From e535e868e33a6d74a2ebe8c86d18389e5f5772ee Mon Sep 17 00:00:00 2001 From: phga Date: Thu, 24 Nov 2022 02:11:13 +0100 Subject: [PATCH] FFS: Did everything to finally test the api w/o CORS/blocked cookies --- rust_solid_cassandra/backend/Cargo.lock | 115 ++++++++++++++++++ rust_solid_cassandra/backend/Cargo.toml | 6 +- rust_solid_cassandra/backend/shell.nix | 2 +- rust_solid_cassandra/backend/src/main.rs | 41 +++++-- .../deploy/docker-compose.yml | 12 +- 5 files changed, 163 insertions(+), 13 deletions(-) diff --git a/rust_solid_cassandra/backend/Cargo.lock b/rust_solid_cassandra/backend/Cargo.lock index 36c3963..a8cb78d 100644 --- a/rust_solid_cassandra/backend/Cargo.lock +++ b/rust_solid_cassandra/backend/Cargo.lock @@ -19,6 +19,21 @@ dependencies = [ "tokio-util", ] +[[package]] +name = "actix-cors" +version = "0.6.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b340e9cfa5b08690aae90fb61beb44e9b06f44fe3d0f93781aaa58cfba86245e" +dependencies = [ + "actix-utils", + "actix-web", + "derive_more", + "futures-util", + "log", + "once_cell", + "smallvec", +] + [[package]] name = "actix-http" version = "3.2.2" @@ -28,6 +43,7 @@ dependencies = [ "actix-codec", "actix-rt", "actix-service", + "actix-tls", "actix-utils", "ahash", "base64", @@ -151,6 +167,24 @@ dependencies = [ "tracing", ] +[[package]] +name = "actix-tls" +version = "3.0.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9fde0cf292f7cdc7f070803cb9a0d45c018441321a78b1042ffbbb81ec333297" +dependencies = [ + "actix-codec", + "actix-rt", + "actix-service", + "actix-utils", + "futures-core", + "log", + "openssl", + "pin-project-lite", + "tokio-openssl", + "tokio-util", +] + [[package]] name = "actix-utils" version = "3.0.1" @@ -174,6 +208,7 @@ dependencies = [ "actix-rt", "actix-server", "actix-service", + "actix-tls", "actix-utils", "actix-web-codegen", "ahash", @@ -337,12 +372,14 @@ checksum = "d468802bab17cbc0cc575e9b053f41e72aa36bfa6b7f55e3529ffa43161b97fa" name = "backend" version = "0.1.0" dependencies = [ + "actix-cors", "actix-identity", "actix-session", "actix-web", "cassandra-cpp", "env_logger", "log", + "openssl", "serde", "serde_json", "uuid", @@ -600,6 +637,21 @@ version = "1.0.7" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "3f9eec918d3f24069decb9af1554cad7c880e2da24a9afd88aca000531ab82c1" +[[package]] +name = "foreign-types" +version = "0.3.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f6f339eb8adc052cd2ca78910fda869aefa38d22d5cb648e6485e4d3fc06f3b1" +dependencies = [ + "foreign-types-shared", +] + +[[package]] +name = "foreign-types-shared" +version = "0.1.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "00b0228411908ca8685dba7fc2cdd70ec9990a6e753e89b6ac91a84c40fbaf4b" + [[package]] name = "form_urlencoded" version = "1.1.0" @@ -914,6 +966,45 @@ version = "0.3.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "624a8340c38c1b80fd549087862da4ba43e08858af025b236e509b6649fc13d5" +[[package]] +name = "openssl" +version = "0.10.42" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "12fc0523e3bd51a692c8850d075d74dc062ccf251c0110668cbd921917118a13" +dependencies = [ + "bitflags", + "cfg-if", + "foreign-types", + "libc", + "once_cell", + "openssl-macros", + "openssl-sys", +] + +[[package]] +name = "openssl-macros" +version = "0.1.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b501e44f11665960c7e7fcf062c7d96a14ade4aa98116c004b2e37b5be7d736c" +dependencies = [ + "proc-macro2", + "quote", + "syn", +] + +[[package]] +name = "openssl-sys" +version = "0.9.77" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b03b84c3b2d099b81f0953422b4d4ad58761589d0229b5506356afca05a3670a" +dependencies = [ + "autocfg", + "cc", + "libc", + "pkg-config", + "vcpkg", +] + [[package]] name = "parking_lot" version = "0.12.1" @@ -961,6 +1052,12 @@ version = "0.1.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "8b870d8c151b6f2fb93e84a13146138f05d02ed11c7e7c54f8826aaaf7c9f184" +[[package]] +name = "pkg-config" +version = "0.3.26" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "6ac9a59f73473f1b8d852421e59e64809f025994837ef743615c6d0c5b305160" + [[package]] name = "polyval" version = "0.6.0" @@ -1277,6 +1374,18 @@ dependencies = [ "winapi", ] +[[package]] +name = "tokio-openssl" +version = "0.6.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c08f9ffb7809f1b20c1b398d92acf4cc719874b3b2b2d9ea2f09b4a80350878a" +dependencies = [ + "futures-util", + "openssl", + "openssl-sys", + "tokio", +] + [[package]] name = "tokio-util" version = "0.7.4" @@ -1383,6 +1492,12 @@ dependencies = [ "syn", ] +[[package]] +name = "vcpkg" +version = "0.2.15" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "accd4ea62f7bb7a82fe23066fb0957d48ef677f6eeb8215f372f52e48bb32426" + [[package]] name = "version_check" version = "0.9.4" diff --git a/rust_solid_cassandra/backend/Cargo.toml b/rust_solid_cassandra/backend/Cargo.toml index 690ed2d..47b6cf3 100644 --- a/rust_solid_cassandra/backend/Cargo.toml +++ b/rust_solid_cassandra/backend/Cargo.toml @@ -6,12 +6,14 @@ edition = "2021" # See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html [dependencies] -actix-web = "4" # Webserver itself +actix-web = { version = "4", features = ["openssl"] } # Webserver itself actix-session = { version = "0.7", features = ["cookie-session"] } # Session middleware actix-identity = "0.5.2" +actix-cors = "0.6.4" env_logger = "0.9" # Logger itself log = "0.4" # Lightweight logging facade (Logging API) uuid = { version = "1.2.2", features = ["v4", "fast-rng", "macro-diagnostics", "serde"]} cassandra-cpp = "1.2" serde = { version = "1.0", features = ["derive"] } -serde_json = "1.0" \ No newline at end of file +serde_json = "1.0" +openssl = { version = "0.10.42", features = ["v110"] } \ No newline at end of file diff --git a/rust_solid_cassandra/backend/shell.nix b/rust_solid_cassandra/backend/shell.nix index 1702741..74564ac 100644 --- a/rust_solid_cassandra/backend/shell.nix +++ b/rust_solid_cassandra/backend/shell.nix @@ -3,6 +3,6 @@ pkgs.mkShell { buildInputs = with pkgs; [ cassandra-cpp-driver - zlib libuv openssl.dev + zlib libuv openssl.dev pkg-config ]; } \ No newline at end of file diff --git a/rust_solid_cassandra/backend/src/main.rs b/rust_solid_cassandra/backend/src/main.rs index 798cf03..2c381bb 100644 --- a/rust_solid_cassandra/backend/src/main.rs +++ b/rust_solid_cassandra/backend/src/main.rs @@ -1,9 +1,6 @@ -use std::{ - env, io, - net::{SocketAddrV4}, - sync::Arc, -}; +use std::{env, io, net::SocketAddrV4, sync::Arc}; +use actix_cors::Cors; use actix_identity::IdentityMiddleware; use actix_session::{config::PersistentSession, storage::CookieSessionStore, SessionMiddleware}; use actix_web::{ @@ -18,6 +15,7 @@ mod model; use model::user::User; // Define our repo module mod repo; +use openssl::ssl::{SslAcceptor, SslFiletype, SslMethod}; use repo::todo_repository::TodoRepository; use repo::user_repository::UserRepository; // Define our routes module @@ -60,9 +58,24 @@ async fn main() -> io::Result<()> { "{}:{}", env::var("WEBSERVER_ADDRESS").unwrap_or(DEFAULT_WEBSERVER_ADDRESS.to_string()), env::var("WEBSERVER_PORT").unwrap_or(DEFAULT_WEBSERVER_PORT.to_string()) - ).parse().expect("A valid socket address. Check your ENV variables!"); + ) + .parse() + .expect("A valid socket address. Check your ENV variables!"); + + // HOLY: Ich werde jetzt dann wirklich gleich verrückt mit CORS & Cookies... + // ICH WILL DOCH NUR DAS FRONTEND LOKAL TESTEN... IST DASS DENN ZU VIEL VERLANGT? + // TODO: Remove after local dev + // openssl req -x509 -newkey rsa:4096 -nodes -keyout key.pem -out cert.pem -days 365 -subj '/CN=localhost' + // Move to /cert/... in container + let mut builder = SslAcceptor::mozilla_intermediate(SslMethod::tls())?; + builder.set_private_key_file("/cert/key.pem", SslFiletype::PEM)?; + builder.set_certificate_chain_file("/cert/cert.pem")?; - log::info!("Starting HTTP server: http://{}:{}", socket_addr.ip(), socket_addr.port()); + log::info!( + "Starting HTTP server: http://{}:{}", + socket_addr.ip(), + socket_addr.port() + ); HttpServer::new(move || { App::new() @@ -70,11 +83,21 @@ async fn main() -> io::Result<()> { .wrap(IdentityMiddleware::default()) .wrap( SessionMiddleware::builder(CookieSessionStore::default(), key.clone()) - .cookie_secure(false) + .cookie_secure(true) + // TODO: Remove after development with local solidjs app + .cookie_same_site(actix_web::cookie::SameSite::None) // Session lifetime .session_lifecycle(PersistentSession::default().session_ttl(Duration::days(7))) .build(), ) + .wrap( + // TODO: Remove after development with local solidjs app + Cors::default() + .allowed_origin("http://localhost:3000") + .supports_credentials() + .allow_any_method() + .allow_any_header(), + ) .wrap(middleware::Logger::default()) .app_data(user_repo.clone()) .app_data(todo_repo.clone()) @@ -88,7 +111,7 @@ async fn main() -> io::Result<()> { .service(routes::delete_logout) .default_service(web::to(routes::index)) }) - .bind(socket_addr)? + .bind_openssl(socket_addr, builder)? .workers(2) // number of workers per bind default ist #cpus .run() .await diff --git a/rust_solid_cassandra/deploy/docker-compose.yml b/rust_solid_cassandra/deploy/docker-compose.yml index e77b854..6250d4c 100644 --- a/rust_solid_cassandra/deploy/docker-compose.yml +++ b/rust_solid_cassandra/deploy/docker-compose.yml @@ -12,6 +12,8 @@ services: WEBSERVER_PORT: '6969' CASSANDRA_SERVER_ADDRESS: 'cassandra' CASSANDRA_KEYSPACE_NAME: 'rust_solidjs_cassandra' + volumes: + - ../data/app/cert:/cert ports: - '6969:6969' depends_on: @@ -25,4 +27,12 @@ services: - ../data/cassandra:/var/lib/cassandra # DEVEL ports: - - '9042:9042' \ No newline at end of file + - '9042:9042' + # proxy: + # image: caddy/caddy:latest + # container_name: caddy + # restart: 'no' + # volumes: + # - ../data/caddy/Caddyfile:/etc/caddy/Caddyfile + # ports: + # - '6969:443' \ No newline at end of file