Implement auth mechanism

collie-reader · Aug 30, 2024 · b6e45ee · b6e45ee
1 parent 35ed521
commit b6e45ee
Show file tree

Hide file tree

Showing 7 changed files with 261 additions and 18 deletions.
diff --git a/Cargo.lock b/Cargo.lock
diff --git a/Cargo.toml b/Cargo.toml
@@ -14,8 +14,10 @@ clap = { version = "4.0", features = ["derive"] }
 log = "0.4"
 pretty_env_logger = "0.4"
 tokio = { version = "1.0", features = ["full"] }
-axum = "0.7"
+axum = { version = "0.7", features = ["http2"] }
+axum-extra = { version = "0.9", features = ["typed-header"] }
 daemonize = "0.5"
 toml = "0.8.19"
 thiserror = "1.0"
 collie = { path = "../lib/collie", features = ["auth"] }
+http = "1.1.0"
diff --git a/src/adapter/auth.rs b/src/adapter/auth.rs
@@ -0,0 +1,25 @@
+use axum::{extract::State, Extension, Json};
+use collie::auth::{
+    error::Error,
+    token::{self, Login},
+};
+use http::StatusCode;
+
+use crate::config::SharedAppState;
+
+pub async fn authorize(
+    State(SharedAppState {
+        conn,
+        server_secret,
+        ..
+    }): State<SharedAppState>,
+    Extension(arg): Extension<Login>,
+) -> (StatusCode, Json<String>) {
+    match token::issue(&conn, &arg.access, &arg.secret, &server_secret) {
+        Ok(token) => (StatusCode::OK, Json(token)),
+        Err(kind) => match kind {
+            Error::Unauthorized => (StatusCode::UNAUTHORIZED, Json("".to_string())),
+            _ => (StatusCode::INTERNAL_SERVER_ERROR, Json("".to_string())),
+        },
+    }
+}
diff --git a/src/adapter/feed.rs b/src/adapter/feed.rs
@@ -14,7 +14,7 @@ use collie::{
 use crate::config::SharedAppState;
 
 pub async fn create(
-    State(SharedAppState { conn, config }): State<SharedAppState>,
+    State(SharedAppState { conn, config, .. }): State<SharedAppState>,
     Json(arg): Json<FeedToCreate>,
 ) -> (StatusCode, Json<bool>) {
     if arg.link.is_empty() {

diff --git a/src/config.rs b/src/config.rs
@@ -27,6 +27,7 @@ impl AppState {
 #[derive(Clone)]
 pub struct SharedAppState {
     pub conn: Arc<Connection>,
+    pub server_secret: String,
     pub config: Config,
 }
 
@@ -35,6 +36,7 @@ impl SharedAppState {
         let config = read_config();
         Self {
             conn: Arc::new(open_connection(&config)),
+            server_secret: collie::auth::key::generate_key(),
             config,
         }
     }

diff --git a/src/main.rs b/src/main.rs
@@ -6,6 +6,7 @@ mod error;
 mod serve;
 
 mod adapter {
+    pub mod auth;
     pub mod feed;
     pub mod item;
 }
@@ -63,10 +64,12 @@ async fn main() {
         }
         Commands::Key(key) => match &key.commands {
             KeyCommands::New { description } => {
-                println!("Generating new key...");
-                let access_key =
+                println!("Generating new keys...");
+                let (access_key, secret_key) =
                     collie::auth::key::create(AppState::new().conn, description).unwrap();
+                println!("Register the following keys with your client. DO NOT share the secret key with anyone.");
                 println!("Access key: {}", access_key);
+                println!("Secret key: {}", secret_key);
             }
         },
     }