Read the http header from the proxy to get the client IP
This commit is contained in:
parent
b6235fb76c
commit
8a3fef096d
6 changed files with 29 additions and 25 deletions
|
|
@ -3,4 +3,5 @@ pub const FILE_CONF: &str = "conf.ron";
|
|||
pub const DB_DIRECTORY: &str = "data";
|
||||
pub const DB_FILENAME: &str = "recipes.sqlite";
|
||||
pub const SQL_FILENAME: &str = "sql/version_{VERSION}.sql";
|
||||
pub const VALIDATION_TOKEN_DURATION: i64 = 1 * 60 * 60; // 1 hour. [s].
|
||||
pub const VALIDATION_TOKEN_DURATION: i64 = 1 * 60 * 60; // 1 hour. [s].
|
||||
pub const REVERSE_PROXY_IP_HTTP_FIELD: &str = "x-real-ip";
|
||||
|
|
@ -1,8 +1,7 @@
|
|||
use lettre::{transport::smtp::{authentication::Credentials}, Message, SmtpTransport, Transport};
|
||||
use lettre::{transport::smtp::authentication::Credentials, Message, SmtpTransport, Transport};
|
||||
|
||||
///
|
||||
pub fn send_validation(site_url: &str, email: &str, token: &str, smtp_login: &str, smtp_password: &str) -> Result<(), Box<dyn std::error::Error>> {
|
||||
|
||||
let email = Message::builder()
|
||||
.message_id(None)
|
||||
.from("recipes@gburri.org".parse()?)
|
||||
|
|
@ -15,7 +14,7 @@ pub fn send_validation(site_url: &str, email: &str, token: &str, smtp_login: &st
|
|||
let mailer = SmtpTransport::relay("mail.gandi.net")?.credentials(credentials).build();
|
||||
|
||||
if let Err(error) = mailer.send(&email) {
|
||||
println!("Error when sending E-mail:\n{:?}", &error);
|
||||
eprintln!("Error when sending E-mail:\n{:?}", &error);
|
||||
}
|
||||
|
||||
Ok(())
|
||||
|
|
|
|||
|
|
@ -6,6 +6,7 @@ use askama_actix::{Template, TemplateToResponse};
|
|||
use chrono::{prelude::*, Duration};
|
||||
use clap::Parser;
|
||||
use serde::Deserialize;
|
||||
use log::{debug, error, log_enabled, info, Level};
|
||||
|
||||
use config::Config;
|
||||
use user::User;
|
||||
|
|
@ -23,8 +24,14 @@ const COOKIE_AUTH_TOKEN_NAME: &str = "auth_token";
|
|||
///// UTILS /////
|
||||
|
||||
fn get_ip_and_user_agent(req: &HttpRequest) -> (String, String) {
|
||||
let ip =
|
||||
match req.headers().get(consts::REVERSE_PROXY_IP_HTTP_FIELD) {
|
||||
Some(v) => v.to_str().unwrap_or_default().to_string(),
|
||||
None => req.peer_addr().map(|addr| addr.ip().to_string()).unwrap_or_default()
|
||||
};
|
||||
|
||||
let user_agent = req.headers().get(header::USER_AGENT).map(|v| v.to_str().unwrap_or_default()).unwrap_or_default().to_string();
|
||||
let ip = req.peer_addr().map(|addr| addr.ip().to_string()).unwrap_or_default();
|
||||
|
||||
(ip, user_agent)
|
||||
}
|
||||
|
||||
|
|
@ -42,12 +49,12 @@ fn get_current_user(req: &HttpRequest, connection: &web::Data<db::Connection>) -
|
|||
Ok(user) =>
|
||||
Some(user),
|
||||
Err(error) => {
|
||||
eprintln!("Error during authentication: {:?}", error);
|
||||
error!("Error during authentication: {}", error);
|
||||
None
|
||||
}
|
||||
},
|
||||
Err(error) => {
|
||||
eprintln!("Error during authentication: {:?}", error);
|
||||
error!("Error during authentication: {}", error);
|
||||
None
|
||||
},
|
||||
},
|
||||
|
|
@ -146,8 +153,6 @@ enum SignUpError {
|
|||
|
||||
#[post("/signup")]
|
||||
async fn sign_up_post(req: HttpRequest, form: web::Form<SignUpFormData>, connection: web::Data<db::Connection>, config: web::Data<Config>) -> impl Responder {
|
||||
println!("Sign up, email: {}, passwords: {}/{}", form.email, form.password_1, form.password_2);
|
||||
|
||||
fn error_response(error: SignUpError, form: &web::Form<SignUpFormData>, user: Option<User>) -> HttpResponse {
|
||||
SignUpFormTemplate {
|
||||
user,
|
||||
|
|
@ -212,13 +217,13 @@ async fn sign_up_post(req: HttpRequest, form: web::Form<SignUpFormData>, connect
|
|||
.insert_header((header::LOCATION, "/signup_check_email"))
|
||||
.finish(),
|
||||
Err(error) => {
|
||||
eprintln!("Email validation error: {:?}", error);
|
||||
error!("Email validation error: {}", error);
|
||||
error_response(SignUpError::UnableSendEmail, &form, user)
|
||||
},
|
||||
}
|
||||
},
|
||||
Err(error) => {
|
||||
eprintln!("Signup database error: {:?}", error);
|
||||
error!("Signup database error: {}", error);
|
||||
error_response(SignUpError::DatabaseError, &form, user)
|
||||
},
|
||||
}
|
||||
|
|
@ -250,7 +255,7 @@ async fn sign_up_validation(req: HttpRequest, query: web::Query<HashMap<String,
|
|||
Ok(user) =>
|
||||
Some(user),
|
||||
Err(error) => {
|
||||
eprintln!("Error retrieving user by id: {}", error);
|
||||
error!("Error retrieving user by id: {}", error);
|
||||
None
|
||||
}
|
||||
};
|
||||
|
|
@ -263,7 +268,7 @@ async fn sign_up_validation(req: HttpRequest, query: web::Query<HashMap<String,
|
|||
}.to_response();
|
||||
|
||||
if let Err(error) = response.add_cookie(&cookie) {
|
||||
eprintln!("Unable to set cookie after validation: {:?}", error);
|
||||
error!("Unable to set cookie after validation: {}", error);
|
||||
};
|
||||
|
||||
response
|
||||
|
|
@ -324,8 +329,6 @@ enum SignInError {
|
|||
|
||||
#[post("/signin")]
|
||||
async fn sign_in_post(req: HttpRequest, form: web::Form<SignInFormData>, connection: web::Data<db::Connection>) -> impl Responder {
|
||||
println!("Sign in, email: {}, password: {}", form.email, form.password);
|
||||
|
||||
fn error_response(error: SignInError, form: &web::Form<SignInFormData>, user: Option<User>) -> HttpResponse {
|
||||
SignInFormTemplate {
|
||||
user,
|
||||
|
|
@ -354,12 +357,12 @@ async fn sign_in_post(req: HttpRequest, form: web::Form<SignInFormData>, connect
|
|||
.insert_header((header::LOCATION, "/"))
|
||||
.finish();
|
||||
if let Err(error) = response.add_cookie(&cookie) {
|
||||
eprintln!("Unable to set cookie after sign in: {:?}", error);
|
||||
error!("Unable to set cookie after sign in: {}", error);
|
||||
};
|
||||
response
|
||||
},
|
||||
Err(error) => {
|
||||
eprintln!("Signin error: {:?}", error);
|
||||
error!("Signin error: {}", error);
|
||||
error_response(SignInError::AuthenticationFailed, &form, user)
|
||||
},
|
||||
}
|
||||
|
|
@ -377,11 +380,11 @@ async fn sign_out(req: HttpRequest, connection: web::Data<db::Connection>) -> im
|
|||
|
||||
if let Some(token_cookie) = req.cookie(COOKIE_AUTH_TOKEN_NAME) {
|
||||
if let Err(error) = connection.sign_out(token_cookie.value()) {
|
||||
eprintln!("Unable to sign out: {:?}", error);
|
||||
error!("Unable to sign out: {}", error);
|
||||
};
|
||||
|
||||
if let Err(error) = response.add_removal_cookie(&Cookie::new(COOKIE_AUTH_TOKEN_NAME, "")) {
|
||||
eprintln!("Unable to set a removal cookie after sign out: {:?}", error);
|
||||
error!("Unable to set a removal cookie after sign out: {}", error);
|
||||
};
|
||||
};
|
||||
response
|
||||
|
|
@ -400,7 +403,7 @@ async fn not_found(req: HttpRequest, connection: web::Data<db::Connection>) -> i
|
|||
async fn main() -> std::io::Result<()> {
|
||||
if process_args() { return Ok(()) }
|
||||
|
||||
std::env::set_var("RUST_LOG", "actix_web=debug");
|
||||
std::env::set_var("RUST_LOG", "info,actix_web=info");
|
||||
env_logger::init();
|
||||
|
||||
println!("Starting Recipes as web server...");
|
||||
|
|
@ -412,8 +415,6 @@ async fn main() -> std::io::Result<()> {
|
|||
|
||||
let db_connection = web::Data::new(db::Connection::new().unwrap());
|
||||
|
||||
std::env::set_var("RUST_LOG", "actix_web=info");
|
||||
|
||||
let server =
|
||||
HttpServer::new(move || {
|
||||
App::new()
|
||||
|
|
@ -450,13 +451,13 @@ fn process_args() -> bool {
|
|||
match db::Connection::new() {
|
||||
Ok(con) => {
|
||||
if let Err(error) = con.execute_file("sql/data_test.sql") {
|
||||
println!("Error: {:?}", error);
|
||||
error!("{}", error);
|
||||
}
|
||||
// Set the creation datetime to 'now'.
|
||||
con.execute_sql("UPDATE [User] SET [creation_datetime] = ?1 WHERE [email] = 'paul@test.org'", [Utc::now()]).unwrap();
|
||||
},
|
||||
Err(error) => {
|
||||
println!("Error: {:?}", error)
|
||||
error!("Error: {}", error)
|
||||
},
|
||||
}
|
||||
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue