sorceress
/
Eleanor-Server
mirror of https://github.com/AgathaSorceress/Eleanor-Server.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Remove unnecessary axum-auth dependancy

This commit is contained in:
Agatha Lovelace 2023-04-11 21:41:23 +02:00
parent c8e8c2fcf1
commit ba37df30c1
Signed by: sorceress
GPG Key ID: 01D0B3AB10CED4F8
3 changed files with 60 additions and 28 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

52
Cargo.lock generated
View File

@ -272,6 +272,7 @@ dependencies = [
"bitflags", "bitflags",
"bytes", "bytes",
"futures-util", "futures-util",
"headers",
"http", "http",
"http-body", "http-body",
"hyper", "hyper",
@ -292,18 +293,6 @@ dependencies = [
"tower-service", "tower-service",
] ]
[[package]]
name = "axum-auth"
version = "0.3.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "f9770f9a9147b2324066609acb5495538cb25f973129663fba2658ba7ed69407"
dependencies = [
"async-trait",
"axum-core",
"base64",
"http",
]
[[package]] [[package]]
name = "axum-core" name = "axum-core"
version = "0.2.7" version = "0.2.7"
@ -645,12 +634,11 @@ checksum = "3f107b87b6afc2a64fd13cac55fe06d6c8859f12d4b14cbcdd2c67d0976781be"
[[package]] [[package]]
name = "eleanor-server" name = "eleanor-server"
version = "0.1.0" version = "0.1.1"
dependencies = [ dependencies = [
"adler", "adler",
"argon2", "argon2",
"axum", "axum",
"axum-auth",
"clap", "clap",
"lofty", "lofty",
"miette", "miette",
@ -925,6 +913,31 @@ dependencies = [
"hashbrown", "hashbrown",
] ]
[[package]]
name = "headers"
version = "0.3.8"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "f3e372db8e5c0d213e0cd0b9be18be2aca3d44cf2fe30a9d46a65581cd454584"
dependencies = [
"base64",
"bitflags",
"bytes",
"headers-core",
"http",
"httpdate",
"mime",
"sha1",
]
[[package]]
name = "headers-core"
version = "0.2.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "e7f66481bfee273957b1f20485a4ff3362987f85b2c236580d81b4eb7a326429"
dependencies = [
"http",
]
[[package]] [[package]]
name = "heck" name = "heck"
version = "0.3.3" version = "0.3.3"
@ -2062,6 +2075,17 @@ dependencies = [
"serde", "serde",
] ]
[[package]]
name = "sha1"
version = "0.10.4"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "006769ba83e921b3085caa8334186b00cf92b4cb1a6cf4632fbccc8eff5c7549"
dependencies = [
"cfg-if",
"cpufeatures",
"digest",
]
[[package]] [[package]]
name = "sha2" name = "sha2"
version = "0.10.2" version = "0.10.2"

5
Cargo.toml
View File

@ -1,6 +1,6 @@
[package] [package]
name = "eleanor-server" name = "eleanor-server"
version = "0.1.0" version = "0.1.1"
edition = "2021" edition = "2021"
authors = ["Agatha Lovelace <agatha@technogothic.net>"] authors = ["Agatha Lovelace <agatha@technogothic.net>"]
@ -9,8 +9,7 @@ authors = ["Agatha Lovelace <agatha@technogothic.net>"]
[dependencies] [dependencies]
adler = "1.0.2" adler = "1.0.2"
argon2 = "0.4.1" argon2 = "0.4.1"
axum = "0.5.15" axum = { version = "0.5.15", features = ["headers"] }
axum-auth = "0.3.0"
clap = { version = "3.2.20", features = ["cargo"] } clap = { version = "3.2.20", features = ["cargo"] }
lofty = "0.7.3" lofty = "0.7.3"
miette = { version = "5.2.0", features = ["fancy"] } miette = { version = "5.2.0", features = ["fancy"] }

31
src/server.rs
View File

@ -7,7 +7,8 @@ use argon2::{
Argon2, PasswordHash, PasswordHasher, PasswordVerifier, Argon2, PasswordHash, PasswordHasher, PasswordVerifier,
}; };
use axum::{ use axum::{
extract::{FromRequest, Path, RequestParts}, extract::{Path, RequestParts},
headers::{authorization::Basic, Authorization, HeaderMapExt},
http::{ http::{
header::{self, HeaderName}, header::{self, HeaderName},
Request, StatusCode, Request, StatusCode,
@ -17,7 +18,6 @@ use axum::{
routing::get, routing::get,
Extension, Router, Extension, Router,
}; };
use axum_auth::AuthBasic;
use miette::{miette, IntoDiagnostic}; use miette::{miette, IntoDiagnostic};
use paris::success; use paris::success;
use sea_orm::{ColumnTrait, DatabaseConnection, EntityTrait, ModelTrait, QueryFilter, Set}; use sea_orm::{ColumnTrait, DatabaseConnection, EntityTrait, ModelTrait, QueryFilter, Set};
@ -101,7 +101,13 @@ pub async fn add_user(
password: String, password: String,
) -> miette::Result<()> { ) -> miette::Result<()> {
let salt = SaltString::generate(&mut OsRng); let salt = SaltString::generate(&mut OsRng);
let argon2 = Argon2::default(); let argon2 = Argon2::new(
argon2::Algorithm::Argon2id,
argon2::Version::V0x13,
argon2::Params::new(16384, 3, 1, None).map_err(|err| {
return miette!("Couldn't initialize argon2 parameters: {}", err.to_string());
})?,
);
let hash = argon2 let hash = argon2
.hash_password(password.as_bytes(), &salt) .hash_password(password.as_bytes(), &salt)
@ -146,8 +152,8 @@ pub async fn remove_user(db: &DatabaseConnection, username: String) -> miette::R
Ok(()) Ok(())
} }
fn verify_password(password: String, hash: String) -> miette::Result<bool> { fn verify_password(password: &str, hash: &str) -> miette::Result<bool> {
let hash = PasswordHash::new(&hash) let hash = PasswordHash::new(hash)
.map_err(|err| return miette!("Couldn't parse password hash: {}", err.to_string()))?; .map_err(|err| return miette!("Couldn't parse password hash: {}", err.to_string()))?;
Ok(Argon2::default() Ok(Argon2::default()
@ -157,10 +163,10 @@ fn verify_password(password: String, hash: String) -> miette::Result<bool> {
async fn authenticate( async fn authenticate(
db: &DatabaseConnection, db: &DatabaseConnection,
AuthBasic((username, password)): AuthBasic, auth: Authorization<Basic>,
) -> Result<(), StatusCode> { ) -> Result<(), StatusCode> {
let user = users::Entity::find() let user = users::Entity::find()
.filter(users::Column::Name.eq(username)) .filter(users::Column::Name.eq(auth.username()))
.one(db) .one(db)
.await .await
.ok() .ok()
@ -168,7 +174,7 @@ async fn authenticate(
.ok_or(StatusCode::UNAUTHORIZED)?; .ok_or(StatusCode::UNAUTHORIZED)?;
// Compare the provided password with the password hash stored in the database // Compare the provided password with the password hash stored in the database
let authorized = verify_password(password.ok_or(StatusCode::UNAUTHORIZED)?, user.password) let authorized = verify_password(auth.password(), &user.password)
.map_err(|_| StatusCode::INTERNAL_SERVER_ERROR)?; .map_err(|_| StatusCode::INTERNAL_SERVER_ERROR)?;
if authorized { if authorized {
@ -182,16 +188,19 @@ async fn auth<B: std::marker::Send>(
req: Request<B>, req: Request<B>,
next: Next<B>, next: Next<B>,
) -> Result<Response, StatusCode> { ) -> Result<Response, StatusCode> {
let mut req = RequestParts::new(req); let req = RequestParts::new(req);
let auth = AuthBasic::from_request(&mut req).await.map_err(|e| e.0)?; let auth = req
.headers()
.typed_get::<Authorization<Basic>>()
.ok_or(StatusCode::UNAUTHORIZED)?;
let db: &DatabaseConnection = req let db: &DatabaseConnection = req
.extensions() .extensions()
.get() .get()
.ok_or(StatusCode::INTERNAL_SERVER_ERROR)?; .ok_or(StatusCode::INTERNAL_SERVER_ERROR)?;
if let Err(error) = authenticate(db, auth.to_owned()).await { if let Err(error) = authenticate(db, auth).await {
Err(error) Err(error)
} else { } else {
let req = req let req = req