ReiMerc/skantravels
2
0
Fork 1
Code Issues Pull Requests 1 Packages Projects 1 Releases Wiki Activity

Create env file for jwt secret

Browse Source
This commit is contained in:
Reimar 2024-08-15 08:36:55 +02:00
parent 62659a7746
commit 707b7b5fce
Signed by: Reimar
GPG Key ID: 93549FA07F0AE268
6 changed files with 16 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
rust-backend/.env.example Normal file
View File

@ -0,0 +1,2 @@
JWT_SECRET=DenHerMåAldrigVæreOffentligKunIDetteDemoProjekt

2
rust-backend/.gitignore vendored
View File

@ -1,4 +1,4 @@
target target
database.sqlite3 database.sqlite3
.env

7
rust-backend/Cargo.lock generated
View File

@ -426,6 +426,12 @@ dependencies = [
"subtle", "subtle",
] ]
[[package]]
name = "dotenvy"
version = "0.15.7"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "1aaf95b3e5c8f23aa320147307562d361db0ae0d51242340f558153b4eb2439b"
[[package]] [[package]]
name = "encoding_rs" name = "encoding_rs"
version = "0.8.34" version = "0.8.34"
@ -1125,6 +1131,7 @@ dependencies = [
"actix-utils", "actix-utils",
"actix-web", "actix-web",
"base64", "base64",
"dotenvy",
"hmac", "hmac",
"refinery", "refinery",
"rusqlite", "rusqlite",

1
rust-backend/Cargo.toml
View File

@ -10,6 +10,7 @@ hmac = "0.12.1"
serde_json = "1.0.124" serde_json = "1.0.124"
actix-web = "4" actix-web = "4"
actix-utils = "3.0.1" actix-utils = "3.0.1"
dotenvy = "0.15.7"
refinery = { version = "0.8.14", features = ["rusqlite"] } refinery = { version = "0.8.14", features = ["rusqlite"] }
rusqlite = { version = "0.31", features = ["bundled"] } rusqlite = { version = "0.31", features = ["bundled"] }

4
rust-backend/src/auth.rs
View File

@ -30,6 +30,8 @@ impl FromRequest for AuthorizedUser {
} }
fn get_authorized_user(req: &HttpRequest) -> Option<AuthorizedUser> { fn get_authorized_user(req: &HttpRequest) -> Option<AuthorizedUser> {
let secret = std::env::var("JWT_SECRET").expect("JWT_SECRET must be provided");
let token = req.headers() let token = req.headers()
.get("Authorization") .get("Authorization")
.and_then(|value| value.to_str().ok()) .and_then(|value| value.to_str().ok())
@ -51,7 +53,7 @@ fn get_authorized_user(req: &HttpRequest) -> Option<AuthorizedUser> {
let payload: Value = serde_json::from_slice(&URL_SAFE_NO_PAD.decode(jwt_parts.get(1).unwrap()).ok()?).ok()?; let payload: Value = serde_json::from_slice(&URL_SAFE_NO_PAD.decode(jwt_parts.get(1).unwrap()).ok()?).ok()?;
let signature = URL_SAFE_NO_PAD.decode(jwt_parts.get(2).unwrap()).ok()?; let signature = URL_SAFE_NO_PAD.decode(jwt_parts.get(2).unwrap()).ok()?;
let mut mac = Hmac::<Sha256>::new_from_slice("DenHerMåAldrigVæreOffentligKunIDetteDemoProjekt".as_bytes()).ok()?; let mut mac = Hmac::<Sha256>::new_from_slice(secret.as_bytes()).ok()?;
mac.update(format!("{}.{}", jwt_parts.get(0).unwrap(), jwt_parts.get(1).unwrap()).as_bytes()); mac.update(format!("{}.{}", jwt_parts.get(0).unwrap(), jwt_parts.get(1).unwrap()).as_bytes());
if mac.verify_slice(&signature).is_err() { if mac.verify_slice(&signature).is_err() {

2
rust-backend/src/main.rs
View File

@ -31,6 +31,8 @@ async fn authorized(auth: AuthorizedUser) -> impl Responder {
#[actix_web::main] #[actix_web::main]
async fn main() -> std::io::Result<()> { async fn main() -> std::io::Result<()> {
let _ = dotenvy::dotenv();
let port = std::env::var("RUST_BACKEND_PORT") let port = std::env::var("RUST_BACKEND_PORT")
.ok() .ok()
.and_then(|port| port.parse::<u16>().ok()) .and_then(|port| port.parse::<u16>().ok())