mirror of
https://github.com/LemmyNet/lemmy.git
synced 2025-01-10 20:15:56 +00:00
Nutomic
ad90cd77f9
* add private visibility * filter private communities in post_view.rs * also filter in comment_view * community follower state * remove unused method * sql fmt * add CommunityFollower.approved_by * implement api endpoints * api changes * only admins can create private community for now * add local api tests * fix api tests * follow remote private community * use authorized fetch for content in private community * federate community visibility * dont mark content in private community as public * expose ApprovalRequired in api * also check content fetchable for outbox/featured * address private community content to followers * implement reject activity * fix tests * add files * remove local api tests * dont use delay * is_new_instance * single query for is_new_instance * return subscribed type for pending follow * working * need to catch errors in waitUntil * clippy * fix query * lint for unused async * diesel.toml comment * add comment * avoid db reads * rename approved_by to approver_id * add helper * form init * list pending follows should return items for all communities * clippy * ci * fix down migration * fix api tests * references * rename * run git diff * ci * fix schema check * fix joins * ci * ci * skip_serializing_none * fix test --------- Co-authored-by: Dessalines <dessalines@users.noreply.github.com>
161 lines
4.6 KiB
Rust
161 lines
4.6 KiB
Rust
use actix_web::{
|
|
body::MessageBody,
|
|
dev::{forward_ready, Service, ServiceRequest, ServiceResponse, Transform},
|
|
http::header::{HeaderValue, CACHE_CONTROL},
|
|
Error,
|
|
HttpMessage,
|
|
};
|
|
use core::future::Ready;
|
|
use futures_util::future::LocalBoxFuture;
|
|
use lemmy_api::{local_user_view_from_jwt, read_auth_token};
|
|
use lemmy_api_common::context::LemmyContext;
|
|
use std::{future::ready, rc::Rc};
|
|
|
|
#[derive(Clone)]
|
|
pub struct SessionMiddleware {
|
|
context: LemmyContext,
|
|
}
|
|
|
|
impl SessionMiddleware {
|
|
pub fn new(context: LemmyContext) -> Self {
|
|
SessionMiddleware { context }
|
|
}
|
|
}
|
|
impl<S, B> Transform<S, ServiceRequest> for SessionMiddleware
|
|
where
|
|
S: Service<ServiceRequest, Response = ServiceResponse<B>, Error = Error> + 'static,
|
|
S::Future: 'static,
|
|
B: MessageBody + 'static,
|
|
{
|
|
type Response = ServiceResponse<B>;
|
|
type Error = Error;
|
|
type Transform = SessionService<S>;
|
|
type InitError = ();
|
|
type Future = Ready<Result<Self::Transform, Self::InitError>>;
|
|
|
|
fn new_transform(&self, service: S) -> Self::Future {
|
|
ready(Ok(SessionService {
|
|
service: Rc::new(service),
|
|
context: self.context.clone(),
|
|
}))
|
|
}
|
|
}
|
|
|
|
pub struct SessionService<S> {
|
|
service: Rc<S>,
|
|
context: LemmyContext,
|
|
}
|
|
|
|
impl<S, B> Service<ServiceRequest> for SessionService<S>
|
|
where
|
|
S: Service<ServiceRequest, Response = ServiceResponse<B>, Error = Error> + 'static,
|
|
S::Future: 'static,
|
|
B: 'static,
|
|
{
|
|
type Response = ServiceResponse<B>;
|
|
type Error = Error;
|
|
type Future = LocalBoxFuture<'static, Result<Self::Response, Self::Error>>;
|
|
|
|
forward_ready!(service);
|
|
|
|
fn call(&self, req: ServiceRequest) -> Self::Future {
|
|
let svc = self.service.clone();
|
|
let context = self.context.clone();
|
|
|
|
Box::pin(async move {
|
|
let jwt = read_auth_token(req.request())?;
|
|
|
|
if let Some(jwt) = &jwt {
|
|
// Ignore any invalid auth so the site can still be used
|
|
// TODO: this means it will be impossible to get any error message for invalid jwt. Need
|
|
// to add a separate endpoint for that.
|
|
// https://github.com/LemmyNet/lemmy/issues/3702
|
|
let local_user_view = local_user_view_from_jwt(jwt, &context).await.ok();
|
|
if let Some(local_user_view) = local_user_view {
|
|
req.extensions_mut().insert(local_user_view);
|
|
}
|
|
}
|
|
|
|
let mut res = svc.call(req).await?;
|
|
|
|
// Add cache-control header if none is present
|
|
if !res.headers().contains_key(CACHE_CONTROL) {
|
|
// If user is authenticated, mark as private. Otherwise cache
|
|
// up to one minute.
|
|
let cache_value = if jwt.is_some() {
|
|
"private"
|
|
} else {
|
|
"public, max-age=60"
|
|
};
|
|
res
|
|
.headers_mut()
|
|
.insert(CACHE_CONTROL, HeaderValue::from_static(cache_value));
|
|
}
|
|
Ok(res)
|
|
})
|
|
}
|
|
}
|
|
|
|
#[cfg(test)]
|
|
mod tests {
|
|
|
|
use super::*;
|
|
use actix_web::test::TestRequest;
|
|
use lemmy_api_common::claims::Claims;
|
|
use lemmy_db_schema::{
|
|
source::{
|
|
instance::Instance,
|
|
local_user::{LocalUser, LocalUserInsertForm},
|
|
person::{Person, PersonInsertForm},
|
|
secret::Secret,
|
|
},
|
|
traits::Crud,
|
|
utils::build_db_pool_for_tests,
|
|
};
|
|
use lemmy_utils::{error::LemmyResult, rate_limit::RateLimitCell};
|
|
use pretty_assertions::assert_eq;
|
|
use reqwest::Client;
|
|
use reqwest_middleware::ClientBuilder;
|
|
use serial_test::serial;
|
|
use std::env::set_current_dir;
|
|
|
|
#[tokio::test]
|
|
#[serial]
|
|
async fn test_session_auth() -> LemmyResult<()> {
|
|
// hack, necessary so that config file can be loaded from hardcoded, relative path
|
|
set_current_dir("crates/utils")?;
|
|
|
|
let pool_ = build_db_pool_for_tests();
|
|
let pool = &mut (&pool_).into();
|
|
|
|
let secret = Secret::init(pool).await?;
|
|
|
|
let context = LemmyContext::create(
|
|
pool_.clone(),
|
|
ClientBuilder::new(Client::default()).build(),
|
|
secret,
|
|
RateLimitCell::with_test_config(),
|
|
);
|
|
|
|
let inserted_instance = Instance::read_or_create(pool, "my_domain.tld".to_string()).await?;
|
|
|
|
let new_person = PersonInsertForm::test_form(inserted_instance.id, "Gerry9812");
|
|
|
|
let inserted_person = Person::create(pool, &new_person).await?;
|
|
|
|
let local_user_form = LocalUserInsertForm::test_form(inserted_person.id);
|
|
|
|
let inserted_local_user = LocalUser::create(pool, &local_user_form, vec![]).await?;
|
|
|
|
let req = TestRequest::default().to_http_request();
|
|
let jwt = Claims::generate(inserted_local_user.id, req, &context).await?;
|
|
|
|
let valid = Claims::validate(&jwt, &context).await;
|
|
assert!(valid.is_ok());
|
|
|
|
let num_deleted = Person::delete(pool, inserted_person.id).await?;
|
|
assert_eq!(1, num_deleted);
|
|
|
|
Ok(())
|
|
}
|
|
}
|