SinTan1729/chhoto-url
SinTan1729/chhoto-url
1
0
Fork 0
mirror of https://github.com/SinTan1729/chhoto-url synced 2025-02-05 13:52:33 -06:00
Code Issues Releases Activity

Made code more Rust-like

Browse source
This commit is contained in:
Solninja A 2025-01-01 17:34:09 +10:00
parent 247cfb0476
commit 818dadb84f
4 changed files with 11 additions and 21 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
actix/src/auth.rs
View file

@ -3,7 +3,7 @@
use actix_session::Session; use actix_session::Session;
use std::{env, time::SystemTime}; use std::{env, time::SystemTime};
use actix_web::{HttpRequest}; use actix_web::HttpRequest;
// API key generation and scoring // API key generation and scoring
use passwords::{PasswordGenerator, scorer, analyzer}; use passwords::{PasswordGenerator, scorer, analyzer};
@ -48,7 +48,7 @@ pub fn api_header(req: &HttpRequest) -> Option<&str> {
// Determine whether the inputted API key is sufficiently secure // Determine whether the inputted API key is sufficiently secure
pub fn is_key_secure() -> bool { pub fn is_key_secure() -> bool {
let score = scorer::score(&analyzer::analyze(env::var("api_key").unwrap())); let score = scorer::score(&analyzer::analyze(env::var("api_key").unwrap()));
if score < 90.0 { false } else { true } score >= 90.0
} }
// Validate a given password // Validate a given password

1
actix/src/main.rs
View file

@ -30,7 +30,6 @@ async fn main() -> Result<()> {
.filter(|s| !s.trim().is_empty()) .filter(|s| !s.trim().is_empty())
.unwrap_or(String::from("urls.sqlite")); .unwrap_or(String::from("urls.sqlite"));
let port = env::var("port") let port = env::var("port")
.unwrap_or(String::from("4567")) .unwrap_or(String::from("4567"))
.parse::<u16>() .parse::<u16>()

7
actix/src/services.rs
View file

@ -158,11 +158,8 @@ pub async fn link_handler(
// Handle login // Handle login
#[post("/api/login")] #[post("/api/login")]
pub async fn login(req: String, session: Session) -> HttpResponse { pub async fn login(req: String, session: Session) -> HttpResponse {
// Someone's API may be listening for the plain HTML body response of "Correct password!" // Keep this function backwards compatible
// rather than a 200 OK HTTP response. Because of that, a check is performed to see whether if env::var("api_key").is_ok() {
// the api_key environment variable is set. If it is set, then it is assumed the user will expect a JSON response for all API routes.
// *If this is not a concern, this can be removed.*
if let Ok(_) = env::var("api_key") {
if let Ok(password) = env::var("password") { if let Ok(password) = env::var("password") {
if password != req { if password != req {
eprintln!("Failed login attempt!"); eprintln!("Failed login attempt!");

20
actix/src/utils.rs
View file

@ -18,7 +18,6 @@ struct URLPair {
} }
// Define JSON struct for response // Define JSON struct for response
// Named "ReturnResponse" rather than "Response" because of the previous import.
#[derive(Serialize)] #[derive(Serialize)]
pub struct Response { pub struct Response {
pub(crate) success: bool, pub(crate) success: bool,
@ -30,31 +29,26 @@ pub struct Response {
// If the api_key environment variable eists // If the api_key environment variable eists
pub fn is_api_ok(http: HttpRequest) -> Response { pub fn is_api_ok(http: HttpRequest) -> Response {
// If the api_key environment variable exists // If the api_key environment variable exists
if let Ok(_) = env::var("api_key") { if env::var("api_key").is_ok() {
// If the header exists // If the header exists
if let Some(header) = auth::api_header(&http) { if let Some(header) = auth::api_header(&http) {
// If the header is correct // If the header is correct
if auth::validate_key(header.to_string()) { if auth::validate_key(header.to_string()) {
let result = Response { success: true, error: false, reason: "".to_string(), pass: false }; Response { success: true, error: false, reason: "".to_string(), pass: false }
result
} else { } else {
let result = Response { success: false, error: true, reason: "Incorrect API key".to_string(), pass: false }; Response { success: false, error: true, reason: "Incorrect API key".to_string(), pass: false }
result
} }
// The header may not exist when the user logs in through the web interface, so allow a request with no header. // The header may not exist when the user logs in through the web interface, so allow a request with no header.
// Further authentication checks will be conducted in services.rs // Further authentication checks will be conducted in services.rs
} else { } else {
let result = Response { success: false, error: false, reason: "Chhoto-Api-Key header not found".to_string(), pass: true }; Response { success: false, error: false, reason: "Chhoto-Api-Key header not found".to_string(), pass: true }
result
} }
} else { } else {
// If the API key isn't set, but an API Key header is provided // If the API key isn't set, but an API Key header is provided
if let Some(_) = auth::api_header(&http) { if auth::api_header(&http).is_some() {
let result = Response {success: false, error: true, reason: "API key access was attempted, but no API key is configured".to_string(), pass: false}; Response {success: false, error: true, reason: "API key access was attempted, but no API key is configured".to_string(), pass: false}
result
} else { } else {
let result = Response {success: false, error: false, reason: "".to_string(), pass: true}; Response {success: false, error: false, reason: "".to_string(), pass: true}
result
} }
} }
} }