mirror of
https://github.com/LemmyNet/lemmy.git
synced 2024-11-25 22:01:19 +00:00
Revert debug auth (#4232)
* Revert "Some changes to help debug auth problems on lemmy.ml (#4220)"
This reverts commit 16ac893e15
.
* Rename auth cookie back to jwt
This commit is contained in:
parent
de85e51fac
commit
a790a24c4d
6 changed files with 5 additions and 23 deletions
|
@ -98,6 +98,4 @@
|
||||||
# Sets a response Access-Control-Allow-Origin CORS header
|
# Sets a response Access-Control-Allow-Origin CORS header
|
||||||
# https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Origin
|
# https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Origin
|
||||||
cors_origin: "*"
|
cors_origin: "*"
|
||||||
# Always send cache-control: private header for api responses, avoid problems with wrong caching.
|
|
||||||
disable_cache_control: true
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -15,7 +15,6 @@ use lemmy_utils::{
|
||||||
};
|
};
|
||||||
use std::io::Cursor;
|
use std::io::Cursor;
|
||||||
use totp_rs::{Secret, TOTP};
|
use totp_rs::{Secret, TOTP};
|
||||||
use tracing::log::warn;
|
|
||||||
|
|
||||||
pub mod comment;
|
pub mod comment;
|
||||||
pub mod comment_report;
|
pub mod comment_report;
|
||||||
|
@ -85,11 +84,6 @@ pub fn read_auth_token(req: &HttpRequest) -> Result<Option<String>, LemmyError>
|
||||||
else if let Some(cookie) = &req.cookie(AUTH_COOKIE_NAME) {
|
else if let Some(cookie) = &req.cookie(AUTH_COOKIE_NAME) {
|
||||||
Ok(Some(cookie.value().to_string()))
|
Ok(Some(cookie.value().to_string()))
|
||||||
}
|
}
|
||||||
// Read old auth cookie
|
|
||||||
else if let Some(cookie) = &req.cookie("jwt") {
|
|
||||||
warn!("Falling back to jwt cookie");
|
|
||||||
Ok(Some(cookie.value().to_string()))
|
|
||||||
}
|
|
||||||
// Otherwise, there's no auth
|
// Otherwise, there's no auth
|
||||||
else {
|
else {
|
||||||
Ok(None)
|
Ok(None)
|
||||||
|
|
|
@ -43,7 +43,7 @@ use std::collections::HashSet;
|
||||||
use tracing::warn;
|
use tracing::warn;
|
||||||
use url::{ParseError, Url};
|
use url::{ParseError, Url};
|
||||||
|
|
||||||
pub static AUTH_COOKIE_NAME: &str = "auth";
|
pub static AUTH_COOKIE_NAME: &str = "jwt";
|
||||||
|
|
||||||
#[tracing::instrument(skip_all)]
|
#[tracing::instrument(skip_all)]
|
||||||
pub async fn is_mod_or_admin(
|
pub async fn is_mod_or_admin(
|
||||||
|
|
|
@ -57,9 +57,6 @@ pub struct Settings {
|
||||||
#[default(None)]
|
#[default(None)]
|
||||||
#[doku(example = "*")]
|
#[doku(example = "*")]
|
||||||
cors_origin: Option<String>,
|
cors_origin: Option<String>,
|
||||||
/// Always send cache-control: private header for api responses, avoid problems with wrong caching.
|
|
||||||
#[default(None)]
|
|
||||||
pub disable_cache_control: Option<bool>,
|
|
||||||
}
|
}
|
||||||
|
|
||||||
impl Settings {
|
impl Settings {
|
||||||
|
|
|
@ -5,7 +5,7 @@ CWD="$(cd -P -- "$(dirname -- "${BASH_SOURCE[0]}")" && pwd -P)"
|
||||||
|
|
||||||
cd $CWD/../
|
cd $CWD/../
|
||||||
|
|
||||||
cargo clippy --workspace --fix --allow-staged --allow-dirty --tests --all-targets -- -D warnings
|
cargo clippy --workspace --fix --allow-staged --allow-dirty --tests --all-targets --all-features -- -D warnings
|
||||||
|
|
||||||
# Format rust files
|
# Format rust files
|
||||||
cargo +nightly fmt
|
cargo +nightly fmt
|
||||||
|
|
|
@ -11,7 +11,6 @@ use lemmy_api::{local_user_view_from_jwt, read_auth_token};
|
||||||
use lemmy_api_common::context::LemmyContext;
|
use lemmy_api_common::context::LemmyContext;
|
||||||
use reqwest::header::HeaderValue;
|
use reqwest::header::HeaderValue;
|
||||||
use std::{future::ready, rc::Rc};
|
use std::{future::ready, rc::Rc};
|
||||||
use tracing::log::warn;
|
|
||||||
|
|
||||||
#[derive(Clone)]
|
#[derive(Clone)]
|
||||||
pub struct SessionMiddleware {
|
pub struct SessionMiddleware {
|
||||||
|
@ -72,11 +71,8 @@ where
|
||||||
// TODO: this means it will be impossible to get any error message for invalid jwt. Need
|
// TODO: this means it will be impossible to get any error message for invalid jwt. Need
|
||||||
// to add a separate endpoint for that.
|
// to add a separate endpoint for that.
|
||||||
// https://github.com/LemmyNet/lemmy/issues/3702
|
// https://github.com/LemmyNet/lemmy/issues/3702
|
||||||
let local_user_view = local_user_view_from_jwt(jwt, &context).await;
|
let local_user_view = local_user_view_from_jwt(jwt, &context).await.ok();
|
||||||
if let Err(e) = &local_user_view {
|
if let Some(local_user_view) = local_user_view {
|
||||||
warn!("Failed to handle user login: {e}");
|
|
||||||
}
|
|
||||||
if let Ok(local_user_view) = local_user_view {
|
|
||||||
req.extensions_mut().insert(local_user_view);
|
req.extensions_mut().insert(local_user_view);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -85,14 +81,11 @@ where
|
||||||
|
|
||||||
// Add cache-control header. If user is authenticated, mark as private. Otherwise cache
|
// Add cache-control header. If user is authenticated, mark as private. Otherwise cache
|
||||||
// up to one minute.
|
// up to one minute.
|
||||||
|
let cache_value = if jwt.is_some() {
|
||||||
let disable_cache = context.settings().disable_cache_control.unwrap_or(false);
|
|
||||||
let cache_value = if jwt.is_some() || disable_cache {
|
|
||||||
"private"
|
"private"
|
||||||
} else {
|
} else {
|
||||||
"public, max-age=60"
|
"public, max-age=60"
|
||||||
};
|
};
|
||||||
|
|
||||||
res
|
res
|
||||||
.headers_mut()
|
.headers_mut()
|
||||||
.insert(CACHE_CONTROL, HeaderValue::from_static(cache_value));
|
.insert(CACHE_CONTROL, HeaderValue::from_static(cache_value));
|
||||||
|
|
Loading…
Reference in a new issue