From dd6fce4b3c0cff3f8313984e2c0f9a4208892c1c Mon Sep 17 00:00:00 2001 From: Yusuf Bera Ertan Date: Fri, 21 Apr 2023 19:39:04 +0300 Subject: [PATCH] remove some logs --- src/handler.rs | 47 ++++++++++++++++++++++++----------------------- src/main.rs | 43 +++++++++++++++++++++++-------------------- src/token.rs | 1 - 3 files changed, 47 insertions(+), 44 deletions(-) diff --git a/src/handler.rs b/src/handler.rs index 2f26a3a..6a04018 100644 --- a/src/handler.rs +++ b/src/handler.rs @@ -36,11 +36,24 @@ use crate::{get_conf, AppState}; const B64: base64::engine::GeneralPurpose = base64::engine::general_purpose::STANDARD; -pub(super) async fn public(state: AppState) -> Result { +#[derive(Deserialize)] +struct Auth { + #[serde(default)] + token: Option, +} + +fn extract_password_from_basic_auth(auth: &str) -> Result { + let decoded = B64.decode(auth.trim_start_matches("Basic "))?; + let auth = String::from_utf8(decoded)?; + Ok(auth.trim_start_matches("default:").to_string()) +} + +pub(super) async fn handler(state: AppState) -> Result { let trace_layer = TraceLayer::new_for_http().make_span_with(DefaultMakeSpan::default().include_headers(true)); let router = Router::new() + .route("/generate_token", get(generate_token)) .route("/thumbnails/:id", get(http)) .route("/audio/id/:id", get(http)) .route("/", get(metadata_ws)) @@ -57,13 +70,16 @@ pub(super) async fn public(state: AppState) -> Result { Ok(router) } -pub(super) async fn internal(state: AppState) -> Router { - Router::new() - .route("/generate_token", get(generate_token)) - .with_state(state) -} +async fn generate_token( + State(app): State, + ConnectInfo(addr): ConnectInfo, +) -> Result { + // disallow any connections other than local ones + if !addr.ip().is_loopback() { + return Ok((StatusCode::FORBIDDEN, "not allowed").into_response()); + } -async fn generate_token(State(app): State) -> Result { + // generate token let token = app.tokens.generate().await?; // start task to write tokens tokio::spawn(async move { @@ -71,19 +87,7 @@ async fn generate_token(State(app): State) -> Result, -} - -fn extract_password_from_basic_auth(auth: &str) -> Result { - let decoded = B64.decode(auth.trim_start_matches("Basic "))?; - let auth = String::from_utf8(decoded)?; - Ok(auth.trim_start_matches("default:").to_string()) + return Ok(token.into_response()); } async fn http( @@ -186,7 +190,6 @@ async fn handle_metadata_socket( let (token, og_auth_msg) = 'ok: { 'err: { if let Some(Ok(AxumMessage::Text(raw))) = client_socket.recv().await { - tracing::debug!("got client auth message: {raw}"); let Ok(parsed) = serde_json::from_str::(&raw) else { tracing::error!("invalid auth message"); break 'err; @@ -253,7 +256,6 @@ async fn handle_metadata_socket( }, }; let auth_msg_ser = serde_json::to_string(&auth_msg).expect(""); - tracing::debug!("sending auth message to musikcubed: {auth_msg_ser}"); if let Err(err) = server_socket .send(TungsteniteMessage::Text(auth_msg_ser)) .await @@ -263,7 +265,6 @@ async fn handle_metadata_socket( } // wait for auth reply if let Some(Ok(TungsteniteMessage::Text(raw))) = server_socket.next().await { - tracing::debug!("got auth reply from musikcubed: {raw}"); let Ok(parsed) = serde_json::from_str::(&raw) else { tracing::error!("invalid auth response message: {raw}"); break 'err; diff --git a/src/main.rs b/src/main.rs index 6c6ad32..44ac046 100644 --- a/src/main.rs +++ b/src/main.rs @@ -1,5 +1,6 @@ use std::{net::SocketAddr, sync::Arc}; +use axum_server::tls_rustls::RustlsConfig; use dotenvy::Error as DotenvError; use error::AppError; use hyper::{client::HttpConnector, Body}; @@ -35,30 +36,32 @@ async fn app() -> Result<(), AppError> { Err(err) => return Err(err.into()), } - // let cert_path = get_conf("TLS_CERT_PATH"); - // let key_path = get_conf("TLS_KEY_PATH"); - // info!("cert path is: {cert_path}"); - // info!("key path is: {key_path}"); - // let config = RustlsConfig::from_pem_file(cert_path, key_path) - // .await - // .unwrap(); + let cert_path = get_conf("TLS_CERT_PATH").ok(); + let key_path = get_conf("TLS_KEY_PATH").ok(); - let public_addr: SocketAddr = get_conf("ADDRESS")?.parse()?; - let local_addr: SocketAddr = get_conf("LOCAL_ADDRESS")?.parse()?; + let addr: SocketAddr = get_conf("ADDRESS")?.parse()?; - let state = AppState::new(AppStateInternal::new(public_addr.port()).await?); - let public = handler::public(state.clone()).await?; - let internal = handler::internal(state).await; + let state = AppState::new(AppStateInternal::new(addr.port()).await?); + let router = handler::handler(state).await?; + let make_service = router.into_make_service_with_connect_info::(); - info!("listening on {public_addr} for public APIs, on {local_addr} for internal API use"); - // axum_server::bind_rustls(addr, config) - let public = axum_server::bind(public_addr) - .serve(public.into_make_service_with_connect_info::()); - let internal = axum_server::bind(local_addr).serve(internal.into_make_service()); + let (task, scheme) = if let (Some(cert_path), Some(key_path)) = (cert_path, key_path) { + info!("cert path is: {cert_path}"); + info!("key path is: {key_path}"); + let config = RustlsConfig::from_pem_file(cert_path, key_path) + .await + .unwrap(); + let task = tokio::spawn(axum_server::bind_rustls(addr, config).serve(make_service)); + (task, "https") + } else { + let task = tokio::spawn(axum_server::bind(addr).serve(make_service)); + (task, "http") + }; - tokio::try_join!(public, internal) - .map(|_| ()) - .map_err(Into::into) + info!("listening on {scheme}://{addr}"); + task.await??; + + Ok(()) } fn get_conf(key: &str) -> Result { diff --git a/src/token.rs b/src/token.rs index 7abb461..5ad7c44 100644 --- a/src/token.rs +++ b/src/token.rs @@ -64,7 +64,6 @@ impl Tokens { pub async fn verify(&self, token: impl AsRef) -> Result { let token = token.as_ref(); let token_hash = hash_string(token.as_bytes())?; - tracing::debug!("verifying token {token}, hash {token_hash}"); Ok(self.hashed.contains_async(&Cow::Owned(token_hash)).await) } }