Merge branch 'release/0.0.2'

Author: proofrock

CHANGELOG.md

@@ -1,3 +1,3 @@
-## v0.0.1
+## v0.0.x
 
 First public-ish version

Cargo.lock

@@ -2,7 +2,7 @@
 authors = ["Germano Rizzo <oss /AT/ germanorizzo /DOT/ it>"]
 description = "A SQLite remote gateway - query SQLite via HTTP"
 name = "sqliterg"
-version = "0.0.1"
+version = "0.0.2"
 edition = "2021"
 license = "Apache-2.0"
 

Cargo.toml

@@ -62,7 +62,6 @@ Obtaining an answer of:
 - "[**Macros**](https://germ.gitbook.io/sqliterg/documentation/macros)": lists of statements that can be executed at db creation, at startup, periodically or calling a web service;
 - **Backups**, rotated and also runnable at db creation, at startup, periodically or calling a web service;
 - [**CORS**](https://germ.gitbook.io/sqliterg/documentation/configuration-file#corsorigin) mode, configurable per-db;
-- Scheduled tasks can be: backup (with rotation), vacuum and/or a set of SQL statements;
 - [**Journal Mode**](https://sqlite.org/wal.html) (e.g. WAL) can be configured;
 - [**Embedded web server**](https://germ.gitbook.io/sqliterg/documentation/web-server) to directly serve web pages that can access sqliterg without CORS;- [Quite fast](features/performances.md)!
 - Comprehensive test suite (`make test`);

README.md

@@ -2,6 +2,8 @@
 
 # If present, "auth" defines the authentication for this database
 auth:
+  # Optional, by default 401. The error HTTP code to be returned if auth fails.
+  authErrorCode: 499
   # Mandatory. Defines how the credentials are passed to the server.
   #   "INLINE" means that credentials are passed in the request
   #   "HTTP_BASIC" uses Basic Authentication (via the "Authorization: Basic" header)
@@ -55,6 +57,8 @@ macros:
       # Exposes an endpoint to execute the macro. A token-based for of authentication is mandatory.
       # Endpoint is http://<host>:<port>/<db_name>/macro/<macro_id>
       webService:
+        # Optional, by default 401. The error HTTP code to be returned if auth fails.
+        authErrorCode: 499
         # Either a plaintext "authToken" or a SHA-256 hashed "hashedAuthToken" must be supplied.
         authToken: ciao
         hashedAuthToken: b133a0c0e9bee3be20163d2ad31d6248db292aa6dcb1ee087a2aa50e0fc75ae2
@@ -76,6 +80,8 @@ backup:
     # Exposes an endpoint to execute the backup. A token-based for of authentication is mandatory.
     # Endpoint is http://<host>:<port>/<db_name>/backup
     webService:
+      # Optional, by default 401. The error HTTP code to be returned if auth fails.
+      authErrorCode: 499
       # Either a plaintext "authToken" or a SHA-256 hashed "hashedAuthToken" must be supplied.
       authToken: ciao
       hashedAuthToken: b133a0c0e9bee3be20163d2ad31d6248db292aa6dcb1ee087a2aa50e0fc75ae2

db_conf.template.yaml

@@ -86,7 +86,7 @@ pub async fn handler(
             Some(bkp_ws) => {
                 if !process_creds(&token.token, &bkp_ws.auth_token, &bkp_ws.hashed_auth_token) {
                     return Response::new_err(
-                        401,
+                        bkp_ws.auth_error_code,
                         -1,
                         format!("In database '{}', backup: token mismatch", db_name),
                     );

src/backup.rs

@@ -26,8 +26,15 @@ pub enum AuthMode {
     Inline,
 }
 
+fn default_401() -> u16 {
+    401
+}
+
 #[derive(Debug, Deserialize, Clone)]
 pub struct Auth {
+    #[serde(rename = "authErrorCode")]
+    #[serde(default = "default_401")]
+    pub auth_error_code: u16,
     pub mode: AuthMode,
     #[serde(rename = "byQuery")]
     pub by_query: Option<String>,
@@ -51,6 +58,9 @@ pub struct StoredStatement {
 
 #[derive(Debug, Deserialize, Clone)]
 pub struct ExecutionWebService {
+    #[serde(rename = "authErrorCode")]
+    #[serde(default = "default_401")]
+    pub auth_error_code: u16,
     #[serde(rename = "authToken")]
     pub auth_token: Option<String>,
     #[serde(rename = "hashedAuthToken")]

src/db_config.rs

@@ -114,19 +114,14 @@ fn process(
     dbconf: &DbConfig,
     auth_header: &Option<Authorization<Basic>>,
 ) -> Result<Response> {
-    if dbconf.auth.is_some()
-        && !process_auth(
-            dbconf.auth.as_ref().unwrap(),
-            conn,
-            &http_req.credentials,
-            auth_header,
-        )
-    {
-        return Ok(Response::new_err(
-            401,
-            -1,
-            "Authorization failed".to_string(),
-        ));
+    if let Some(ac) = &dbconf.auth {
+        if !process_auth(ac, conn, &http_req.credentials, auth_header) {
+            return Ok(Response::new_err(
+                ac.auth_error_code,
+                -1,
+                "Authorization failed".to_string(),
+            ));
+        }
     }
 
     let tx = conn.transaction()?;

src/logic.rs

@@ -158,7 +158,7 @@ pub async fn handler(
             Some(mex_ws) => {
                 if !process_creds(&token.token, &mex_ws.auth_token, &mex_ws.hashed_auth_token) {
                     return Response::new_err(
-                        401,
+                        mex_ws.auth_error_code,
                         -1,
                         format!(
                             "In database '{}', macro '{}': token mismatch",