forked from ReiMerc/skantravels
Create env file for jwt secret
This commit is contained in:
parent
62659a7746
commit
707b7b5fce
GPG Key ID:
93549FA07F0AE268
2
rust-backend/.env.example
Normal file
2
rust-backend/.env.example
Normal file
@ -0,0 +1,2 @@
|
|||||||
|
JWT_SECRET=DenHerMåAldrigVæreOffentligKunIDetteDemoProjekt
|
||||||
|
|
||||||
2
rust-backend/.gitignore
vendored
2
rust-backend/.gitignore
vendored
@ -1,4 +1,4 @@
|
|||||||
target
|
target
|
||||||
database.sqlite3
|
database.sqlite3
|
||||||
|
.env
|
||||||
|
|
||||||
|
|||||||
7
rust-backend/Cargo.lock
generated
7
rust-backend/Cargo.lock
generated
@ -426,6 +426,12 @@ dependencies = [
|
|||||||
"subtle",
|
"subtle",
|
||||||
]
|
]
|
||||||
|
|
||||||
|
[[package]]
|
||||||
|
name = "dotenvy"
|
||||||
|
version = "0.15.7"
|
||||||
|
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||||
|
checksum = "1aaf95b3e5c8f23aa320147307562d361db0ae0d51242340f558153b4eb2439b"
|
||||||
|
|
||||||
[[package]]
|
[[package]]
|
||||||
name = "encoding_rs"
|
name = "encoding_rs"
|
||||||
version = "0.8.34"
|
version = "0.8.34"
|
||||||
@ -1125,6 +1131,7 @@ dependencies = [
|
|||||||
"actix-utils",
|
"actix-utils",
|
||||||
"actix-web",
|
"actix-web",
|
||||||
"base64",
|
"base64",
|
||||||
|
"dotenvy",
|
||||||
"hmac",
|
"hmac",
|
||||||
"refinery",
|
"refinery",
|
||||||
"rusqlite",
|
"rusqlite",
|
||||||
|
|||||||
@ -10,6 +10,7 @@ hmac = "0.12.1"
|
|||||||
serde_json = "1.0.124"
|
serde_json = "1.0.124"
|
||||||
actix-web = "4"
|
actix-web = "4"
|
||||||
actix-utils = "3.0.1"
|
actix-utils = "3.0.1"
|
||||||
|
dotenvy = "0.15.7"
|
||||||
refinery = { version = "0.8.14", features = ["rusqlite"] }
|
refinery = { version = "0.8.14", features = ["rusqlite"] }
|
||||||
rusqlite = { version = "0.31", features = ["bundled"] }
|
rusqlite = { version = "0.31", features = ["bundled"] }
|
||||||
|
|
||||||
|
|||||||
@ -30,6 +30,8 @@ impl FromRequest for AuthorizedUser {
|
|||||||
}
|
}
|
||||||
|
|
||||||
fn get_authorized_user(req: &HttpRequest) -> Option<AuthorizedUser> {
|
fn get_authorized_user(req: &HttpRequest) -> Option<AuthorizedUser> {
|
||||||
|
let secret = std::env::var("JWT_SECRET").expect("JWT_SECRET must be provided");
|
||||||
|
|
||||||
let token = req.headers()
|
let token = req.headers()
|
||||||
.get("Authorization")
|
.get("Authorization")
|
||||||
.and_then(|value| value.to_str().ok())
|
.and_then(|value| value.to_str().ok())
|
||||||
@ -51,7 +53,7 @@ fn get_authorized_user(req: &HttpRequest) -> Option<AuthorizedUser> {
|
|||||||
let payload: Value = serde_json::from_slice(&URL_SAFE_NO_PAD.decode(jwt_parts.get(1).unwrap()).ok()?).ok()?;
|
let payload: Value = serde_json::from_slice(&URL_SAFE_NO_PAD.decode(jwt_parts.get(1).unwrap()).ok()?).ok()?;
|
||||||
let signature = URL_SAFE_NO_PAD.decode(jwt_parts.get(2).unwrap()).ok()?;
|
let signature = URL_SAFE_NO_PAD.decode(jwt_parts.get(2).unwrap()).ok()?;
|
||||||
|
|
||||||
let mut mac = Hmac::<Sha256>::new_from_slice("DenHerMåAldrigVæreOffentligKunIDetteDemoProjekt".as_bytes()).ok()?;
|
let mut mac = Hmac::<Sha256>::new_from_slice(secret.as_bytes()).ok()?;
|
||||||
mac.update(format!("{}.{}", jwt_parts.get(0).unwrap(), jwt_parts.get(1).unwrap()).as_bytes());
|
mac.update(format!("{}.{}", jwt_parts.get(0).unwrap(), jwt_parts.get(1).unwrap()).as_bytes());
|
||||||
|
|
||||||
if mac.verify_slice(&signature).is_err() {
|
if mac.verify_slice(&signature).is_err() {
|
||||||
|
|||||||
@ -31,6 +31,8 @@ async fn authorized(auth: AuthorizedUser) -> impl Responder {
|
|||||||
|
|
||||||
#[actix_web::main]
|
#[actix_web::main]
|
||||||
async fn main() -> std::io::Result<()> {
|
async fn main() -> std::io::Result<()> {
|
||||||
|
let _ = dotenvy::dotenv();
|
||||||
|
|
||||||
let port = std::env::var("RUST_BACKEND_PORT")
|
let port = std::env::var("RUST_BACKEND_PORT")
|
||||||
.ok()
|
.ok()
|
||||||
.and_then(|port| port.parse::<u16>().ok())
|
.and_then(|port| port.parse::<u16>().ok())
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user