nikdoof/rustical
1
1
Fork 0
mirror of https://github.com/lennart-k/rustical.git synced 2025-12-13 13:32:16 +00:00
Code Issues Packages Projects Releases Wiki Activity

Move session middleware outside such that we can access webdav endpoints from the frontend

Browse Source
This commit is contained in:
Lennart
2025-06-09 17:29:33 +02:00
parent 2ba0beeafc
commit 9dd5995950
4 changed files with 39 additions and 59 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
crates/frontend/src/lib.rs
View File

@@ -14,10 +14,6 @@ use rustical_store::{
auth::{AuthenticationProvider, middleware::AuthenticationLayer},
};
use std::sync::Arc;
use tower_sessions::{
Expiry, SessionManagerLayer, SessionStore,
cookie::{SameSite, time::Duration},
};
use url::Url;
mod assets;
@@ -45,19 +41,13 @@ use crate::{
},
};
pub fn frontend_router<
AP: AuthenticationProvider,
CS: CalendarStore,
AS: AddressbookStore,
S: SessionStore + Clone,
>(
pub fn frontend_router<AP: AuthenticationProvider, CS: CalendarStore, AS: AddressbookStore>(
prefix: &'static str,
auth_provider: Arc<AP>,
cal_store: Arc<CS>,
addr_store: Arc<AS>,
frontend_config: FrontendConfig,
oidc_config: Option<OidcConfig>,
session_store: S,
) -> Router {
let mut router = Router::new();
router = router
@@ -123,12 +113,6 @@ pub fn frontend_router<
router = router
.layer(AuthenticationLayer::new(auth_provider.clone()))
.layer(
SessionManagerLayer::new(session_store)
.with_secure(true)
.with_same_site(SameSite::Strict)
.with_expiry(Expiry::OnInactivity(Duration::hours(2))),
)
.layer(Extension(auth_provider.clone()))
.layer(Extension(cal_store.clone()))
.layer(Extension(addr_store.clone()))

15
crates/frontend/src/nextcloud_login/mod.rs
View File

@@ -1,3 +1,4 @@
use crate::unauthorized_handler;
use axum::routing::{get, post};
use axum::{Extension, Router, middleware};
use chrono::{DateTime, Utc};
@@ -8,11 +9,6 @@ use serde::{Deserialize, Serialize};
use std::collections::HashMap;
use std::sync::Arc;
use tokio::sync::RwLock;
use tower_sessions::cookie::SameSite;
use tower_sessions::cookie::time::Duration;
use tower_sessions::{Expiry, SessionManagerLayer, SessionStore};
use crate::unauthorized_handler;
mod routes;
#[derive(Debug, Clone)]
@@ -50,10 +46,9 @@ pub struct NextcloudFlows {
flows: RwLock<HashMap<String, NextcloudFlow>>,
}
pub fn nextcloud_login_router<AP: AuthenticationProvider, S: SessionStore + Clone>(
pub fn nextcloud_login_router<AP: AuthenticationProvider>(
nextcloud_flows_state: Arc<NextcloudFlows>,
auth_provider: Arc<AP>,
session_store: S,
) -> Router {
Router::new()
.route("/poll/{flow}", post(post_nextcloud_poll::<AP>))
@@ -65,11 +60,5 @@ pub fn nextcloud_login_router<AP: AuthenticationProvider, S: SessionStore + Clon
.layer(Extension(nextcloud_flows_state))
.layer(Extension(auth_provider.clone()))
.layer(AuthenticationLayer::new(auth_provider.clone()))
.layer(
SessionManagerLayer::new(session_store)
.with_secure(true)
.with_same_site(SameSite::Strict)
.with_expiry(Expiry::OnInactivity(Duration::hours(2))),
)
.layer(middleware::from_fn(unauthorized_handler))
}

64
src/app.rs
View File

@@ -12,7 +12,8 @@ use std::sync::Arc;
use std::time::Duration;
use tower_http::classify::ServerErrorsFailureClass;
use tower_http::trace::TraceLayer;
use tower_sessions::MemoryStore;
use tower_sessions::cookie::SameSite;
use tower_sessions::{Expiry, MemoryStore, SessionManagerLayer};
use tracing::Span;
use crate::config::NextcloudLoginConfig;
@@ -52,40 +53,47 @@ pub fn make_app<AS: AddressbookStore, CS: CalendarStore, S: SubscriptionStore>(
addr_store.clone(),
frontend_config,
oidc_config,
session_store.clone(),
));
}
if nextcloud_login_config.enabled {
router = router.nest(
"/index.php/login/v2",
nextcloud_login_router(
nextcloud_flows_state,
auth_provider.clone(),
session_store.clone(),
),
nextcloud_login_router(nextcloud_flows_state, auth_provider.clone()),
);
}
router.layer(
TraceLayer::new_for_http()
.make_span_with(|request: &Request| {
tracing::debug_span!(
"http-request",
status_code = tracing::field::Empty,
otel.name =
tracing::field::display(format!("{} {}", request.method(), request.uri())),
)
})
.on_request(|_req: &Request, _span: &Span| {})
.on_response(|response: &Response, _latency: Duration, span: &Span| {
span.record("status_code", tracing::field::display(response.status()));
router
.layer(
SessionManagerLayer::new(session_store)
.with_secure(true)
.with_same_site(SameSite::Strict)
.with_expiry(Expiry::OnInactivity(
tower_sessions::cookie::time::Duration::hours(2),
)),
)
.layer(
TraceLayer::new_for_http()
.make_span_with(|request: &Request| {
tracing::debug_span!(
"http-request",
status_code = tracing::field::Empty,
otel.name = tracing::field::display(format!(
"{} {}",
request.method(),
request.uri()
)),
)
})
.on_request(|_req: &Request, _span: &Span| {})
.on_response(|response: &Response, _latency: Duration, span: &Span| {
span.record("status_code", tracing::field::display(response.status()));
tracing::debug!("response generated")
})
.on_failure(
|_error: ServerErrorsFailureClass, _latency: Duration, _span: &Span| {
tracing::error!("something went wrong")
},
),
)
tracing::debug!("response generated")
})
.on_failure(
|_error: ServerErrorsFailureClass, _latency: Duration, _span: &Span| {
tracing::error!("something went wrong")
},
),
)
}

1
src/main.rs
View File

@@ -10,7 +10,6 @@ use config::{DataStoreConfig, SqliteDataStoreConfig};
use figment::Figment;
use figment::providers::{Env, Format, Toml};
use rustical_dav_push::DavPushController;
use rustical_dav_push::notifier::push_notifier;
use rustical_frontend::nextcloud_login::NextcloudFlows;
use rustical_store::auth::AuthenticationProvider;
use rustical_store::{AddressbookStore, CalendarStore, CollectionOperation, SubscriptionStore};