mirror of
https://github.com/SinTan1729/chhoto-url
synced 2024-12-26 23:58:35 -06:00
Password login enabled
This commit is contained in:
parent
34b2b116ba
commit
96b3ae1297
4 changed files with 41 additions and 9 deletions
|
@ -23,6 +23,5 @@ WORKDIR /opt
|
||||||
|
|
||||||
COPY --from=build /simply-shorten/target/release/simply-shorten /opt/simply-shorten
|
COPY --from=build /simply-shorten/target/release/simply-shorten /opt/simply-shorten
|
||||||
COPY --from=build /simply-shorten/resources /opt/resources
|
COPY --from=build /simply-shorten/resources /opt/resources
|
||||||
COPY ./urls.sqlite /opt/urls.sqlite
|
|
||||||
|
|
||||||
CMD ["./simply-shorten"]
|
CMD ["./simply-shorten"]
|
||||||
|
|
|
@ -1,7 +1,8 @@
|
||||||
use actix_session::Session;
|
use actix_session::Session;
|
||||||
|
use std::time::SystemTime;
|
||||||
|
|
||||||
pub fn validate(session: Session) -> bool {
|
pub fn validate(session: Session) -> bool {
|
||||||
let token = session.get::<i32>("session-token");
|
let token = session.get::<String>("session-token");
|
||||||
if token.is_err() {
|
if token.is_err() {
|
||||||
false
|
false
|
||||||
} else if !check(token.unwrap()) {
|
} else if !check(token.unwrap()) {
|
||||||
|
@ -11,12 +12,37 @@ pub fn validate(session: Session) -> bool {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
fn check(token: Option<i32>) -> bool {
|
fn check(token: Option<String>) -> bool {
|
||||||
if token.is_none() {
|
if token.is_none() {
|
||||||
false
|
false
|
||||||
} else if token.unwrap() != 123 {
|
} else {
|
||||||
|
let token_body = token.unwrap();
|
||||||
|
let token_parts: Vec<&str> = token_body.split(";").collect();
|
||||||
|
if token_parts.len() < 2 {
|
||||||
false
|
false
|
||||||
} else {
|
} else {
|
||||||
|
let token_text = token_parts[0];
|
||||||
|
let token_time = token_parts[1].parse::<u64>().unwrap_or(0);
|
||||||
|
let time_now = SystemTime::now()
|
||||||
|
.duration_since(SystemTime::UNIX_EPOCH)
|
||||||
|
.expect("Time went backwards!")
|
||||||
|
.as_secs();
|
||||||
|
println!("{:#?}", token_parts);
|
||||||
|
if token_text == "valid-session-token" && time_now < token_time + 1209600 {
|
||||||
|
// There are 1209600 seconds in 14 days
|
||||||
true
|
true
|
||||||
|
} else {
|
||||||
|
false
|
||||||
|
}
|
||||||
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
pub fn gen_token() -> String {
|
||||||
|
let token_text = "valid-session-token".to_string();
|
||||||
|
let time = SystemTime::now()
|
||||||
|
.duration_since(SystemTime::UNIX_EPOCH)
|
||||||
|
.expect("Time went backwards!")
|
||||||
|
.as_secs();
|
||||||
|
format!("{token_text};{time}")
|
||||||
|
}
|
||||||
|
|
|
@ -58,6 +58,7 @@ pub fn delete_link(shortlink: String, db: &Connection) -> () {
|
||||||
|
|
||||||
pub fn open_db(path: String) -> Connection {
|
pub fn open_db(path: String) -> Connection {
|
||||||
let db = Connection::open(path).expect("Unable to open database!");
|
let db = Connection::open(path).expect("Unable to open database!");
|
||||||
|
// Create table if it doesn't exist
|
||||||
db.execute(
|
db.execute(
|
||||||
"CREATE TABLE IF NOT EXISTS urls (
|
"CREATE TABLE IF NOT EXISTS urls (
|
||||||
id INTEGER PRIMARY KEY AUTOINCREMENT,
|
id INTEGER PRIMARY KEY AUTOINCREMENT,
|
||||||
|
|
|
@ -78,8 +78,9 @@ async fn link_handler(shortlink: web::Path<String>, data: web::Data<AppState>) -
|
||||||
// Handle login
|
// Handle login
|
||||||
#[post("/api/login")]
|
#[post("/api/login")]
|
||||||
async fn login(req: String, session: Session) -> HttpResponse {
|
async fn login(req: String, session: Session) -> HttpResponse {
|
||||||
if req == "ssssss".to_string() {
|
if req == env::var("password").unwrap_or(req.clone()) {
|
||||||
session.insert("session-token", 123).unwrap();
|
// If no password was provided, match any password
|
||||||
|
session.insert("session-token", auth::gen_token()).unwrap();
|
||||||
HttpResponse::Ok().body("Correct password!")
|
HttpResponse::Ok().body("Correct password!")
|
||||||
} else {
|
} else {
|
||||||
eprintln!("Failed login attempt!");
|
eprintln!("Failed login attempt!");
|
||||||
|
@ -104,15 +105,20 @@ async fn delete_link(
|
||||||
|
|
||||||
#[actix_web::main]
|
#[actix_web::main]
|
||||||
async fn main() -> std::io::Result<()> {
|
async fn main() -> std::io::Result<()> {
|
||||||
|
// Generate session key in runtime so that restarts invalidates older logins
|
||||||
let secret_key = Key::generate();
|
let secret_key = Key::generate();
|
||||||
|
let db_location = env::var("db_url").unwrap_or("/opt/urls.sqlite".to_string());
|
||||||
|
|
||||||
|
// Actually start the server
|
||||||
HttpServer::new(move || {
|
HttpServer::new(move || {
|
||||||
App::new()
|
App::new()
|
||||||
.wrap(SessionMiddleware::new(
|
.wrap(SessionMiddleware::new(
|
||||||
CookieSessionStore::default(),
|
CookieSessionStore::default(),
|
||||||
secret_key.clone(),
|
secret_key.clone(),
|
||||||
))
|
))
|
||||||
|
// Maintain a single instance of database throughout
|
||||||
.app_data(web::Data::new(AppState {
|
.app_data(web::Data::new(AppState {
|
||||||
db: database::open_db(env::var("db_url").unwrap_or("./urls.sqlite".to_string())),
|
db: database::open_db(env::var("db_url").unwrap_or(db_location.clone())),
|
||||||
}))
|
}))
|
||||||
.wrap(middleware::Compress::default())
|
.wrap(middleware::Compress::default())
|
||||||
.service(link_handler)
|
.service(link_handler)
|
||||||
|
|
Loading…
Reference in a new issue