From 084939ef6cc2fb5031b9f7184ea705cb031d038a Mon Sep 17 00:00:00 2001 From: Connor Johnstone Date: Thu, 19 Mar 2026 14:02:58 -0400 Subject: [PATCH] Added auth --- Cargo.lock | 214 ++++++++++++++++++++++++++++++++++++++++++++++++--- Cargo.toml | 2 + shanty-db | 2 +- shanty-dl | 2 +- shanty-watch | 2 +- shanty-web | 2 +- src/main.rs | 10 ++- 7 files changed, 217 insertions(+), 17 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index 1b7d67b..9d2ea42 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -27,7 +27,7 @@ checksum = "daa239b93927be1ff123eebada5a3ff23e89f0124ccb8609234e5103d5a5ae6d" dependencies = [ "actix-utils", "actix-web", - "derive_more", + "derive_more 2.1.1", "futures-util", "log", "once_cell", @@ -46,7 +46,7 @@ dependencies = [ "actix-web", "bitflags", "bytes", - "derive_more", + "derive_more 2.1.1", "futures-core", "http-range", "log", @@ -67,12 +67,12 @@ dependencies = [ "actix-rt", "actix-service", "actix-utils", - "base64", + "base64 0.22.1", "bitflags", "brotli", "bytes", "bytestring", - "derive_more", + "derive_more 2.1.1", "encoding_rs", "flate2", "foldhash", @@ -159,6 +159,23 @@ dependencies = [ "pin-project-lite", ] +[[package]] +name = "actix-session" +version = "0.10.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "efe6976a74f34f1b6d07a6c05aadc0ed0359304a7781c367fa5b4029418db08f" +dependencies = [ + "actix-service", + "actix-utils", + "actix-web", + "anyhow", + "derive_more 1.0.0", + "rand 0.8.5", + "serde", + "serde_json", + "tracing", +] + [[package]] name = "actix-utils" version = "3.0.1" @@ -188,7 +205,7 @@ dependencies = [ "bytestring", "cfg-if", "cookie", - "derive_more", + "derive_more 2.1.1", "encoding_rs", "foldhash", "futures-core", @@ -230,6 +247,41 @@ version = "2.0.1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "320119579fcad9c21884f5c4861d16174d0e06250625266f50fe6898340abefa" +[[package]] +name = "aead" +version = "0.5.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d122413f284cf2d62fb1b7db97e02edb8cda96d769b16e443a4f6195e35662b0" +dependencies = [ + "crypto-common", + "generic-array", +] + +[[package]] +name = "aes" +version = "0.8.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b169f7a6d4742236a0a00c541b845991d0ac43e546831af1249753ab4c3aa3a0" +dependencies = [ + "cfg-if", + "cipher", + "cpufeatures", +] + +[[package]] +name = "aes-gcm" +version = "0.10.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "831010a0f742e1209b3bcea8fab6a8e149051ba6099432c8cb2cc117dec3ead1" +dependencies = [ + "aead", + "aes", + "cipher", + "ctr", + "ghash", + "subtle", +] + [[package]] name = "ahash" version = "0.7.8" @@ -342,6 +394,18 @@ version = "1.0.102" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "7f202df86484c868dbad7eaa557ef785d5c66295e41b460ef922eca0723b842c" +[[package]] +name = "argon2" +version = "0.5.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "3c3610892ee6e0cbce8ae2700349fcf8f98adb0dbfbee85aec3c9179d29cc072" +dependencies = [ + "base64ct", + "blake2", + "cpufeatures", + "password-hash", +] + [[package]] name = "arrayvec" version = "0.7.6" @@ -402,6 +466,12 @@ version = "1.5.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "c08606f8c3cbf4ce6ec8e28fb0014a2c086708fe954eaa885384a6165172e7e8" +[[package]] +name = "base64" +version = "0.20.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "0ea22880d78093b0cbe17c89f64a7d457941e65759157ec6cb31a31d652b05e5" + [[package]] name = "base64" version = "0.22.1" @@ -449,6 +519,15 @@ dependencies = [ "wyz", ] +[[package]] +name = "blake2" +version = "0.10.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "46502ad458c9a52b69d4d4d32775c788b7a1b85e8bc9d482d92250fc0e3f8efe" +dependencies = [ + "digest", +] + [[package]] name = "block-buffer" version = "0.10.4" @@ -589,6 +668,16 @@ dependencies = [ "windows-link", ] +[[package]] +name = "cipher" +version = "0.4.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "773f3b9af64447d2ce9850330c473515014aa235e6a783b02db81ff39e4a3dad" +dependencies = [ + "crypto-common", + "inout", +] + [[package]] name = "clap" version = "4.6.0" @@ -665,7 +754,14 @@ version = "0.16.2" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "e859cd57d0710d9e06c381b550c06e76992472a8c6d527aecd2fc673dcc231fb" dependencies = [ + "aes-gcm", + "base64 0.20.0", + "hkdf", + "hmac", "percent-encoding", + "rand 0.8.5", + "sha2", + "subtle", "time", "version_check", ] @@ -751,9 +847,19 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "78c8292055d1c1df0cce5d180393dc8cce0abec0a7102adb6c7b1eef6016d60a" dependencies = [ "generic-array", + "rand_core 0.6.4", "typenum", ] +[[package]] +name = "ctr" +version = "0.9.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "0369ee1ad671834580515889b80f2ea915f23b8be8d0daa4bbaf2ac5c7590835" +dependencies = [ + "cipher", +] + [[package]] name = "darling" version = "0.20.11" @@ -815,13 +921,34 @@ dependencies = [ "serde_core", ] +[[package]] +name = "derive_more" +version = "1.0.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "4a9b99b9cbbe49445b21764dc0625032a89b145a2642e67603e1c936f5458d05" +dependencies = [ + "derive_more-impl 1.0.0", +] + [[package]] name = "derive_more" version = "2.1.1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "d751e9e49156b02b44f9c1815bcb94b984cdcc4396ecc32521c739452808b134" dependencies = [ - "derive_more-impl", + "derive_more-impl 2.1.1", +] + +[[package]] +name = "derive_more-impl" +version = "1.0.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "cb7330aeadfbe296029522e6c40f315320aba36fc43a5b3632f3795348f3bd22" +dependencies = [ + "proc-macro2", + "quote", + "syn 2.0.117", + "unicode-xid", ] [[package]] @@ -1150,6 +1277,16 @@ dependencies = [ "wasip3", ] +[[package]] +name = "ghash" +version = "0.5.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f0d8a4362ccb29cb0b265253fb0a2728f592895ee6854fd9bc13f2ffda266ff1" +dependencies = [ + "opaque-debug", + "polyval", +] + [[package]] name = "glob" version = "0.3.3" @@ -1396,7 +1533,7 @@ version = "0.1.20" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "96547c2556ec9d12fb1578c4eaf448b04993e7fb79cbaad930a656880a6bdfa0" dependencies = [ - "base64", + "base64 0.22.1", "bytes", "futures-channel", "futures-util", @@ -1582,6 +1719,15 @@ dependencies = [ "syn 2.0.117", ] +[[package]] +name = "inout" +version = "0.1.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "879f10e63c20629ecabbb64a8010319738c66a5cd0c29b02d63d272b03751d01" +dependencies = [ + "generic-array", +] + [[package]] name = "ipnet" version = "2.12.0" @@ -1934,6 +2080,12 @@ version = "1.70.2" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "384b8ab6d37215f3c5301a95a4accb5d64aa607f1fcb26a11b5303878451b4fe" +[[package]] +name = "opaque-debug" +version = "0.3.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c08d65885ee38876c4f86fa503fb49d7b507c2b62552df7c70b2fce627e06381" + [[package]] name = "openssl" version = "0.10.76" @@ -2046,6 +2198,17 @@ dependencies = [ "windows-link", ] +[[package]] +name = "password-hash" +version = "0.5.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "346f04948ba92c43e8469c1ee6736c7563d71012b17d40745260fe106aac2166" +dependencies = [ + "base64ct", + "rand_core 0.6.4", + "subtle", +] + [[package]] name = "paste" version = "1.0.15" @@ -2141,6 +2304,18 @@ version = "0.2.3" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "b4596b6d070b27117e987119b4dac604f3c58cfb0b191112e24771b2faeac1a6" +[[package]] +name = "polyval" +version = "0.6.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9d1fe60d06143b2430aa532c94cfe9e29783047f06c0d7fd359a9a51b729fa25" +dependencies = [ + "cfg-if", + "cpufeatures", + "opaque-debug", + "universal-hash", +] + [[package]] name = "potential_utf" version = "0.1.4" @@ -2413,7 +2588,7 @@ version = "0.12.28" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "eddd3ca559203180a307f12d114c268abf583f59b03cb906fd0b3ff8646c1147" dependencies = [ - "base64", + "base64 0.22.1", "bytes", "encoding_rs", "futures-core", @@ -2640,7 +2815,7 @@ dependencies = [ "async-trait", "bigdecimal", "chrono", - "derive_more", + "derive_more 2.1.1", "futures-util", "log", "ouroboros", @@ -2912,9 +3087,11 @@ version = "0.1.0" dependencies = [ "actix-cors", "actix-files", + "actix-session", "actix-web", "anyhow", "clap", + "rand 0.9.2", "serde_json", "shanty-config", "shanty-db", @@ -3128,11 +3305,14 @@ dependencies = [ "actix-cors", "actix-files", "actix-rt", + "actix-session", "actix-web", "anyhow", + "argon2", "chrono", "clap", "dirs", + "rand 0.9.2", "reqwest", "sea-orm", "serde", @@ -3274,7 +3454,7 @@ version = "0.8.6" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "ee6798b1838b6a0f69c007c133b8df5866302197e404e8b6ee8ed3e3a5e68dc6" dependencies = [ - "base64", + "base64 0.22.1", "bigdecimal", "bytes", "chrono", @@ -3353,7 +3533,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "aa003f0038df784eb8fecbbac13affe3da23b45194bd57dba231c8f48199c526" dependencies = [ "atoi", - "base64", + "base64 0.22.1", "bigdecimal", "bitflags", "byteorder", @@ -3400,7 +3580,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "db58fcd5a53cf07c184b154801ff91347e4c30d17a3562a635ff028ad5deda46" dependencies = [ "atoi", - "base64", + "base64 0.22.1", "bigdecimal", "bitflags", "byteorder", @@ -3950,6 +4130,16 @@ version = "0.2.6" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "ebc1c04c71510c7f702b52b7c350734c9ff1295c464a03335b00bb84fc54f853" +[[package]] +name = "universal-hash" +version = "0.5.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "fc1de2c688dc15305988b563c3854064043356019f97a4b46276fe734c4f07ea" +dependencies = [ + "crypto-common", + "subtle", +] + [[package]] name = "unsafe-libyaml" version = "0.2.11" diff --git a/Cargo.toml b/Cargo.toml index 797e1ef..223661c 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -62,7 +62,9 @@ shanty-search = { path = "shanty-search" } actix-web = "4" actix-cors = "0.7" actix-files = "0.6" +actix-session = { version = "0.10", features = ["cookie-session"] } tracing-actix-web = "0.7" +rand = "0.9" tokio = { workspace = true } clap = { workspace = true } tracing = { workspace = true } diff --git a/shanty-db b/shanty-db index c645260..a9d414b 160000 --- a/shanty-db +++ b/shanty-db @@ -1 +1 @@ -Subproject commit c6452609d6865835567c80d8b92daf265081069b +Subproject commit a9d414bffaae24b37a509e57308ae7718661c4ce diff --git a/shanty-dl b/shanty-dl index 2592651..0e5195e 160000 --- a/shanty-dl +++ b/shanty-dl @@ -1 +1 @@ -Subproject commit 2592651c9a26739a8290d778646ccbfde84113c4 +Subproject commit 0e5195e64c945194c7263e3e4d645214fab1e8e6 diff --git a/shanty-watch b/shanty-watch index 0b33678..0f066d5 160000 --- a/shanty-watch +++ b/shanty-watch @@ -1 +1 @@ -Subproject commit 0b336789da347901dd949806d2b3c7cf91a07042 +Subproject commit 0f066d5708546871608d35856355029cd2d66572 diff --git a/shanty-web b/shanty-web index 93392db..421ec31 160000 --- a/shanty-web +++ b/shanty-web @@ -1 +1 @@ -Subproject commit 93392db27c81fb4c7488fcb755a05baa317af279 +Subproject commit 421ec3199b4f8e4e5af57606940862d458b0dfe5 diff --git a/src/main.rs b/src/main.rs index 27e4eeb..bbf526f 100644 --- a/src/main.rs +++ b/src/main.rs @@ -1,5 +1,6 @@ use actix_cors::Cors; -use actix_web::{App, HttpServer, web}; +use actix_session::{SessionMiddleware, storage::CookieSessionStore}; +use actix_web::{App, HttpServer, cookie::Key, web}; use clap::Parser; use tracing_actix_web::TracingLogger; use tracing_subscriber::EnvFilter; @@ -90,12 +91,19 @@ async fn main() -> anyhow::Result<()> { }; tracing::info!(path = %static_dir.display(), "serving static files"); + // Generate a random session key (sessions won't survive restarts, which is fine) + let session_key = Key::generate(); + let server = HttpServer::new(move || { let cors = Cors::permissive(); let static_dir = static_dir.clone(); App::new() .wrap(cors) + .wrap(SessionMiddleware::builder( + CookieSessionStore::default(), + session_key.clone(), + ).cookie_secure(false).build()) .wrap(TracingLogger::default()) .app_data(state.clone()) .configure(routes::configure)