refactor: switch from "rauth" to Authifier crate

This commit is contained in:
Paul Makles
2023-01-29 14:14:35 +00:00
parent 0afbcc065f
commit c03fcda85b
20 changed files with 128 additions and 106 deletions

104
Cargo.lock generated
View File

@@ -330,6 +330,40 @@ dependencies = [
"winapi 0.3.9", "winapi 0.3.9",
] ]
[[package]]
name = "authifier"
version = "1.0.7"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "a84411393a4326726ead660991ce8047f1865fa89900fb6c18e1e6c513cf1f9b"
dependencies = [
"async-std",
"async-trait",
"base32",
"bson",
"chrono",
"futures",
"handlebars",
"iso8601-timestamp",
"lazy_static",
"lettre",
"log",
"mongodb",
"nanoid",
"rand 0.8.5",
"regex",
"reqwest",
"revolt_okapi",
"revolt_rocket_okapi",
"rocket",
"rust-argon2",
"schemars",
"serde",
"serde_json",
"totp-lite",
"ulid 0.5.0",
"validator 0.15.0",
]
[[package]] [[package]]
name = "autocfg" name = "autocfg"
version = "0.1.8" version = "0.1.8"
@@ -2579,39 +2613,6 @@ dependencies = [
"rand_core 0.3.1", "rand_core 0.3.1",
] ]
[[package]]
name = "rauth"
version = "1.0.4"
source = "git+https://github.com/insertish/rauth?tag=1.0.4#2d3bc59623672e3ff57c49a90c4d3cd20780dbba"
dependencies = [
"async-std",
"async-trait",
"base32",
"bson",
"chrono",
"futures",
"handlebars",
"iso8601-timestamp",
"lazy_static",
"lettre",
"log",
"mongodb",
"nanoid",
"rand 0.8.5",
"regex",
"reqwest",
"revolt_okapi",
"revolt_rocket_okapi",
"rocket",
"rust-argon2",
"schemars",
"serde",
"serde_json",
"totp-lite",
"ulid 0.5.0",
"validator 0.15.0",
]
[[package]] [[package]]
name = "rdrand" name = "rdrand"
version = "0.4.0" version = "0.4.0"
@@ -2807,7 +2808,7 @@ dependencies = [
[[package]] [[package]]
name = "revolt-delta" name = "revolt-delta"
version = "0.5.6" version = "0.5.5"
dependencies = [ dependencies = [
"async-channel", "async-channel",
"async-std", "async-std",
@@ -2834,8 +2835,8 @@ dependencies = [
"revolt-quark", "revolt-quark",
"revolt_rocket_okapi", "revolt_rocket_okapi",
"rocket", "rocket",
"rocket_authifier",
"rocket_empty", "rocket_empty",
"rocket_rauth",
"schemars", "schemars",
"serde", "serde",
"serde_json", "serde_json",
@@ -2853,6 +2854,7 @@ dependencies = [
"async-recursion", "async-recursion",
"async-std", "async-std",
"async-trait", "async-trait",
"authifier",
"base64 0.13.0", "base64 0.13.0",
"bincode", "bincode",
"bitfield", "bitfield",
@@ -2874,7 +2876,6 @@ dependencies = [
"once_cell", "once_cell",
"optional_struct", "optional_struct",
"pretty_env_logger", "pretty_env_logger",
"rauth",
"redis-kiss", "redis-kiss",
"regex", "regex",
"reqwest", "reqwest",
@@ -3010,6 +3011,22 @@ dependencies = [
"yansi", "yansi",
] ]
[[package]]
name = "rocket_authifier"
version = "1.0.7"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "d4554a81937341d8c3cd3e43431ac2d23624444dc3a88e7ffd3ff66593779293"
dependencies = [
"authifier",
"iso8601-timestamp",
"revolt_okapi",
"revolt_rocket_okapi",
"rocket",
"rocket_empty",
"schemars",
"serde",
]
[[package]] [[package]]
name = "rocket_codegen" name = "rocket_codegen"
version = "0.5.0-rc.2" version = "0.5.0-rc.2"
@@ -3080,21 +3097,6 @@ dependencies = [
"uncased", "uncased",
] ]
[[package]]
name = "rocket_rauth"
version = "1.0.4"
source = "git+https://github.com/insertish/rauth?tag=1.0.4#2d3bc59623672e3ff57c49a90c4d3cd20780dbba"
dependencies = [
"iso8601-timestamp",
"rauth",
"revolt_okapi",
"revolt_rocket_okapi",
"rocket",
"rocket_empty",
"schemars",
"serde",
]
[[package]] [[package]]
name = "rust-argon2" name = "rust-argon2"
version = "1.0.0" version = "1.0.0"

View File

@@ -1,6 +1,6 @@
[package] [package]
name = "revolt-delta" name = "revolt-delta"
version = "0.5.6" version = "0.5.5"
license = "AGPL-3.0-or-later" license = "AGPL-3.0-or-later"
authors = ["Paul Makles <paulmakles@gmail.com>"] authors = ["Paul Makles <paulmakles@gmail.com>"]
edition = "2018" edition = "2018"
@@ -52,7 +52,7 @@ mobc-redis = { version = "0.7.0", default-features = false, features = ["async-s
# web # web
rocket = { version = "0.5.0-rc.2", default-features = false, features = ["json"] } rocket = { version = "0.5.0-rc.2", default-features = false, features = ["json"] }
rocket_empty = { version = "0.1.1", features = ["schema"] } rocket_empty = { version = "0.1.1", features = ["schema"] }
rocket_rauth = { git = "https://github.com/insertish/rauth", tag = "1.0.4" } rocket_authifier = { version = "1.0.7" }
# spec generation # spec generation
schemars = "0.8.8" schemars = "0.8.8"

View File

@@ -11,8 +11,8 @@ pub mod routes;
pub mod util; pub mod util;
use async_std::channel::unbounded; use async_std::channel::unbounded;
use revolt_quark::authifier::{Authifier, AuthifierEvent};
use revolt_quark::events::client::EventV1; use revolt_quark::events::client::EventV1;
use revolt_quark::rauth::{RAuth, RAuthEvent};
use revolt_quark::DatabaseInfo; use revolt_quark::DatabaseInfo;
#[launch] #[launch]
@@ -27,25 +27,25 @@ async fn rocket() -> _ {
let db = DatabaseInfo::Auto.connect().await.unwrap(); let db = DatabaseInfo::Auto.connect().await.unwrap();
db.migrate_database().await.unwrap(); db.migrate_database().await.unwrap();
// Setup rAuth event channel // Setup Authifier event channel
let (sender, receiver) = unbounded(); let (sender, receiver) = unbounded();
// Setup rAuth // Setup Authifier
let rauth = RAuth { let authifier = Authifier {
database: db.clone().into(), database: db.clone().into(),
config: revolt_quark::util::rauth::config(), config: revolt_quark::util::authifier::config(),
event_channel: Some(sender), event_channel: Some(sender),
}; };
// Launch a listener for rAuth events // Launch a listener for Authifier events
async_std::task::spawn(async move { async_std::task::spawn(async move {
while let Ok(event) = receiver.recv().await { while let Ok(event) = receiver.recv().await {
match &event { match &event {
RAuthEvent::CreateSession { .. } | RAuthEvent::CreateAccount { .. } => { AuthifierEvent::CreateSession { .. } | AuthifierEvent::CreateAccount { .. } => {
EventV1::Auth(event).global().await EventV1::Auth(event).global().await
} }
RAuthEvent::DeleteSession { user_id, .. } AuthifierEvent::DeleteSession { user_id, .. }
| RAuthEvent::DeleteAllSessions { user_id, .. } => { | AuthifierEvent::DeleteAllSessions { user_id, .. } => {
let id = user_id.to_string(); let id = user_id.to_string();
EventV1::Auth(event).private(id).await EventV1::Auth(event).private(id).await
} }
@@ -65,7 +65,7 @@ async fn rocket() -> _ {
.mount("/", revolt_quark::web::cors::catch_all_options_routes()) .mount("/", revolt_quark::web::cors::catch_all_options_routes())
.mount("/", revolt_quark::web::ratelimiter::routes()) .mount("/", revolt_quark::web::ratelimiter::routes())
.mount("/swagger/", revolt_quark::web::swagger::routes()) .mount("/swagger/", revolt_quark::web::swagger::routes())
.manage(rauth) .manage(authifier)
.manage(db) .manage(db)
.manage(cors.clone()) .manage(cors.clone())
.attach(revolt_quark::web::ratelimiter::RatelimitFairing) .attach(revolt_quark::web::ratelimiter::RatelimitFairing)

View File

@@ -27,9 +27,9 @@ pub fn mount(mut rocket: Rocket<Build>) -> Rocket<Build> {
"/servers" => servers::routes(), "/servers" => servers::routes(),
"/invites" => invites::routes(), "/invites" => invites::routes(),
"/custom" => customisation::routes(), "/custom" => customisation::routes(),
"/auth/account" => rocket_rauth::routes::account::routes(), "/auth/account" => rocket_authifier::routes::account::routes(),
"/auth/session" => rocket_rauth::routes::session::routes(), "/auth/session" => rocket_authifier::routes::session::routes(),
"/auth/mfa" => rocket_rauth::routes::mfa::routes(), "/auth/mfa" => rocket_authifier::routes::mfa::routes(),
"/onboard" => onboard::routes(), "/onboard" => onboard::routes(),
"/push" => push::routes(), "/push" => push::routes(),
"/sync" => sync::routes(), "/sync" => sync::routes(),

View File

@@ -1,5 +1,7 @@
use crate::util::regex::RE_USERNAME; use crate::util::regex::RE_USERNAME;
use revolt_quark::{models::User, rauth::models::Session, Database, EmptyResponse, Error, Result}; use revolt_quark::{
authifier::models::Session, models::User, Database, EmptyResponse, Error, Result,
};
use rocket::{serde::json::Json, State}; use rocket::{serde::json::Json, State};
use serde::{Deserialize, Serialize}; use serde::{Deserialize, Serialize};

View File

@@ -1,4 +1,4 @@
use revolt_quark::{models::User, rauth::models::Session}; use revolt_quark::{authifier::models::Session, models::User};
use rocket::serde::json::Json; use rocket::serde::json::Json;
use serde::Serialize; use serde::Serialize;

View File

@@ -1,7 +1,7 @@
use revolt_quark::{ use revolt_quark::{
rauth::{ authifier::{
models::{Session, WebPushSubscription}, models::{Session, WebPushSubscription},
RAuth, Authifier,
}, },
EmptyResponse, Error, Result, EmptyResponse, Error, Result,
}; };
@@ -16,13 +16,13 @@ use rocket::{serde::json::Json, State};
#[openapi(tag = "Web Push")] #[openapi(tag = "Web Push")]
#[post("/subscribe", data = "<data>")] #[post("/subscribe", data = "<data>")]
pub async fn req( pub async fn req(
rauth: &State<RAuth>, authifier: &State<Authifier>,
mut session: Session, mut session: Session,
data: Json<WebPushSubscription>, data: Json<WebPushSubscription>,
) -> Result<EmptyResponse> { ) -> Result<EmptyResponse> {
session.subscription = Some(data.into_inner()); session.subscription = Some(data.into_inner());
session session
.save(rauth) .save(authifier)
.await .await
.map(|_| EmptyResponse) .map(|_| EmptyResponse)
.map_err(|_| Error::DatabaseError { .map_err(|_| Error::DatabaseError {

View File

@@ -1,5 +1,5 @@
use revolt_quark::{ use revolt_quark::{
rauth::{models::Session, RAuth}, authifier::{models::Session, Authifier},
EmptyResponse, Error, Result, EmptyResponse, Error, Result,
}; };
@@ -10,10 +10,10 @@ use rocket::State;
/// Remove the Web Push subscription associated with the current session. /// Remove the Web Push subscription associated with the current session.
#[openapi(tag = "Web Push")] #[openapi(tag = "Web Push")]
#[post("/unsubscribe")] #[post("/unsubscribe")]
pub async fn req(rauth: &State<RAuth>, mut session: Session) -> Result<EmptyResponse> { pub async fn req(authifier: &State<Authifier>, mut session: Session) -> Result<EmptyResponse> {
session.subscription = None; session.subscription = None;
session session
.save(rauth) .save(authifier)
.await .await
.map(|_| EmptyResponse) .map(|_| EmptyResponse)
.map_err(|_| Error::DatabaseError { .map_err(|_| Error::DatabaseError {

View File

@@ -1,5 +1,5 @@
use crate::util::regex::RE_USERNAME; use crate::util::regex::RE_USERNAME;
use revolt_quark::{models::User, rauth::models::Account, Database, Error, Result}; use revolt_quark::{authifier::models::Account, models::User, Database, Error, Result};
use rocket::{serde::json::Json, State}; use rocket::{serde::json::Json, State};
use serde::{Deserialize, Serialize}; use serde::{Deserialize, Serialize};
use validator::Validate; use validator::Validate;

View File

@@ -16,9 +16,9 @@ rocket_impl = [
"lru", "lru",
"dashmap", "dashmap",
"rauth/database-mongodb", "authifier/database-mongodb",
"rauth/rocket_impl", "authifier/rocket_impl",
"rauth/okapi_impl" "authifier/okapi_impl"
] ]
test = [ "async-std", "mongo", "mongodb/async-std-runtime", "rocket_impl" ] test = [ "async-std", "mongo", "mongodb/async-std-runtime", "rocket_impl" ]
@@ -84,8 +84,8 @@ rocket = { optional = true, version = "0.5.0-rc.2", default-features = false, fe
rocket_empty = { version = "0.1.1", optional = true, features = [ "schema" ] } rocket_empty = { version = "0.1.1", optional = true, features = [ "schema" ] }
rocket_cors = { optional = true, git = "https://github.com/lawliet89/rocket_cors", rev = "c17e8145baa4790319fdb6a473e465b960f55e7c" } rocket_cors = { optional = true, git = "https://github.com/lawliet89/rocket_cors", rev = "c17e8145baa4790319fdb6a473e465b960f55e7c" }
# rAuth # Authifier
rauth = { git = "https://github.com/insertish/rauth", tag = "1.0.4", features = [ "async-std-runtime" ] } authifier = { version = "1.0.7", features = [ "async-std-runtime" ] }
# Sentry # Sentry
sentry = "0.25.0" sentry = "0.25.0"

View File

@@ -61,13 +61,13 @@ impl Deref for Database {
} }
} }
impl From<Database> for rauth::Database { impl From<Database> for authifier::Database {
fn from(val: Database) -> Self { fn from(val: Database) -> Self {
match val { match val {
Database::Dummy(_) => rauth::Database::default(), Database::Dummy(_) => authifier::Database::default(),
Database::MongoDb(MongoDb(client)) => { Database::MongoDb(MongoDb(client)) => authifier::Database::MongoDb(
rauth::Database::MongoDb(rauth::database::MongoDb(client.database("revolt"))) authifier::database::MongoDb(client.database("revolt")),
} ),
} }
} }
} }

View File

@@ -1,4 +1,4 @@
use rauth::RAuthEvent; use authifier::AuthifierEvent;
use serde::{Deserialize, Serialize}; use serde::{Deserialize, Serialize};
use crate::models::channel::{FieldsChannel, PartialChannel}; use crate::models::channel::{FieldsChannel, PartialChannel};
@@ -214,5 +214,5 @@ pub enum EventV1 {
EmojiDelete { id: String }, EmojiDelete { id: String },
/// Auth events /// Auth events
Auth(RAuthEvent), Auth(AuthifierEvent),
} }

View File

@@ -215,7 +215,7 @@ pub async fn run_migrations(db: &MongoDb, revision: i32) -> i32 {
} }
if revision <= 8 { if revision <= 8 {
info!("Running migration [revision 8 / 2021-09-10]: Update to rAuth version 1."); info!("Running migration [revision 8 / 2021-09-10]: Update to Authifier version 1.");
db.db() db.db()
.run_command( .run_command(
@@ -603,20 +603,20 @@ pub async fn run_migrations(db: &MongoDb, revision: i32) -> i32 {
} }
if revision <= 15 { if revision <= 15 {
info!("Running migration [revision 15 / 04-06-2022]: Migrate rAuth to latest version."); info!("Running migration [revision 15 / 04-06-2022]: Migrate Authifier to latest version.");
let db = rauth::Database::MongoDb(rauth::database::MongoDb(db.db())); let db = authifier::Database::MongoDb(authifier::database::MongoDb(db.db()));
db.run_migration(rauth::Migration::M2022_06_03EnsureUpToSpec) db.run_migration(authifier::Migration::M2022_06_03EnsureUpToSpec)
.await .await
.unwrap(); .unwrap();
} }
if revision <= 16 { if revision <= 16 {
info!("Running migration [revision 16 / 07-07-2022]: Add `emojis` collection and rAuth migration."); info!("Running migration [revision 16 / 07-07-2022]: Add `emojis` collection and Authifier migration.");
let rauth_db = rauth::Database::MongoDb(rauth::database::MongoDb(db.db())); let authifier_db = authifier::Database::MongoDb(authifier::database::MongoDb(db.db()));
rauth_db authifier_db
.run_migration(rauth::Migration::M2022_06_09AddIndexForDeletion) .run_migration(authifier::Migration::M2022_06_09AddIndexForDeletion)
.await .await
.unwrap(); .unwrap();

View File

@@ -1,4 +1,4 @@
use rauth::models::Session; use authifier::models::Session;
use revolt_okapi::openapi3::{SecurityScheme, SecuritySchemeData}; use revolt_okapi::openapi3::{SecurityScheme, SecuritySchemeData};
use revolt_rocket_okapi::gen::OpenApiGenerator; use revolt_rocket_okapi::gen::OpenApiGenerator;
use revolt_rocket_okapi::request::{OpenApiFromRequest, RequestHeaderInput}; use revolt_rocket_okapi::request::{OpenApiFromRequest, RequestHeaderInput};
@@ -12,7 +12,7 @@ use crate::Database;
#[rocket::async_trait] #[rocket::async_trait]
impl<'r> FromRequest<'r> for User { impl<'r> FromRequest<'r> for User {
type Error = rauth::Error; type Error = authifier::Error;
async fn from_request(request: &'r Request<'_>) -> request::Outcome<Self, Self::Error> { async fn from_request(request: &'r Request<'_>) -> request::Outcome<Self, Self::Error> {
let user: &Option<User> = request let user: &Option<User> = request
@@ -43,7 +43,7 @@ impl<'r> FromRequest<'r> for User {
if let Some(user) = user { if let Some(user) = user {
Outcome::Success(user.clone()) Outcome::Success(user.clone())
} else { } else {
Outcome::Failure((Status::Unauthorized, rauth::Error::InvalidSession)) Outcome::Failure((Status::Unauthorized, authifier::Error::InvalidSession))
} }
} }
} }

View File

@@ -17,8 +17,8 @@ extern crate bitfield;
#[macro_use] #[macro_use]
extern crate bson; extern crate bson;
pub use authifier;
pub use iso8601_timestamp::Timestamp; pub use iso8601_timestamp::Timestamp;
pub use rauth;
pub use redis_kiss; pub use redis_kiss;
pub mod events; pub mod events;

View File

@@ -1,8 +1,8 @@
use crate::bson::doc; use crate::bson::doc;
use crate::util::variables::delta::VAPID_PRIVATE_KEY; use crate::util::variables::delta::VAPID_PRIVATE_KEY;
use authifier::Database;
use deadqueue::limited::Queue; use deadqueue::limited::Queue;
use rauth::Database;
use web_push::{ use web_push::{
ContentEncoding, SubscriptionInfo, SubscriptionKeys, VapidSignatureBuilder, WebPushClient, ContentEncoding, SubscriptionInfo, SubscriptionKeys, VapidSignatureBuilder, WebPushClient,
WebPushMessageBuilder, WebPushMessageBuilder,

View File

@@ -1,9 +1,11 @@
use authifier::config::{ResolveIp, Shield};
use super::variables::delta::{ use super::variables::delta::{
APP_URL, HCAPTCHA_KEY, INVITE_ONLY, SMTP_FROM, SMTP_HOST, SMTP_PASSWORD, SMTP_USERNAME, APP_URL, AUTHIFIER_SHIELD_KEY, HCAPTCHA_KEY, INVITE_ONLY, SMTP_FROM, SMTP_HOST, SMTP_PASSWORD,
USE_EMAIL, USE_HCAPTCHA, SMTP_USERNAME, USE_EMAIL, USE_HCAPTCHA,
}; };
use crate::rauth::config::{ use crate::authifier::config::{
Captcha, Config, EmailVerificationConfig, SMTPSettings, Template, Templates, Captcha, Config, EmailVerificationConfig, SMTPSettings, Template, Templates,
}; };
@@ -59,5 +61,19 @@ pub fn config() -> Config {
}; };
} }
if let Some(api_key) = &*AUTHIFIER_SHIELD_KEY {
config.shield = Shield::Enabled {
api_key: api_key.to_string(),
strict: false,
};
}
if std::env::var("TRUST_CLOUDFLARE")
.map(|x| x == "1")
.unwrap_or_default()
{
config.resolve_ip = ResolveIp::Cloudflare;
}
config config
} }

View File

@@ -1,7 +1,7 @@
pub mod authifier;
pub mod log; pub mod log;
pub mod manipulation; pub mod manipulation;
pub mod pfp; pub mod pfp;
pub mod rauth;
pub mod r#ref; pub mod r#ref;
pub mod regex; pub mod regex;
pub mod result; pub mod result;

View File

@@ -30,6 +30,8 @@ lazy_static! {
env::var("REVOLT_VAPID_PRIVATE_KEY").expect("Missing REVOLT_VAPID_PRIVATE_KEY environment variable."); env::var("REVOLT_VAPID_PRIVATE_KEY").expect("Missing REVOLT_VAPID_PRIVATE_KEY environment variable.");
pub static ref VAPID_PUBLIC_KEY: String = pub static ref VAPID_PUBLIC_KEY: String =
env::var("REVOLT_VAPID_PUBLIC_KEY").expect("Missing REVOLT_VAPID_PUBLIC_KEY environment variable."); env::var("REVOLT_VAPID_PUBLIC_KEY").expect("Missing REVOLT_VAPID_PUBLIC_KEY environment variable.");
pub static ref AUTHIFIER_SHIELD_KEY: Option<String> =
env::var("REVOLT_AUTHIFIER_SHIELD_KEY").ok();
// Application Flags // Application Flags
pub static ref INVITE_ONLY: bool = env::var("REVOLT_INVITE_ONLY").map_or(false, |v| v == "1"); pub static ref INVITE_ONLY: bool = env::var("REVOLT_INVITE_ONLY").map_or(false, |v| v == "1");

View File

@@ -8,7 +8,7 @@ use std::hash::Hasher;
use std::ops::Add; use std::ops::Add;
use std::time::{Duration, SystemTime, UNIX_EPOCH}; use std::time::{Duration, SystemTime, UNIX_EPOCH};
use crate::rauth::models::Session; use crate::authifier::models::Session;
use rocket::fairing::{Fairing, Info, Kind}; use rocket::fairing::{Fairing, Info, Kind};
use rocket::http::uri::Origin; use rocket::http::uri::Origin;
use rocket::http::{Method, Status}; use rocket::http::{Method, Status};