gburri/recipes
1
0
Fork 0
Code Issues 6 Pull requests Projects Releases Packages Wiki Activity Actions

Read the http header from the proxy to get the client IP

Browse source
This commit is contained in:
Greg Burri 2022-11-27 02:01:23 +01:00
parent b6235fb76c
commit 8a3fef096d
6 changed files with 29 additions and 25 deletions
Download patch file Download diff file Expand all files Collapse all files

1
Cargo.lock generated
View file

@ -1567,6 +1567,7 @@ dependencies = [
"futures",
"itertools",
"lettre",
"log",
"r2d2",
"r2d2_sqlite",
"rand",

1
TODO.md
View file

@ -5,6 +5,7 @@
* Two CSS: one for desktop and one for mobile
* Define the logic behind each page and action.
[ok] How to log error to journalctl?
[ok] Sign out
[ok] Read all the askama doc and see if the current approach is good
[ok] Handle 404

1
backend/Cargo.toml
View file

@ -17,6 +17,7 @@ ron = "0.8" # Rust object notation, to load configuration files.
itertools = "0.10"
clap = {version = "4", features = ["derive"]}
log = "0.4"
env_logger = "0.9"
r2d2_sqlite = "0.21" # Connection pool with rusqlite (SQLite access).

1
backend/src/consts.rs
View file

@ -4,3 +4,4 @@ pub const DB_DIRECTORY: &str = "data";
pub const DB_FILENAME: &str = "recipes.sqlite";
pub const SQL_FILENAME: &str = "sql/version_{VERSION}.sql";
pub const VALIDATION_TOKEN_DURATION: i64 = 1 * 60 * 60; // 1 hour. [s].
pub const REVERSE_PROXY_IP_HTTP_FIELD: &str = "x-real-ip";

5
backend/src/email.rs
View file

@ -1,8 +1,7 @@
use lettre::{transport::smtp::{authentication::Credentials}, Message, SmtpTransport, Transport};
use lettre::{transport::smtp::authentication::Credentials, Message, SmtpTransport, Transport};
///
pub fn send_validation(site_url: &str, email: &str, token: &str, smtp_login: &str, smtp_password: &str) -> Result<(), Box<dyn std::error::Error>> {
let email = Message::builder()
.message_id(None)
.from("recipes@gburri.org".parse()?)
@ -15,7 +14,7 @@ pub fn send_validation(site_url: &str, email: &str, token: &str, smtp_login: &st
let mailer = SmtpTransport::relay("mail.gandi.net")?.credentials(credentials).build();
if let Err(error) = mailer.send(&email) {
println!("Error when sending E-mail:\n{:?}", &error);
eprintln!("Error when sending E-mail:\n{:?}", &error);
}
Ok(())

41
backend/src/main.rs
View file

@ -6,6 +6,7 @@ use askama_actix::{Template, TemplateToResponse};
use chrono::{prelude::*, Duration};
use clap::Parser;
use serde::Deserialize;
use log::{debug, error, log_enabled, info, Level};
use config::Config;
use user::User;
@ -23,8 +24,14 @@ const COOKIE_AUTH_TOKEN_NAME: &str = "auth_token";
///// UTILS /////
fn get_ip_and_user_agent(req: &HttpRequest) -> (String, String) {
let ip =
match req.headers().get(consts::REVERSE_PROXY_IP_HTTP_FIELD) {
Some(v) => v.to_str().unwrap_or_default().to_string(),
None => req.peer_addr().map(|addr| addr.ip().to_string()).unwrap_or_default()
};
let user_agent = req.headers().get(header::USER_AGENT).map(|v| v.to_str().unwrap_or_default()).unwrap_or_default().to_string();
let ip = req.peer_addr().map(|addr| addr.ip().to_string()).unwrap_or_default();
(ip, user_agent)
}
@ -42,12 +49,12 @@ fn get_current_user(req: &HttpRequest, connection: &web::Data<db::Connection>) -
Ok(user) =>
Some(user),
Err(error) => {
eprintln!("Error during authentication: {:?}", error);
error!("Error during authentication: {}", error);
None
}
},
Err(error) => {
eprintln!("Error during authentication: {:?}", error);
error!("Error during authentication: {}", error);
None
},
},
@ -146,8 +153,6 @@ enum SignUpError {
#[post("/signup")]
async fn sign_up_post(req: HttpRequest, form: web::Form<SignUpFormData>, connection: web::Data<db::Connection>, config: web::Data<Config>) -> impl Responder {
println!("Sign up, email: {}, passwords: {}/{}", form.email, form.password_1, form.password_2);
fn error_response(error: SignUpError, form: &web::Form<SignUpFormData>, user: Option<User>) -> HttpResponse {
SignUpFormTemplate {
user,
@ -212,13 +217,13 @@ async fn sign_up_post(req: HttpRequest, form: web::Form<SignUpFormData>, connect
.insert_header((header::LOCATION, "/signup_check_email"))
.finish(),
Err(error) => {
eprintln!("Email validation error: {:?}", error);
error!("Email validation error: {}", error);
error_response(SignUpError::UnableSendEmail, &form, user)
},
}
},
Err(error) => {
eprintln!("Signup database error: {:?}", error);
error!("Signup database error: {}", error);
error_response(SignUpError::DatabaseError, &form, user)
},
}
@ -250,7 +255,7 @@ async fn sign_up_validation(req: HttpRequest, query: web::Query<HashMap<String,
Ok(user) =>
Some(user),
Err(error) => {
eprintln!("Error retrieving user by id: {}", error);
error!("Error retrieving user by id: {}", error);
None
}
};
@ -263,7 +268,7 @@ async fn sign_up_validation(req: HttpRequest, query: web::Query<HashMap<String,
}.to_response();
if let Err(error) = response.add_cookie(&cookie) {
eprintln!("Unable to set cookie after validation: {:?}", error);
error!("Unable to set cookie after validation: {}", error);
};
response
@ -324,8 +329,6 @@ enum SignInError {
#[post("/signin")]
async fn sign_in_post(req: HttpRequest, form: web::Form<SignInFormData>, connection: web::Data<db::Connection>) -> impl Responder {
println!("Sign in, email: {}, password: {}", form.email, form.password);
fn error_response(error: SignInError, form: &web::Form<SignInFormData>, user: Option<User>) -> HttpResponse {
SignInFormTemplate {
user,
@ -354,12 +357,12 @@ async fn sign_in_post(req: HttpRequest, form: web::Form<SignInFormData>, connect
.insert_header((header::LOCATION, "/"))
.finish();
if let Err(error) = response.add_cookie(&cookie) {
eprintln!("Unable to set cookie after sign in: {:?}", error);
error!("Unable to set cookie after sign in: {}", error);
};
response
},
Err(error) => {
eprintln!("Signin error: {:?}", error);
error!("Signin error: {}", error);
error_response(SignInError::AuthenticationFailed, &form, user)
},
}
@ -377,11 +380,11 @@ async fn sign_out(req: HttpRequest, connection: web::Data<db::Connection>) -> im
if let Some(token_cookie) = req.cookie(COOKIE_AUTH_TOKEN_NAME) {
if let Err(error) = connection.sign_out(token_cookie.value()) {
eprintln!("Unable to sign out: {:?}", error);
error!("Unable to sign out: {}", error);
};
if let Err(error) = response.add_removal_cookie(&Cookie::new(COOKIE_AUTH_TOKEN_NAME, "")) {
eprintln!("Unable to set a removal cookie after sign out: {:?}", error);
error!("Unable to set a removal cookie after sign out: {}", error);
};
};
response
@ -400,7 +403,7 @@ async fn not_found(req: HttpRequest, connection: web::Data<db::Connection>) -> i
async fn main() -> std::io::Result<()> {
if process_args() { return Ok(()) }
std::env::set_var("RUST_LOG", "actix_web=debug");
std::env::set_var("RUST_LOG", "info,actix_web=info");
env_logger::init();
println!("Starting Recipes as web server...");
@ -412,8 +415,6 @@ async fn main() -> std::io::Result<()> {
let db_connection = web::Data::new(db::Connection::new().unwrap());
std::env::set_var("RUST_LOG", "actix_web=info");
let server =
HttpServer::new(move || {
App::new()
@ -450,13 +451,13 @@ fn process_args() -> bool {
match db::Connection::new() {
Ok(con) => {
if let Err(error) = con.execute_file("sql/data_test.sql") {
println!("Error: {:?}", error);
error!("{}", error);
}
// Set the creation datetime to 'now'.
con.execute_sql("UPDATE [User] SET [creation_datetime] = ?1 WHERE [email] = 'paul@test.org'", [Utc::now()]).unwrap();
},
Err(error) => {
println!("Error: {:?}", error)
error!("Error: {}", error)
},
}