacity pl-2",
|
|
||||||
{label.clone()}
|
|
||||||
}
|
|
||||||
|
|
||||||
label {
|
|
||||||
class: "input w-full",
|
|
||||||
|
|
||||||
{children}
|
|
||||||
|
|
||||||
input {
|
|
||||||
name,
|
|
||||||
required,
|
|
||||||
r#type,
|
|
||||||
placeholder: label,
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
#[component]
|
|
||||||
pub fn UsernameInput() -> Element {
|
|
||||||
rsx! {
|
|
||||||
FormInput {
|
|
||||||
label: "Username",
|
|
||||||
required: true,
|
|
||||||
|
|
||||||
lucide_dioxus::UserRound {
|
|
||||||
class: "opacity-50",
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
#[component]
|
|
||||||
pub fn PasswordInput() -> Element {
|
|
||||||
rsx! {
|
|
||||||
FormInput {
|
|
||||||
label: "Password",
|
|
||||||
required: true,
|
|
||||||
r#type: "password",
|
|
||||||
|
|
||||||
lucide_dioxus::KeyRound {
|
|
||||||
class: "opacity-50",
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
@@ -1,7 +1 @@
|
|||||||
pub mod footer;
|
|
||||||
pub mod form;
|
|
||||||
pub mod form_input;
|
|
||||||
|
|
||||||
pub use footer::*;
|
|
||||||
pub use form::*;
|
|
||||||
pub use form_input::*;
|
|
||||||
|
|||||||
16
src/main.rs
16
src/main.rs
@@ -3,10 +3,8 @@ pub mod app;
|
|||||||
pub mod components;
|
pub mod components;
|
||||||
pub mod models;
|
pub mod models;
|
||||||
pub mod pages;
|
pub mod pages;
|
||||||
pub mod util;
|
|
||||||
|
|
||||||
#[cfg(feature = "server")]
|
|
||||||
pub mod schema;
|
pub mod schema;
|
||||||
|
pub mod util;
|
||||||
|
|
||||||
#[cfg(feature = "server")]
|
#[cfg(feature = "server")]
|
||||||
pub mod server;
|
pub mod server;
|
||||||
@@ -16,9 +14,6 @@ use crate::app::App;
|
|||||||
fn tracing_setup() {
|
fn tracing_setup() {
|
||||||
#[cfg(debug_assertions)]
|
#[cfg(debug_assertions)]
|
||||||
dioxus::logger::init(tracing::Level::DEBUG).expect("Failed to initialize tracing logger");
|
dioxus::logger::init(tracing::Level::DEBUG).expect("Failed to initialize tracing logger");
|
||||||
|
|
||||||
#[cfg(not(debug_assertions))]
|
|
||||||
dioxus::logger::init(tracing::Level::INFO).expect("Failed to initialize tracing logger");
|
|
||||||
}
|
}
|
||||||
|
|
||||||
#[cfg(not(feature = "server"))]
|
#[cfg(not(feature = "server"))]
|
||||||
@@ -28,11 +23,8 @@ fn main() {
|
|||||||
}
|
}
|
||||||
|
|
||||||
#[cfg(feature = "server")]
|
#[cfg(feature = "server")]
|
||||||
fn main() -> std::process::ExitCode {
|
#[tokio::main]
|
||||||
|
async fn main() {
|
||||||
tracing_setup();
|
tracing_setup();
|
||||||
|
server::main().await
|
||||||
let Err(e) = server::main();
|
|
||||||
tracing::error!("Server main failed:\n{e}");
|
|
||||||
|
|
||||||
std::process::ExitCode::FAILURE
|
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -1 +1 @@
|
|||||||
pub mod user;
|
|
||||||
|
|||||||
@@ -1,147 +0,0 @@
|
|||||||
//! Various user types. Some types marked server-only to help prevent
|
|
||||||
//! leaking passwords to the frontend
|
|
||||||
|
|
||||||
use serde::{Deserialize, Serialize};
|
|
||||||
|
|
||||||
/// Standard informational user type, contains no password information
|
|
||||||
#[derive(Clone, Debug, Deserialize, Serialize)]
|
|
||||||
#[cfg_attr(feature = "server", derive(Queryable, Selectable, Identifiable))]
|
|
||||||
#[cfg_attr(feature = "server", diesel(table_name = crate::schema::users,
|
|
||||||
check_for_backend(diesel::pg::Pg)))]
|
|
||||||
pub struct User {
|
|
||||||
pub id: i32,
|
|
||||||
pub username: String,
|
|
||||||
pub created_at: chrono::DateTime<chrono::Local>,
|
|
||||||
}
|
|
||||||
|
|
||||||
/// Plaintext user credentials, used for login/signup form
|
|
||||||
#[derive(Deserialize, Serialize)]
|
|
||||||
pub struct UserCredentials {
|
|
||||||
pub username: String,
|
|
||||||
pub password: String,
|
|
||||||
}
|
|
||||||
|
|
||||||
cfg_if::cfg_if! {
|
|
||||||
if #[cfg(feature = "server")] {
|
|
||||||
|
|
||||||
use diesel::{
|
|
||||||
deserialize::{FromSql, FromSqlRow},
|
|
||||||
expression::AsExpression,
|
|
||||||
prelude::*,
|
|
||||||
serialize::ToSql,
|
|
||||||
sql_types,
|
|
||||||
};
|
|
||||||
use pbkdf2::{
|
|
||||||
PasswordHasher, PasswordVerifier, Pbkdf2, password_hash::Error::PasswordInvalid,
|
|
||||||
phc::PasswordHash,
|
|
||||||
};
|
|
||||||
|
|
||||||
use crate::util::error::{Error, Result};
|
|
||||||
|
|
||||||
/// Newtype for a `String`-represented hashed password
|
|
||||||
#[derive(Clone, Debug, AsExpression, FromSqlRow)]
|
|
||||||
#[diesel(sql_type = sql_types::Text)]
|
|
||||||
pub struct HashedPassword(String);
|
|
||||||
|
|
||||||
impl HashedPassword {
|
|
||||||
/// Check a password attempt against this hashed password
|
|
||||||
///
|
|
||||||
/// # Returns
|
|
||||||
///
|
|
||||||
/// `Ok(true)` for a correct password
|
|
||||||
/// `Ok(false)` for an incorrect password
|
|
||||||
/// `Err` for a hashing error
|
|
||||||
pub fn check(&self, password_attempt: String) -> Result<bool> {
|
|
||||||
let pw_hash = PasswordHash::new(&self.0)
|
|
||||||
.map_err(|e| Error::message_here(format!("Error parsing `HashedPassword`: {e}")))?;
|
|
||||||
|
|
||||||
match Pbkdf2::default().verify_password(password_attempt.as_bytes(), &pw_hash) {
|
|
||||||
Ok(()) => Ok(true),
|
|
||||||
Err(PasswordInvalid) => Ok(false),
|
|
||||||
Err(e) => Err(Error::message_here(format!(
|
|
||||||
"Error comparing password attempt against hash: {e}"
|
|
||||||
))),
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
/// Returns the "session auth hash" for `axum-login`, just the hashed password as bytes
|
|
||||||
pub fn auth_hash(&self) -> &[u8] {
|
|
||||||
self.0.as_bytes()
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
impl<DB> FromSql<diesel::sql_types::Text, DB> for HashedPassword
|
|
||||||
where
|
|
||||||
DB: diesel::backend::Backend,
|
|
||||||
String: FromSql<sql_types::Text, DB>,
|
|
||||||
{
|
|
||||||
fn from_sql(bytes: DB::RawValue<'_>) -> diesel::deserialize::Result<Self> {
|
|
||||||
Ok(Self(String::from_sql(bytes)?))
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
impl<DB> ToSql<diesel::sql_types::Text, DB> for HashedPassword
|
|
||||||
where
|
|
||||||
DB: diesel::backend::Backend,
|
|
||||||
String: ToSql<sql_types::Text, DB>,
|
|
||||||
{
|
|
||||||
fn to_sql<'b>(
|
|
||||||
&'b self,
|
|
||||||
out: &mut diesel::serialize::Output<'b, '_, DB>,
|
|
||||||
) -> diesel::serialize::Result {
|
|
||||||
self.0.to_sql(out)
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
/// User as it appears in the database, with hashed password
|
|
||||||
#[derive(Clone, Debug, Identifiable, Queryable, Selectable)]
|
|
||||||
#[diesel(table_name = crate::schema::users, check_for_backend(diesel::pg::Pg))]
|
|
||||||
pub struct DbUser {
|
|
||||||
pub id: i32,
|
|
||||||
pub username: String,
|
|
||||||
pub hashed_password: HashedPassword,
|
|
||||||
pub created_at: chrono::DateTime<chrono::Local>,
|
|
||||||
}
|
|
||||||
|
|
||||||
impl From<DbUser> for User {
|
|
||||||
fn from(db_user: DbUser) -> Self {
|
|
||||||
User {
|
|
||||||
id: db_user.id,
|
|
||||||
username: db_user.username,
|
|
||||||
created_at: db_user.created_at,
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
/// User credentials with hashed password
|
|
||||||
#[derive(Clone, Debug, Insertable, Queryable, Selectable)]
|
|
||||||
#[diesel(table_name = crate::schema::users, check_for_backend(diesel::pg::Pg))]
|
|
||||||
pub struct HashedUserCredentials {
|
|
||||||
username: String,
|
|
||||||
hashed_password: HashedPassword,
|
|
||||||
}
|
|
||||||
|
|
||||||
impl From<DbUser> for HashedUserCredentials {
|
|
||||||
fn from(db_user: DbUser) -> Self {
|
|
||||||
HashedUserCredentials {
|
|
||||||
username: db_user.username,
|
|
||||||
hashed_password: db_user.hashed_password,
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
impl UserCredentials {
|
|
||||||
/// Attempt to convert into `HashedUserCredentials` by hashing the password. Yields a PBKDF2
|
|
||||||
/// error on failure.
|
|
||||||
pub fn try_hash(self) -> Result<HashedUserCredentials, pbkdf2::password_hash::Error> {
|
|
||||||
let hashed_password = Pbkdf2::default().hash_password(self.password.as_bytes())?;
|
|
||||||
|
|
||||||
Ok(HashedUserCredentials {
|
|
||||||
username: self.username,
|
|
||||||
hashed_password: HashedPassword(hashed_password.to_string()),
|
|
||||||
})
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
}
|
|
||||||
}
|
|
||||||
@@ -1,10 +1 @@
|
|||||||
// @generated automatically by Diesel CLI.
|
// @generated automatically by Diesel CLI.
|
||||||
|
|
||||||
diesel::table! {
|
|
||||||
users (id) {
|
|
||||||
id -> Int4,
|
|
||||||
username -> Varchar,
|
|
||||||
hashed_password -> Varchar,
|
|
||||||
created_at -> Timestamptz,
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|||||||
@@ -1,122 +0,0 @@
|
|||||||
use axum_login::{AuthManagerLayer, AuthUser, AuthnBackend, UserId};
|
|
||||||
use diesel::prelude::*;
|
|
||||||
use diesel_async::RunQueryDsl;
|
|
||||||
use tower_sessions_redis_store::RedisStore;
|
|
||||||
|
|
||||||
use crate::models::user::{DbUser, HashedUserCredentials, UserCredentials};
|
|
||||||
use crate::server::{
|
|
||||||
database::{DbConn, DbPool},
|
|
||||||
key_val_store::KeyValPool,
|
|
||||||
};
|
|
||||||
use crate::util::error::{Contextualize, Error, Result};
|
|
||||||
|
|
||||||
pub type AuthLayer = AuthManagerLayer<AuthBackend, RedisStore<KeyValPool>>;
|
|
||||||
pub type AuthSession = axum_login::AuthSession<AuthBackend>;
|
|
||||||
|
|
||||||
impl AuthUser for DbUser {
|
|
||||||
type Id = i32;
|
|
||||||
|
|
||||||
fn id(&self) -> Self::Id {
|
|
||||||
self.id
|
|
||||||
}
|
|
||||||
|
|
||||||
fn session_auth_hash(&self) -> &[u8] {
|
|
||||||
self.hashed_password.auth_hash()
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
#[derive(Clone)]
|
|
||||||
pub struct AuthBackend {
|
|
||||||
pub db_pool: DbPool,
|
|
||||||
}
|
|
||||||
|
|
||||||
impl AuthnBackend for AuthBackend {
|
|
||||||
type User = DbUser;
|
|
||||||
type Credentials = UserCredentials;
|
|
||||||
type Error = Error;
|
|
||||||
|
|
||||||
async fn authenticate(
|
|
||||||
&self,
|
|
||||||
attempt_creds: Self::Credentials,
|
|
||||||
) -> Result<Option<Self::User>, Self::Error> {
|
|
||||||
let mut db_conn = self
|
|
||||||
.db_pool
|
|
||||||
.get()
|
|
||||||
.await
|
|
||||||
.err_context("Failed to get database pool connection")?;
|
|
||||||
|
|
||||||
let user = get_user_by_username(&mut db_conn, attempt_creds.username)
|
|
||||||
.await
|
|
||||||
.err_context("Error fetching user for authentication check")?;
|
|
||||||
|
|
||||||
let Some(user) = user else { return Ok(None) };
|
|
||||||
|
|
||||||
let password_result = user
|
|
||||||
.hashed_password
|
|
||||||
.check(attempt_creds.password)
|
|
||||||
.err_context("Error checking user password attempt")?;
|
|
||||||
|
|
||||||
if password_result {
|
|
||||||
Ok(Some(user))
|
|
||||||
} else {
|
|
||||||
Ok(None)
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
async fn get_user(&self, user_id: &UserId<Self>) -> Result<Option<Self::User>, Self::Error> {
|
|
||||||
let mut db_conn = self
|
|
||||||
.db_pool
|
|
||||||
.get()
|
|
||||||
.await
|
|
||||||
.err_context("Failed to get database pool connection")?;
|
|
||||||
|
|
||||||
get_user_by_id(&mut db_conn, *user_id)
|
|
||||||
.await
|
|
||||||
.err_context("Failed fetching user for session")
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
pub async fn create_user(
|
|
||||||
db_conn: &mut DbConn,
|
|
||||||
credentials: &HashedUserCredentials,
|
|
||||||
) -> Result<DbUser> {
|
|
||||||
diesel::insert_into(crate::schema::users::table)
|
|
||||||
.values(credentials)
|
|
||||||
.get_result(db_conn)
|
|
||||||
.await
|
|
||||||
.err_context("Error creating user")
|
|
||||||
}
|
|
||||||
|
|
||||||
pub async fn get_user_by_id(db_conn: &mut DbConn, id: i32) -> Result<Option<DbUser>> {
|
|
||||||
crate::schema::users::table
|
|
||||||
.find(id)
|
|
||||||
.first(db_conn)
|
|
||||||
.await
|
|
||||||
.optional()
|
|
||||||
.err_context("Error fetching user from database by id")
|
|
||||||
}
|
|
||||||
|
|
||||||
pub async fn get_user_by_username(
|
|
||||||
db_conn: &mut DbConn,
|
|
||||||
username: String,
|
|
||||||
) -> Result<Option<DbUser>> {
|
|
||||||
crate::schema::users::table
|
|
||||||
.filter(crate::schema::users::username.eq(username))
|
|
||||||
.first(db_conn)
|
|
||||||
.await
|
|
||||||
.optional()
|
|
||||||
.err_context("Error fetching user from database by username")
|
|
||||||
}
|
|
||||||
|
|
||||||
/// Create the authentication middleware layer
|
|
||||||
pub fn build_auth_layer(db_pool: DbPool, key_val_pool: KeyValPool, use_secure: bool) -> AuthLayer {
|
|
||||||
use axum_login::{AuthManagerLayerBuilder, tower_sessions::SessionManagerLayer};
|
|
||||||
use tower_sessions_redis_store::RedisStore;
|
|
||||||
|
|
||||||
let auth_session_store = RedisStore::new(key_val_pool);
|
|
||||||
let session_layer = SessionManagerLayer::new(auth_session_store).with_secure(use_secure);
|
|
||||||
|
|
||||||
let auth_backend = AuthBackend { db_pool };
|
|
||||||
|
|
||||||
AuthManagerLayerBuilder::new(auth_backend, session_layer).build()
|
|
||||||
}
|
|
||||||
@@ -1,193 +0,0 @@
|
|||||||
use std::path::PathBuf;
|
|
||||||
|
|
||||||
use serde::Deserialize;
|
|
||||||
|
|
||||||
/// Enable secure cookies by default only in release mode
|
|
||||||
/// (Secure cookies can't be set over HTTP. Rough assumption: development is done over HTTP)
|
|
||||||
const DEFAULT_COOKIES_SECURE: bool = cfg!(not(debug_assertions));
|
|
||||||
|
|
||||||
#[derive(Debug, Clone, Deserialize)]
|
|
||||||
pub struct AuthConfig {
|
|
||||||
pub open_signup: bool,
|
|
||||||
pub cookies_secure: bool,
|
|
||||||
}
|
|
||||||
|
|
||||||
/// Build a connection URI from parts
|
|
||||||
fn format_uri(
|
|
||||||
scheme: &str,
|
|
||||||
username: &Option<String>,
|
|
||||||
password: &Option<String>,
|
|
||||||
host: &str,
|
|
||||||
port: &Option<u16>,
|
|
||||||
path: &Option<String>,
|
|
||||||
) -> String {
|
|
||||||
let mut url = format!("{scheme}://");
|
|
||||||
|
|
||||||
if let Some(username) = username {
|
|
||||||
url.push_str(username);
|
|
||||||
|
|
||||||
if let Some(password) = password {
|
|
||||||
url.push_str(&format!(":{password}"));
|
|
||||||
}
|
|
||||||
|
|
||||||
url.push('@');
|
|
||||||
}
|
|
||||||
|
|
||||||
url.push_str(host);
|
|
||||||
|
|
||||||
if let Some(port) = port {
|
|
||||||
url.push_str(&format!(":{port}"));
|
|
||||||
}
|
|
||||||
|
|
||||||
if let Some(path) = path {
|
|
||||||
url.push_str(&format!("/{path}"));
|
|
||||||
}
|
|
||||||
|
|
||||||
url
|
|
||||||
}
|
|
||||||
|
|
||||||
#[derive(Debug, Clone, Deserialize)]
|
|
||||||
pub struct DatabaseConfig {
|
|
||||||
#[serde(flatten)]
|
|
||||||
connection: DatabaseConnectionConfig,
|
|
||||||
}
|
|
||||||
|
|
||||||
impl DatabaseConfig {
|
|
||||||
/// Get the configured database connection URI
|
|
||||||
pub fn connection_uri(&self) -> String {
|
|
||||||
self.connection.as_uri()
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
#[derive(Debug, Clone, Deserialize)]
|
|
||||||
#[serde(untagged)]
|
|
||||||
enum DatabaseConnectionConfig {
|
|
||||||
FromUrl {
|
|
||||||
url: String,
|
|
||||||
},
|
|
||||||
FromParts {
|
|
||||||
host: String,
|
|
||||||
port: Option<u16>,
|
|
||||||
database: Option<String>,
|
|
||||||
username: Option<String>,
|
|
||||||
password: Option<String>,
|
|
||||||
},
|
|
||||||
}
|
|
||||||
|
|
||||||
impl DatabaseConnectionConfig {
|
|
||||||
/// Convert this configuration into the Postgres connection URI
|
|
||||||
pub fn as_uri(&self) -> String {
|
|
||||||
match self {
|
|
||||||
Self::FromUrl { url } => url.clone(),
|
|
||||||
Self::FromParts {
|
|
||||||
host,
|
|
||||||
port,
|
|
||||||
database,
|
|
||||||
username,
|
|
||||||
password,
|
|
||||||
} => format_uri("postgres", username, password, host, port, database),
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
#[derive(Debug, Clone, Deserialize)]
|
|
||||||
#[serde(untagged)]
|
|
||||||
enum KeyValStoreConnectionConfig {
|
|
||||||
FromUrl {
|
|
||||||
url: String,
|
|
||||||
},
|
|
||||||
FromParts {
|
|
||||||
scheme: Option<String>,
|
|
||||||
host: String,
|
|
||||||
port: Option<u16>,
|
|
||||||
database: Option<String>,
|
|
||||||
username: Option<String>,
|
|
||||||
password: Option<String>,
|
|
||||||
},
|
|
||||||
}
|
|
||||||
|
|
||||||
impl KeyValStoreConnectionConfig {
|
|
||||||
/// Convert this configuration into the Redis connection URI
|
|
||||||
pub fn as_uri(&self) -> String {
|
|
||||||
match self {
|
|
||||||
Self::FromUrl { url } => url.clone(),
|
|
||||||
Self::FromParts {
|
|
||||||
scheme,
|
|
||||||
host,
|
|
||||||
port,
|
|
||||||
database,
|
|
||||||
username,
|
|
||||||
password,
|
|
||||||
} => format_uri(
|
|
||||||
scheme.as_deref().unwrap_or("redis"),
|
|
||||||
username,
|
|
||||||
password,
|
|
||||||
host,
|
|
||||||
port,
|
|
||||||
database,
|
|
||||||
),
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
#[derive(Debug, Clone, Deserialize)]
|
|
||||||
pub struct KeyValStoreConfig {
|
|
||||||
#[serde(flatten)]
|
|
||||||
connection: KeyValStoreConnectionConfig,
|
|
||||||
}
|
|
||||||
|
|
||||||
impl KeyValStoreConfig {
|
|
||||||
/// Get the configured database connection URI
|
|
||||||
pub fn connection_uri(&self) -> String {
|
|
||||||
self.connection.as_uri()
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
#[derive(Debug, Clone, Deserialize)]
|
|
||||||
pub struct ServerConfig {
|
|
||||||
pub public_path: PathBuf,
|
|
||||||
}
|
|
||||||
|
|
||||||
#[derive(Debug, Clone, Deserialize)]
|
|
||||||
/// Top-level application configuration
|
|
||||||
pub struct Config {
|
|
||||||
pub auth: AuthConfig,
|
|
||||||
pub database: DatabaseConfig,
|
|
||||||
pub key_val_store: KeyValStoreConfig,
|
|
||||||
pub server: ServerConfig,
|
|
||||||
}
|
|
||||||
|
|
||||||
/// Parse configuration from the expected files and environment variables
|
|
||||||
pub fn load_config() -> Result<Config, config::ConfigError> {
|
|
||||||
use config::{Environment, File};
|
|
||||||
|
|
||||||
let pkg_name = env!("CARGO_PKG_NAME");
|
|
||||||
|
|
||||||
config::Config::builder()
|
|
||||||
.set_default("server.port", 8080)?
|
|
||||||
.set_default("auth.open_signup", false)?
|
|
||||||
.set_default("auth.cookies_secure", DEFAULT_COOKIES_SECURE)?
|
|
||||||
.set_default("server.public_path", default_public_dir())?
|
|
||||||
.add_source(File::with_name(&format!("/etc/{pkg_name}/config")).required(false))
|
|
||||||
.add_source(File::with_name(&format!("/etc/{pkg_name}")).required(false))
|
|
||||||
.add_source(File::with_name("config").required(false))
|
|
||||||
.add_source(Environment::with_prefix(pkg_name).separator("_"))
|
|
||||||
.build()?
|
|
||||||
.try_deserialize()
|
|
||||||
}
|
|
||||||
|
|
||||||
/// Provide a sane default for the public path, using the same sources as Dioxus does internally.
|
|
||||||
/// Checks the `DIOXUS_PUBLIC_PATH` environment variable, then tries relative to the path of this
|
|
||||||
/// executable
|
|
||||||
fn default_public_dir() -> Option<String> {
|
|
||||||
std::env::var("DIOXUS_PUBLIC_PATH").ok().or_else(|| {
|
|
||||||
std::env::current_exe().ok().and_then(|path| {
|
|
||||||
path.parent()
|
|
||||||
.expect("current executable path must have a parent")
|
|
||||||
.join("public")
|
|
||||||
.into_os_string()
|
|
||||||
.into_string()
|
|
||||||
.ok()
|
|
||||||
})
|
|
||||||
})
|
|
||||||
}
|
|
||||||
@@ -1,40 +0,0 @@
|
|||||||
use diesel_async::{
|
|
||||||
AsyncMigrationHarness, AsyncPgConnection,
|
|
||||||
pooled_connection::{AsyncDieselConnectionManager, deadpool::Pool},
|
|
||||||
};
|
|
||||||
use diesel_migrations::{EmbeddedMigrations, MigrationHarness, embed_migrations};
|
|
||||||
|
|
||||||
use crate::util::error::{Contextualize, Error, ErrorType};
|
|
||||||
|
|
||||||
pub const DB_MIGRATIONS: EmbeddedMigrations = embed_migrations!();
|
|
||||||
|
|
||||||
pub type DbPool = Pool<AsyncPgConnection>;
|
|
||||||
pub type DbConn = AsyncPgConnection;
|
|
||||||
|
|
||||||
/// Connect to the database using the given URI, and perform migrations
|
|
||||||
pub async fn setup<S: Into<String>>(database_uri: S) -> Result<DbPool, Error> {
|
|
||||||
let pool_manager = AsyncDieselConnectionManager::<AsyncPgConnection>::new(database_uri);
|
|
||||||
|
|
||||||
let pool = Pool::builder(pool_manager)
|
|
||||||
.build()
|
|
||||||
// At time of writing only the `NoRuntimeSpecified` error is possible from the builder,
|
|
||||||
// which should only occur when configuring timeouts without a `Runtime`
|
|
||||||
.map_err(|e| ErrorType::Database(e.to_string()))
|
|
||||||
.err_context("Error creating pool for database connections")?;
|
|
||||||
|
|
||||||
tracing::debug!("Establishing connection to database for migrations...");
|
|
||||||
|
|
||||||
let migration_conn = pool
|
|
||||||
.get()
|
|
||||||
.await
|
|
||||||
.err_context("Failed to get connection to database")?;
|
|
||||||
|
|
||||||
tracing::debug!("Running migrations...");
|
|
||||||
|
|
||||||
AsyncMigrationHarness::new(migration_conn)
|
|
||||||
.run_pending_migrations(DB_MIGRATIONS)
|
|
||||||
.map_err(|e| ErrorType::Database(e.to_string()))
|
|
||||||
.err_context("Failed to run pending database migrations")?;
|
|
||||||
|
|
||||||
Ok(pool)
|
|
||||||
}
|
|
||||||
@@ -1,29 +0,0 @@
|
|||||||
use fred::prelude::*;
|
|
||||||
|
|
||||||
use crate::util::error::{Contextualize, Error, ErrorType};
|
|
||||||
|
|
||||||
const KEY_VAL_POOL_SIZE: usize = 4;
|
|
||||||
|
|
||||||
pub type KeyValPool = Pool;
|
|
||||||
|
|
||||||
pub async fn setup(connection_uri: &str) -> Result<KeyValPool, Error> {
|
|
||||||
let config = Config::from_url(connection_uri)
|
|
||||||
.map_err(|e| ErrorType::KeyValStore(e.to_string()))
|
|
||||||
.err_context("Error creating key-value store config")?;
|
|
||||||
|
|
||||||
let pool = Builder::from_config(config)
|
|
||||||
.build_pool(KEY_VAL_POOL_SIZE)
|
|
||||||
// At time of writing the only error that could occur here is if config is not provided.
|
|
||||||
// Since we're building a pool `from_config`, this shouldn't be possible
|
|
||||||
.map_err(|e| ErrorType::KeyValStore(e.to_string()))
|
|
||||||
.err_context("Error creating pool for key-value store")?;
|
|
||||||
|
|
||||||
tracing::debug!("Establishing connection to key-value store...");
|
|
||||||
|
|
||||||
pool.init()
|
|
||||||
.await
|
|
||||||
.map_err(|e| ErrorType::KeyValStore(e.to_string()))
|
|
||||||
.err_context("Error connecting to key-value store")?;
|
|
||||||
|
|
||||||
Ok(pool)
|
|
||||||
}
|
|
||||||
@@ -1,77 +1,9 @@
|
|||||||
use dioxus::{
|
|
||||||
fullstack::axum::{Router, middleware::from_fn},
|
|
||||||
server::axum::Extension,
|
|
||||||
};
|
|
||||||
use tower_http::services::ServeFile;
|
|
||||||
|
|
||||||
use crate::App;
|
use crate::App;
|
||||||
use crate::app::LOGO_ICO;
|
|
||||||
use crate::server::{
|
|
||||||
auth::build_auth_layer,
|
|
||||||
config::{self, Config},
|
|
||||||
database, key_val_store,
|
|
||||||
require_auth_mw::require_auth_middleware,
|
|
||||||
};
|
|
||||||
use crate::util::error::{Contextualize, Error, Result};
|
|
||||||
|
|
||||||
pub fn main() -> Result<std::convert::Infallible> {
|
pub async fn main() {
|
||||||
if let Err(e) = dotenvy::dotenv() {
|
if let Err(e) = dotenvy::dotenv() {
|
||||||
tracing::warn!("Error reading .env: {e}");
|
tracing::warn!("Error reading .env: {e}");
|
||||||
}
|
}
|
||||||
|
|
||||||
tracing::debug!("Loading configuration...");
|
dioxus::launch(App);
|
||||||
let config = config::load_config()
|
|
||||||
.map_err(|e| Error::message_here(e.to_string()))
|
|
||||||
.err_context("Failed to load config")?;
|
|
||||||
|
|
||||||
// Dioxus doesn't expose a way to configure the public path other than this environment
|
|
||||||
// variable, and also doesn't provide a way to read what the public path is. As a workaround we
|
|
||||||
// expose a config option and set this variable that Dioxus expects.
|
|
||||||
// SAFETY: "This function is safe to call in a single-threaded program."
|
|
||||||
unsafe {
|
|
||||||
std::env::set_var("DIOXUS_PUBLIC_PATH", config.server.public_path.clone());
|
|
||||||
}
|
|
||||||
|
|
||||||
// `Ok(...?)` is because `dioxus::serve` expects an `anyhow::Result`
|
|
||||||
dioxus::serve(move || {
|
|
||||||
let config = config.clone();
|
|
||||||
async move { Ok(router_setup(config).await?) }
|
|
||||||
});
|
|
||||||
}
|
|
||||||
|
|
||||||
/// Set up the axum Router
|
|
||||||
async fn router_setup(config: Config) -> Result<Router> {
|
|
||||||
let db_pool = database::setup(config.database.connection_uri())
|
|
||||||
.await
|
|
||||||
.err_context("Failed database setup")?;
|
|
||||||
|
|
||||||
let key_val_pool = key_val_store::setup(&config.key_val_store.connection_uri())
|
|
||||||
.await
|
|
||||||
.err_context("Failed key-value store setup")?;
|
|
||||||
|
|
||||||
let favicon_path = {
|
|
||||||
// Resolve the favicon path
|
|
||||||
let asset_path = LOGO_ICO.resolve();
|
|
||||||
|
|
||||||
// If the asset path starts with "/", strip it. Otherwise it behaves as an "absolute path"
|
|
||||||
// and replaces the base path in the join operation. This is necessary because Dioxus will
|
|
||||||
// produce a path like "/assets/" in the call to `resolve`
|
|
||||||
let asset_path_rel = asset_path.strip_prefix("/").unwrap_or(&asset_path);
|
|
||||||
|
|
||||||
config.server.public_path.join(asset_path_rel)
|
|
||||||
};
|
|
||||||
|
|
||||||
tracing::debug!("Favicon path: {}", favicon_path.display());
|
|
||||||
|
|
||||||
let auth_layer = build_auth_layer(db_pool.clone(), key_val_pool, config.auth.cookies_secure);
|
|
||||||
|
|
||||||
let router = dioxus::server::router(App)
|
|
||||||
.layer(from_fn(require_auth_middleware))
|
|
||||||
.layer(Extension(config))
|
|
||||||
.layer(Extension(db_pool))
|
|
||||||
.layer(auth_layer)
|
|
||||||
.nest_service("/favicon.ico", ServeFile::new(favicon_path));
|
|
||||||
|
|
||||||
tracing::info!("Setup complete, returning Router...");
|
|
||||||
Ok(router)
|
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -1,8 +1,3 @@
|
|||||||
pub mod auth;
|
|
||||||
pub mod config;
|
|
||||||
pub mod database;
|
|
||||||
pub mod key_val_store;
|
|
||||||
pub mod main;
|
pub mod main;
|
||||||
pub mod require_auth_mw;
|
|
||||||
|
|
||||||
pub use main::main;
|
pub use main::main;
|
||||||
|
|||||||
@@ -1,63 +0,0 @@
|
|||||||
use dioxus::fullstack::{
|
|
||||||
axum::{body::Body, extract::Request, middleware::Next},
|
|
||||||
extract::FromRequestParts,
|
|
||||||
http::Response,
|
|
||||||
};
|
|
||||||
use dioxus::prelude::*;
|
|
||||||
|
|
||||||
use crate::server::auth::AuthSession;
|
|
||||||
|
|
||||||
#[cfg(not(debug_assertions))]
|
|
||||||
const ALLOWED_PATH_PREFIX: [&str; 1] = ["/assets/"];
|
|
||||||
|
|
||||||
#[cfg(debug_assertions)]
|
|
||||||
const ALLOWED_PATH_PREFIX: [&str; 2] = ["/assets/", "/wasm/"];
|
|
||||||
|
|
||||||
const ALLOWED_PATHS: [&str; 6] = [
|
|
||||||
"/login",
|
|
||||||
"/signup",
|
|
||||||
"/api/v1/auth/login",
|
|
||||||
"/api/v1/auth/signup",
|
|
||||||
"/api/v1/auth/user",
|
|
||||||
"/api/v1/auth/open-signup",
|
|
||||||
];
|
|
||||||
|
|
||||||
/// Axum middleware to redirect an unauthenticated request to /login unless it matches one of the allowed paths
|
|
||||||
pub async fn require_auth_middleware(
|
|
||||||
req: Request,
|
|
||||||
next: Next,
|
|
||||||
) -> Result<Response<Body>, (StatusCode, &'static str)> {
|
|
||||||
let path = req.uri().path();
|
|
||||||
|
|
||||||
if ALLOWED_PATH_PREFIX
|
|
||||||
.iter()
|
|
||||||
.any(|prefix| path.starts_with(prefix))
|
|
||||||
|| ALLOWED_PATHS.contains(&path)
|
|
||||||
{
|
|
||||||
let response = next.run(req).await;
|
|
||||||
return Ok(response);
|
|
||||||
}
|
|
||||||
|
|
||||||
let (mut parts, body) = req.into_parts();
|
|
||||||
|
|
||||||
let auth_session = AuthSession::from_request_parts(&mut parts, &()).await?;
|
|
||||||
|
|
||||||
if auth_session.user.is_none() {
|
|
||||||
let response = Response::builder()
|
|
||||||
.status(StatusCode::TEMPORARY_REDIRECT)
|
|
||||||
.header("Location", "/login")
|
|
||||||
.body(Body::empty())
|
|
||||||
.map_err(|_| {
|
|
||||||
(
|
|
||||||
StatusCode::INTERNAL_SERVER_ERROR,
|
|
||||||
"Failed to build response",
|
|
||||||
)
|
|
||||||
})?;
|
|
||||||
|
|
||||||
return Ok(response);
|
|
||||||
}
|
|
||||||
|
|
||||||
let req = Request::from_parts(parts, body);
|
|
||||||
let response = next.run(req).await;
|
|
||||||
Ok(response)
|
|
||||||
}
|
|
||||||
@@ -43,21 +43,7 @@ impl fmt::Display for ErrorLocation {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
pub type Result<T, E = Error> = std::result::Result<T, E>;
|
pub type Result<T> = std::result::Result<T, Error>;
|
||||||
|
|
||||||
/// Generate a random string to use as an id for the modal
|
|
||||||
/// This allows multiple toast/modal to be present
|
|
||||||
fn rand_modal_id() -> String {
|
|
||||||
use rand::RngExt;
|
|
||||||
|
|
||||||
let mut rng = rand::rng();
|
|
||||||
|
|
||||||
let random_str = (0..5)
|
|
||||||
.map(|_| rng.sample(rand::distr::Alphanumeric) as char)
|
|
||||||
.collect::<String>();
|
|
||||||
|
|
||||||
format!("err-modal-{random_str}")
|
|
||||||
}
|
|
||||||
|
|
||||||
#[derive(Debug, Clone, Deserialize, Serialize, thiserror::Error)]
|
#[derive(Debug, Clone, Deserialize, Serialize, thiserror::Error)]
|
||||||
pub struct Error {
|
pub struct Error {
|
||||||
@@ -88,12 +74,6 @@ impl Error {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
/// Creates a new basic `Error` at this location with the given message
|
|
||||||
#[track_caller]
|
|
||||||
pub fn message_here<S: Into<String>>(message: S) -> Self {
|
|
||||||
Error::new(ErrorType::Error(message.into()), ErrorLocation::here())
|
|
||||||
}
|
|
||||||
|
|
||||||
/// Adds a context message to the error
|
/// Adds a context message to the error
|
||||||
#[track_caller]
|
#[track_caller]
|
||||||
pub fn with_context(mut self, context: impl Into<String>) -> Self {
|
pub fn with_context(mut self, context: impl Into<String>) -> Self {
|
||||||
@@ -111,12 +91,6 @@ impl Error {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
/// Get the original cause of this error
|
|
||||||
/// Like `std::error::Error::source` but doesn't return an `Option`
|
|
||||||
pub fn source(&self) -> &ErrorType {
|
|
||||||
&self.source
|
|
||||||
}
|
|
||||||
|
|
||||||
/// Display this error as a modal dialog activated by a checkbox with the given id
|
/// Display this error as a modal dialog activated by a checkbox with the given id
|
||||||
pub fn as_modal(&self, id: String) -> Element {
|
pub fn as_modal(&self, id: String) -> Element {
|
||||||
rsx! {
|
rsx! {
|
||||||
@@ -193,9 +167,28 @@ impl Error {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
/// Convert this error into an alert label, tied to the given modal id
|
/// Convert this error to a toast message, which opens a modal when clicked
|
||||||
fn as_alert_for(&self, modal_id: String) -> Element {
|
pub fn as_toast(&self) -> Element {
|
||||||
|
// Generate a random string to use as an id for the modal
|
||||||
|
// This allows multiple toast/modal to be present
|
||||||
|
let modal_id = {
|
||||||
|
use rand::RngExt;
|
||||||
|
|
||||||
|
let mut rng = rand::rng();
|
||||||
|
|
||||||
|
let random_str = (0..5)
|
||||||
|
.map(|_| rng.sample(rand::distr::Alphanumeric) as char)
|
||||||
|
.collect::<String>();
|
||||||
|
|
||||||
|
format!("err-modal-{random_str}")
|
||||||
|
};
|
||||||
|
|
||||||
rsx! {
|
rsx! {
|
||||||
|
{self.as_modal(modal_id.clone())}
|
||||||
|
|
||||||
|
div {
|
||||||
|
class: "toast",
|
||||||
|
|
||||||
label {
|
label {
|
||||||
class: "alert alert-error alert-soft cursor-pointer",
|
class: "alert alert-error alert-soft cursor-pointer",
|
||||||
role: "alert",
|
role: "alert",
|
||||||
@@ -209,29 +202,6 @@ impl Error {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
/// Convert this error to a toast message, which opens a modal when clicked
|
|
||||||
pub fn as_toast(&self) -> Element {
|
|
||||||
let modal_id = rand_modal_id();
|
|
||||||
|
|
||||||
rsx! {
|
|
||||||
{self.as_modal(modal_id.clone())}
|
|
||||||
|
|
||||||
div {
|
|
||||||
class: "toast z-99",
|
|
||||||
{self.as_alert_for(modal_id)}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
/// Convert this error into an alert label, which opens a modal when clicked
|
|
||||||
pub fn as_alert(&self) -> Element {
|
|
||||||
let modal_id = rand_modal_id();
|
|
||||||
|
|
||||||
rsx! {
|
|
||||||
{self.as_modal(modal_id.clone())}
|
|
||||||
{self.as_alert_for(modal_id)}
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -263,14 +233,12 @@ impl From<ServerFnError> for Error {
|
|||||||
impl dioxus_fullstack::AsStatusCode for Error {
|
impl dioxus_fullstack::AsStatusCode for Error {
|
||||||
fn as_status_code(&self) -> StatusCode {
|
fn as_status_code(&self) -> StatusCode {
|
||||||
match &self.source {
|
match &self.source {
|
||||||
ErrorType::Auth(AuthError::InvalidCredentials | AuthError::Unauthorized) => {
|
|
||||||
StatusCode::UNAUTHORIZED
|
|
||||||
}
|
|
||||||
ErrorType::Database(msg) if *msg == (diesel::result::Error::NotFound).to_string() => {
|
ErrorType::Database(msg) if *msg == (diesel::result::Error::NotFound).to_string() => {
|
||||||
StatusCode::NOT_FOUND
|
StatusCode::NOT_FOUND
|
||||||
}
|
}
|
||||||
|
ErrorType::Database(_) => StatusCode::INTERNAL_SERVER_ERROR,
|
||||||
|
ErrorType::Error(_) => StatusCode::INTERNAL_SERVER_ERROR,
|
||||||
ErrorType::ServerFnError(e) => e.as_status_code(),
|
ErrorType::ServerFnError(e) => e.as_status_code(),
|
||||||
_ => StatusCode::INTERNAL_SERVER_ERROR,
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@@ -309,9 +277,6 @@ impl<T, E: Into<Error>> Contextualize<Result<T>> for E {
|
|||||||
|
|
||||||
#[derive(Debug, Clone, thiserror::Error, Deserialize, Serialize)]
|
#[derive(Debug, Clone, thiserror::Error, Deserialize, Serialize)]
|
||||||
pub enum ErrorType {
|
pub enum ErrorType {
|
||||||
#[error("Authentication error: {0}")]
|
|
||||||
Auth(AuthError),
|
|
||||||
|
|
||||||
// Using string to represent Diesel errors, because Diesel's Error type is not `Serialize`,
|
// Using string to represent Diesel errors, because Diesel's Error type is not `Serialize`,
|
||||||
// and Diesel is only available on the server
|
// and Diesel is only available on the server
|
||||||
#[error("Database error: {0}")]
|
#[error("Database error: {0}")]
|
||||||
@@ -322,11 +287,6 @@ pub enum ErrorType {
|
|||||||
|
|
||||||
#[error("Server function error: {0}")]
|
#[error("Server function error: {0}")]
|
||||||
ServerFnError(ServerFnError),
|
ServerFnError(ServerFnError),
|
||||||
|
|
||||||
// Using string to represent Fred errors, because Fred's Error type is not `Serialize`,
|
|
||||||
// and Fred is only available on the server
|
|
||||||
#[error("Key-value store error: {0}")]
|
|
||||||
KeyValStore(String),
|
|
||||||
}
|
}
|
||||||
|
|
||||||
impl From<ErrorType> for Error {
|
impl From<ErrorType> for Error {
|
||||||
@@ -343,33 +303,3 @@ impl From<diesel::result::Error> for Error {
|
|||||||
Error::new_here(ErrorType::Database(format!("{err}")))
|
Error::new_here(ErrorType::Database(format!("{err}")))
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
// This would capture any `deapool::PoolError` and treat it as a database error
|
|
||||||
// but we're only using `deadpool` for our database, so it's fine
|
|
||||||
#[cfg(feature = "server")]
|
|
||||||
impl From<diesel_async::pooled_connection::deadpool::PoolError> for Error {
|
|
||||||
#[track_caller]
|
|
||||||
fn from(err: diesel_async::pooled_connection::deadpool::PoolError) -> Self {
|
|
||||||
Error::new_here(ErrorType::Database(format!("{err}")))
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
#[cfg(feature = "server")]
|
|
||||||
impl From<fred::error::Error> for Error {
|
|
||||||
#[track_caller]
|
|
||||||
fn from(err: fred::error::Error) -> Self {
|
|
||||||
Error::new_here(ErrorType::KeyValStore(format!("{err}")))
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
#[derive(Debug, Clone, thiserror::Error, Deserialize, Serialize)]
|
|
||||||
pub enum AuthError {
|
|
||||||
#[error("Invalid credentials")]
|
|
||||||
InvalidCredentials,
|
|
||||||
|
|
||||||
#[error("{0}")]
|
|
||||||
Error(String),
|
|
||||||
|
|
||||||
#[error("Unauthorized")]
|
|
||||||
Unauthorized,
|
|
||||||
}
|
|
||||||
|
|||||||
@@ -21,9 +21,4 @@
|
|||||||
@apply hover:text-base-content/70;
|
@apply hover:text-base-content/70;
|
||||||
@apply active:text-primary active:translate-y-[.5px] active:shadow-(--btn-shadow);
|
@apply active:text-primary active:translate-y-[.5px] active:shadow-(--btn-shadow);
|
||||||
}
|
}
|
||||||
|
|
||||||
.input:focus-within {
|
|
||||||
outline-width: 1px;
|
|
||||||
outline-offset: 0px;
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|||||||
Reference in New Issue
Block a user