diff --git a/actix/src/auth.rs b/actix/src/auth.rs index fd8d8b8..c6ab4bd 100644 --- a/actix/src/auth.rs +++ b/actix/src/auth.rs @@ -3,7 +3,7 @@ use actix_session::Session; use std::{env, time::SystemTime}; -use actix_web::{HttpRequest}; +use actix_web::HttpRequest; // API key generation and scoring use passwords::{PasswordGenerator, scorer, analyzer}; @@ -48,7 +48,7 @@ pub fn api_header(req: &HttpRequest) -> Option<&str> { // Determine whether the inputted API key is sufficiently secure pub fn is_key_secure() -> bool { let score = scorer::score(&analyzer::analyze(env::var("api_key").unwrap())); - if score < 90.0 { false } else { true } + score >= 90.0 } // Validate a given password diff --git a/actix/src/main.rs b/actix/src/main.rs index ef9a618..79dcfa7 100644 --- a/actix/src/main.rs +++ b/actix/src/main.rs @@ -30,7 +30,6 @@ async fn main() -> Result<()> { .filter(|s| !s.trim().is_empty()) .unwrap_or(String::from("urls.sqlite")); - let port = env::var("port") .unwrap_or(String::from("4567")) .parse::() diff --git a/actix/src/services.rs b/actix/src/services.rs index fe66432..4b4a573 100644 --- a/actix/src/services.rs +++ b/actix/src/services.rs @@ -158,11 +158,8 @@ pub async fn link_handler( // Handle login #[post("/api/login")] pub async fn login(req: String, session: Session) -> HttpResponse { - // Someone's API may be listening for the plain HTML body response of "Correct password!" - // rather than a 200 OK HTTP response. Because of that, a check is performed to see whether - // the api_key environment variable is set. If it is set, then it is assumed the user will expect a JSON response for all API routes. - // *If this is not a concern, this can be removed.* - if let Ok(_) = env::var("api_key") { + // Keep this function backwards compatible + if env::var("api_key").is_ok() { if let Ok(password) = env::var("password") { if password != req { eprintln!("Failed login attempt!"); diff --git a/actix/src/utils.rs b/actix/src/utils.rs index 506e5cf..c596603 100644 --- a/actix/src/utils.rs +++ b/actix/src/utils.rs @@ -18,7 +18,6 @@ struct URLPair { } // Define JSON struct for response -// Named "ReturnResponse" rather than "Response" because of the previous import. #[derive(Serialize)] pub struct Response { pub(crate) success: bool, @@ -30,31 +29,26 @@ pub struct Response { // If the api_key environment variable eists pub fn is_api_ok(http: HttpRequest) -> Response { // If the api_key environment variable exists - if let Ok(_) = env::var("api_key") { + if env::var("api_key").is_ok() { // If the header exists if let Some(header) = auth::api_header(&http) { // If the header is correct if auth::validate_key(header.to_string()) { - let result = Response { success: true, error: false, reason: "".to_string(), pass: false }; - result + Response { success: true, error: false, reason: "".to_string(), pass: false } } else { - let result = Response { success: false, error: true, reason: "Incorrect API key".to_string(), pass: false }; - result + Response { success: false, error: true, reason: "Incorrect API key".to_string(), pass: false } } // The header may not exist when the user logs in through the web interface, so allow a request with no header. // Further authentication checks will be conducted in services.rs } else { - let result = Response { success: false, error: false, reason: "Chhoto-Api-Key header not found".to_string(), pass: true }; - result + Response { success: false, error: false, reason: "Chhoto-Api-Key header not found".to_string(), pass: true } } } else { // If the API key isn't set, but an API Key header is provided - if let Some(_) = auth::api_header(&http) { - let result = Response {success: false, error: true, reason: "API key access was attempted, but no API key is configured".to_string(), pass: false}; - result + if auth::api_header(&http).is_some() { + Response {success: false, error: true, reason: "API key access was attempted, but no API key is configured".to_string(), pass: false} } else { - let result = Response {success: false, error: false, reason: "".to_string(), pass: true}; - result + Response {success: false, error: false, reason: "".to_string(), pass: true} } } }