Skip to content

Commit

Permalink
503 rss feeds exposed by default (#506)
Browse files Browse the repository at this point in the history 
* Cleaned up code.

* Cleaned up code.

* Cleaned up code.

* Cleaned up code.

* Added user management in frontend.

* Also secured rss feeds.

* Formatted code.

* Fixed clippy and tests.
  • Loading branch information
@SamTV12345
SamTV12345 authored Dec 29, 2023
1 parent 07c66c9 commit c60dad5
Show file tree
Hide file tree
Showing 62 changed files with 1,661 additions and 1,082 deletions.
1,036 changes: 524 additions & 512 deletions Cargo.lock
View file

Large diffs are not rendered by default.

2 changes: 2 additions & 0 deletions migrations/2023-12-28-114101_user_api_key/down.sql
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,2 @@
-- This file should undo anything in `up.sql`
ALTER TABLE users DROP COLUMN api_key;
2 changes: 2 additions & 0 deletions migrations/2023-12-28-114101_user_api_key/up.sql
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,2 @@
-- Your SQL goes here
ALTER TABLE users ADD COLUMN api_key VARCHAR(255);
2 changes: 2 additions & 0 deletions migrations/postgres/2023-12-28-114101_user_api_key/down.sql
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,2 @@
-- This file should undo anything in `up.sql`
ALTER TABLE users DROP COLUMN api_key;
3 changes: 3 additions & 0 deletions migrations/postgres/2023-12-28-114101_user_api_key/up.sql
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
-- Your SQL goes here
ALTER TABLE users ADD COLUMN api_key VARCHAR(255);
CREATE INDEX users_api_key_idx ON users (api_key);
3 changes: 3 additions & 0 deletions migrations/sqlite/2023-12-28-114101_user_api_key/down.sql
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
-- This file should undo anything in `up.sql`
ALTER TABLE users DROP COLUMN api_key;
DROP INDEX users_api_key_idx;
4 changes: 4 additions & 0 deletions migrations/sqlite/2023-12-28-114101_user_api_key/up.sql
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,4 @@
-- Your SQL goes here
ALTER TABLE users ADD COLUMN api_key VARCHAR(255);

CREATE INDEX users_api_key_idx ON users (api_key);
39 changes: 21 additions & 18 deletions src/auth_middleware.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@ use std::ops::Deref;
use std::pin::Pin;
use std::rc::Rc;

use crate::constants::inner_constants::{BASIC_AUTH, OIDC_AUTH, PASSWORD, USERNAME};
use crate::constants::inner_constants::{BASIC_AUTH, ENVIRONMENT_SERVICE, OIDC_AUTH};
use crate::models::user::User;
use crate::DbPool;
use actix::fut::ok;
Expand All @@ -16,7 +16,7 @@ use actix_web::{
};
use base64::engine::general_purpose;
use base64::Engine;
use dotenv::var;

use futures_util::future::{LocalBoxFuture, Ready};
use futures_util::FutureExt;
use jsonwebtoken::jwk::Jwk;
Expand Down Expand Up @@ -93,6 +93,7 @@ where
S::Future: 'static,
{
fn handle_basic_auth(&self, req: ServiceRequest) -> MyFuture<B, Error> {
let env_service = ENVIRONMENT_SERVICE.get().unwrap();
let opt_auth_header = req.headers().get("Authorization");
if opt_auth_header.is_none() {
return Box::pin(ok(req
Expand All @@ -112,23 +113,24 @@ where
}
let unwrapped_user = found_user.unwrap();

if unwrapped_user.username.clone() == var(USERNAME).unwrap() {
return match password == var(PASSWORD).unwrap() {
true => {
req.extensions_mut().insert(unwrapped_user);
let service = Rc::clone(&self.service);
async move {
service
.call(req)
.await
.map(|res| res.map_into_left_body())
}
if let Some(admin_username) = env_service.username.clone() {
if unwrapped_user.username.clone() == admin_username {
return match env_service.password.is_some()
&& digest(password) == env_service.password.clone().unwrap()
{
true => {
req.extensions_mut().insert(unwrapped_user);
let service = Rc::clone(&self.service);
async move {
service.call(req).await.map(|res| res.map_into_left_body())
}
.boxed_local()
}
false => Box::pin(ok(req
.error_response(ErrorUnauthorized("Unauthorized"))
.map_into_right_body())),
};
}
false => Box::pin(ok(req
.error_response(ErrorUnauthorized("Unauthorized"))
.map_into_right_body())),
};
}
}

if unwrapped_user.password.clone().unwrap() == digest(password) {
Expand Down Expand Up @@ -206,6 +208,7 @@ where
password: None,
explicit_consent: false,
created_at: chrono::Utc::now().naive_utc(),
api_key: None,
},
&mut pool.get().unwrap(),
)
Expand Down
33 changes: 25 additions & 8 deletions src/command_line_runner.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -49,9 +49,7 @@ pub fn start_command_line(mut args: Args) {
let podcast = Podcast::get_podcast_by_rss_feed(replaced_feed, conn)
.expect("Error getting podcast");

let mut podcast_episode_service = PodcastEpisodeService::new();
podcast_episode_service
.insert_podcast_episodes(conn, podcast.clone())
PodcastEpisodeService::insert_podcast_episodes(conn, podcast.clone())
.unwrap();
podcast_service
.schedule_episode_download(podcast, None, conn)
Expand All @@ -70,10 +68,11 @@ pub fn start_command_line(mut args: Args) {
for podcast in podcasts.unwrap() {
println!("Refreshing podcast {}", podcast.name);

let mut podcast_episode_service = PodcastEpisodeService::new();
podcast_episode_service
.insert_podcast_episodes(&mut establish_connection(), podcast.clone())
.unwrap();
PodcastEpisodeService::insert_podcast_episodes(
&mut establish_connection(),
podcast.clone(),
)
.unwrap();
podcast_service
.schedule_episode_download(podcast, None, conn)
.unwrap();
Expand Down Expand Up @@ -125,6 +124,23 @@ pub fn start_command_line(mut args: Args) {
}
}
}
"generate" => match args.next().unwrap().as_str() {
"apiKey" => {
let conn = &mut establish_connection();
User::find_all_users(conn).iter().for_each(|u| {
log::info!("Updating api key of user {}", &u.username);
User::update_api_key_of_user(
&u.username,
uuid::Uuid::new_v4().to_string(),
conn,
)
.expect("Error updating api key");
})
}
_ => {
error!("Command not found")
}
},
"remove" => {
let mut username = String::new();
// remove user
Expand Down Expand Up @@ -217,7 +233,7 @@ pub fn start_command_line(mut args: Args) {
}
"migration" => {
error!("Command not found")
},
}
"debug" => {
create_debug_message();
}
Expand Down Expand Up @@ -262,6 +278,7 @@ pub fn read_user_account() -> Result<User, CustomError> {
password: Some(trim_string(password)),
explicit_consent: false,
created_at: get_current_timestamp_str(),
api_key: None,
};

Ok(user)
Expand Down
11 changes: 2 additions & 9 deletions src/config/dbconfig.rs
View file
Original file line number Diff line number Diff line change
@@ -1,8 +1,7 @@
use crate::constants::inner_constants::{DATABASE_URL, DATABASE_URL_DEFAULT_SQLITE};
use crate::constants::inner_constants::ENVIRONMENT_SERVICE;
use crate::dbconfig::DBType;
use crate::DBType as DbConnection;
use diesel::prelude::*;
use std::env;
use std::process::exit;
use std::time::Duration;

Expand Down Expand Up @@ -33,15 +32,9 @@ impl r2d2::CustomizeConnection<DbConnection, diesel::r2d2::Error> for Connection
}

pub fn establish_connection() -> DBType {
let database_url = &get_database_url();
let database_url = &ENVIRONMENT_SERVICE.get().unwrap().database_url;
DBType::establish(database_url).unwrap_or_else(|e| {
log::error!("Error connecting to {} with reason {}", database_url, e);
exit(1)
})
}

pub fn get_database_url() -> String {
let url = env::var(DATABASE_URL).unwrap_or(DATABASE_URL_DEFAULT_SQLITE.to_string());
log::debug!("Database url is set to {}", url);
url
}
13 changes: 8 additions & 5 deletions src/constants/inner_constants.rs
View file
Original file line number Diff line number Diff line change
@@ -1,9 +1,8 @@

use crate::service::environment_service::EnvironmentService;
use std::fmt;
use std::fmt::Formatter;
use std::str::FromStr;


use std::sync::OnceLock;

pub static ITUNES_URL: &str = "https://itunes.apple.com/search?term=";

Expand Down Expand Up @@ -92,7 +91,7 @@ pub const BASIC_AUTH: &str = "BASIC_AUTH";

pub const USERNAME: &str = "USERNAME";
pub const PASSWORD: &str = "PASSWORD";

pub const API_KEY: &str = "API_KEY";
pub const SERVER_URL: &str = "SERVER_URL";

pub const SUB_DIRECTORY: &str = "SUB_DIRECTORY";
Expand Down Expand Up @@ -130,4 +129,8 @@ pub const COMMON_USER_AGENT: &str = "Mozilla/5.0 (Windows NT 10.0; Win64; x64) A
pub const OIDC_JWKS: &str = "OIDC_JWKS";

// Default device when viewing via web interface
pub const DEFAULT_DEVICE: &str = "webview";
pub const DEFAULT_DEVICE: &str = "webview";

// static constants

pub static ENVIRONMENT_SERVICE: OnceLock<EnvironmentService> = OnceLock::new();
6 changes: 3 additions & 3 deletions src/controllers/controller_utils.rs
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
use crate::service::environment_service::EnvironmentService;
use crate::constants::inner_constants::ENVIRONMENT_SERVICE;
use serde_json::Value;

pub fn unwrap_string(value: &Value) -> String {
Expand All @@ -8,7 +8,7 @@ pub fn unwrap_string(value: &Value) -> String {
pub fn unwrap_string_audio(value: &Value) -> String {
match value.to_string().is_empty() {
true => {
let env = EnvironmentService::new();
let env = ENVIRONMENT_SERVICE.get().unwrap();

env.server_url.clone().to_owned() + "ui/default.jpg"
}
Expand All @@ -17,7 +17,7 @@ pub fn unwrap_string_audio(value: &Value) -> String {
}

pub fn get_default_image() -> String {
let env = EnvironmentService::new();
let env = ENVIRONMENT_SERVICE.get().unwrap();

env.server_url.clone().to_owned() + "ui/default.jpg"
}
Loading

0 comments on commit c60dad5

Please sign in to comment.