monorepo/file-service/src/main.rs

extern crate log;

use cookie::Cookie;
use handlers::{file, handle_auth, handle_css, handle_delete, handle_upload, thumbnail};
use std::{
    collections::{HashMap, HashSet},
    convert::Infallible,
    net::{IpAddr, Ipv4Addr, SocketAddr},
    path::PathBuf,
    sync::Arc,
};
use tokio::sync::RwLock;
use warp::{Filter, Rejection};

mod handlers;
mod html;
mod pages;

const MAX_UPLOAD: u64 = 15 * 1024 * 1024;

pub use file_service::{
    AuthDB, AuthError, AuthToken, DeleteFileError, FileHandle, FileId, FileInfo, ReadFileError,
    SessionToken, Store, Username, WriteFileError,
};
pub use handlers::handle_index;

#[derive(Clone)]
pub struct App {
    authdb: Arc<RwLock<AuthDB>>,
    store: Arc<RwLock<Store>>,
}

impl App {
    pub fn new(authdb: AuthDB, store: Store) -> Self {
        Self {
            authdb: Arc::new(RwLock::new(authdb)),
            store: Arc::new(RwLock::new(store)),
        }
    }

    pub async fn authenticate(&self, token: AuthToken) -> Result<Option<SessionToken>, AuthError> {
        self.authdb.read().await.authenticate(token).await
    }

    pub async fn validate_session(
        &self,
        token: SessionToken,
    ) -> Result<Option<Username>, AuthError> {
        self.authdb.read().await.validate_session(token).await
    }

    pub async fn list_files(&self) -> Result<HashSet<FileId>, ReadFileError> {
        self.store.read().await.list_files()
    }

    pub async fn get_file(&self, id: &FileId) -> Result<FileHandle, ReadFileError> {
        self.store.read().await.get_file(id)
    }

    pub async fn add_file(
        &self,
        filename: String,
        content: Vec<u8>,
    ) -> Result<FileHandle, WriteFileError> {
        self.store.write().await.add_file(filename, content)
    }

    pub async fn delete_file(&self, id: FileId) -> Result<(), DeleteFileError> {
        self.store.write().await.delete_file(&id)?;
        Ok(())
    }
}

fn with_app(app: App) -> impl Filter<Extract = (App,), Error = Infallible> + Clone {
    warp::any().map(move || app.clone())
}

fn parse_cookies(cookie_str: &str) -> Result<HashMap<String, String>, cookie::ParseError> {
    Cookie::split_parse(cookie_str)
        .map(|c| c.map(|c| (c.name().to_owned(), c.value().to_owned())))
        .collect::<Result<HashMap<String, String>, cookie::ParseError>>()
}

fn get_session_token(cookies: HashMap<String, String>) -> Option<SessionToken> {
    cookies.get("session").cloned().map(SessionToken::from)
}

fn maybe_with_session() -> impl Filter<Extract = (Option<SessionToken>,), Error = Rejection> + Copy
{
    warp::any()
        .and(warp::header::optional::<String>("cookie"))
        .map(|cookie_str: Option<String>| match cookie_str {
            Some(cookie_str) => parse_cookies(&cookie_str).ok().and_then(get_session_token),
            None => None,
        })
}

fn with_session() -> impl Filter<Extract = (SessionToken,), Error = Rejection> + Copy {
    warp::any()
        .and(warp::header::<String>("cookie"))
        .and_then(|cookie_str: String| async move {
            match parse_cookies(&cookie_str).ok().and_then(get_session_token) {
                Some(session_token) => Ok(session_token),
                None => Err(warp::reject()),
            }
        })
}

#[tokio::main]
pub async fn main() {
    pretty_env_logger::init();

    let authdb = AuthDB::new(PathBuf::from(&std::env::var("AUTHDB").unwrap()))
        .await
        .unwrap();
    let store = Store::new(PathBuf::from(&std::env::var("FILE_SHARE_DIR").unwrap()));

    let app = App::new(authdb, store);

    let log = warp::log("file_service");
    let root = warp::path!()
        .and(warp::get())
        .and(with_app(app.clone()))
        .and(maybe_with_session())
        .then(handle_index);

    let styles = warp::path!("css").and(warp::get()).then(handle_css);

    let auth = warp::path!("auth")
        .and(warp::post())
        .and(with_app(app.clone()))
        .and(warp::filters::body::form())
        .then(handle_auth);

    let upload_via_form = warp::path!("upload")
        .and(warp::post())
        .and(with_app(app.clone()))
        .and(with_session())
        .and(warp::multipart::form().max_length(MAX_UPLOAD))
        .then(handle_upload);

    let delete_via_form = warp::path!("delete" / String)
        .and(warp::post())
        .and(with_app(app.clone()))
        .and(with_session())
        .then(|id, app, token| handle_delete(app, token, FileId::from(id)));

    let thumbnail = warp::path!(String / "tn")
        .and(warp::get())
        .and(warp::header::optional::<String>("if-none-match"))
        .and(with_app(app.clone()))
        .then(move |id, old_etags, app: App| thumbnail(app, id, old_etags));

    let file = warp::path!(String)
        .and(warp::get())
        .and(warp::header::optional::<String>("if-none-match"))
        .and(with_app(app.clone()))
        .then(move |id, old_etags, app: App| file(app, id, old_etags));

    let server = warp::serve(
        root.or(styles)
            .or(auth)
            .or(upload_via_form)
            .or(delete_via_form)
            .or(thumbnail)
            .or(file)
            .with(log),
    );

    server
        .run(SocketAddr::new(IpAddr::V4(Ipv4Addr::new(0, 0, 0, 0)), 8002))
        .await;
}
Set up the delete route Sets up the delete route, including post-delete redirect back to the root. Also adds logging. Delete does not actually delete things yet. 2023-09-22 04:38:26 +00:00			`extern crate log;`

Validate the session token A previous commit added authentication token checks. Auth tokens are replaced with session tokens, which can (and should) expire. This commit validates sessions, which now allows access to gated operations. 2023-10-03 21:04:35 +00:00			`use cookie::Cookie;`
Add the handler to delete a file 2023-10-26 02:54:05 +00:00			`use handlers::{file, handle_auth, handle_css, handle_delete, handle_upload, thumbnail};`
Swap from iron to warp and start rebuilding the app 2023-09-21 03:06:34 +00:00			`use std::{`
Validate the session token A previous commit added authentication token checks. Auth tokens are replaced with session tokens, which can (and should) expire. This commit validates sessions, which now allows access to gated operations. 2023-10-03 21:04:35 +00:00			`collections::{HashMap, HashSet},`
Set up authentication routes 2023-10-03 15:10:37 +00:00			`convert::Infallible,`
Swap from iron to warp and start rebuilding the app 2023-09-21 03:06:34 +00:00			`net::{IpAddr, Ipv4Addr, SocketAddr},`
Add some tests to verify that a file can be added to the system Still gutting a lot of the old code, but this MR focuses more on ensuring that a file can be added and that the metadata gets saved. 2023-09-23 03:43:45 +00:00			`path::PathBuf,`
Split out a support library 2023-10-03 20:18:19 +00:00			`sync::Arc,`
Swap from iron to warp and start rebuilding the app 2023-09-21 03:06:34 +00:00			`};`
Split out a support library 2023-10-03 20:18:19 +00:00			`use tokio::sync::RwLock;`
Set a maximum upload to 15MB 2023-10-05 04:08:27 +00:00			`use warp::{Filter, Rejection};`
Import a questionably refactored version of file-service 2023-09-19 22:55:53 +00:00
Set up authentication routes 2023-10-03 15:10:37 +00:00			`mod handlers;`
Swap from iron to warp and start rebuilding the app 2023-09-21 03:06:34 +00:00			`mod html;`
			`mod pages;`
Import a questionably refactored version of file-service 2023-09-19 22:55:53 +00:00
Set a maximum upload to 15MB 2023-10-05 04:08:27 +00:00			`const MAX_UPLOAD: u64 = 15 * 1024 * 1024;`

Split out a support library 2023-10-03 20:18:19 +00:00			`pub use file_service::{`
Add the handler to delete a file 2023-10-26 02:54:05 +00:00			`AuthDB, AuthError, AuthToken, DeleteFileError, FileHandle, FileId, FileInfo, ReadFileError,`
			`SessionToken, Store, Username, WriteFileError,`
Finish the auth handler and create app auth stubs 2023-10-03 15:28:09 +00:00			`};`
Split out a support library 2023-10-03 20:18:19 +00:00			`pub use handlers::handle_index;`
Import a questionably refactored version of file-service 2023-09-19 22:55:53 +00:00
Split out a support library 2023-10-03 20:18:19 +00:00			`#[derive(Clone)]`
			`pub struct App {`
			`authdb: Arc<RwLock<AuthDB>>,`
			`store: Arc<RwLock<Store>>,`
			`}`

			`impl App {`
			`pub fn new(authdb: AuthDB, store: Store) -> Self {`
			`Self {`
			`authdb: Arc::new(RwLock::new(authdb)),`
			`store: Arc::new(RwLock::new(store)),`
			`}`
			`}`

Validate the session token A previous commit added authentication token checks. Auth tokens are replaced with session tokens, which can (and should) expire. This commit validates sessions, which now allows access to gated operations. 2023-10-03 21:04:35 +00:00			`pub async fn authenticate(&self, token: AuthToken) -> Result<Option<SessionToken>, AuthError> {`
			`self.authdb.read().await.authenticate(token).await`
Split out a support library 2023-10-03 20:18:19 +00:00			`}`

Validate the session token A previous commit added authentication token checks. Auth tokens are replaced with session tokens, which can (and should) expire. This commit validates sessions, which now allows access to gated operations. 2023-10-03 21:04:35 +00:00			`pub async fn validate_session(`
			`&self,`
			`token: SessionToken,`
			`) -> Result<Option<Username>, AuthError> {`
			`self.authdb.read().await.validate_session(token).await`
Split out a support library 2023-10-03 20:18:19 +00:00			`}`

			`pub async fn list_files(&self) -> Result<HashSet<FileId>, ReadFileError> {`
			`self.store.read().await.list_files()`
			`}`

			`pub async fn get_file(&self, id: &FileId) -> Result<FileHandle, ReadFileError> {`
			`self.store.read().await.get_file(id)`
			`}`

			`pub async fn add_file(`
			`&self,`
			`filename: String,`
			`content: Vec<u8>,`
			`) -> Result<FileHandle, WriteFileError> {`
			`self.store.write().await.add_file(filename, content)`
			`}`
Add the handler to delete a file 2023-10-26 02:54:05 +00:00
			`pub async fn delete_file(&self, id: FileId) -> Result<(), DeleteFileError> {`
			`self.store.write().await.delete_file(&id)?;`
			`Ok(())`
			`}`
Split out a support library 2023-10-03 20:18:19 +00:00			`}`

Set up authentication routes 2023-10-03 15:10:37 +00:00			`fn with_app(app: App) -> impl Filter<Extract = (App,), Error = Infallible> + Clone {`
			`warp::any().map(move \|\| app.clone())`
			`}`
Import a questionably refactored version of file-service 2023-09-19 22:55:53 +00:00
Validate the session token with file uploads File uploads now check the session token before continuing. Resolves: https://www.pivotaltracker.com/story/show/186174680 2023-10-03 21:30:43 +00:00			`fn parse_cookies(cookie_str: &str) -> Result<HashMap<String, String>, cookie::ParseError> {`
			`Cookie::split_parse(cookie_str)`
			`.map(\|c\| c.map(\|c\| (c.name().to_owned(), c.value().to_owned())))`
			`.collect::<Result<HashMap<String, String>, cookie::ParseError>>()`
			`}`

			`fn get_session_token(cookies: HashMap<String, String>) -> Option<SessionToken> {`
Thoroughly lint the file-service 2023-10-04 19:57:18 +00:00			`cookies.get("session").cloned().map(SessionToken::from)`
Validate the session token with file uploads File uploads now check the session token before continuing. Resolves: https://www.pivotaltracker.com/story/show/186174680 2023-10-03 21:30:43 +00:00			`}`

Set up authentication routes 2023-10-03 15:10:37 +00:00			`fn maybe_with_session() -> impl Filter<Extract = (Option<SessionToken>,), Error = Rejection> + Copy`
			`{`
			`warp::any()`
			`.and(warp::header::optional::<String>("cookie"))`
Validate the session token with file uploads File uploads now check the session token before continuing. Resolves: https://www.pivotaltracker.com/story/show/186174680 2023-10-03 21:30:43 +00:00			`.map(\|cookie_str: Option<String>\| match cookie_str {`
			`Some(cookie_str) => parse_cookies(&cookie_str).ok().and_then(get_session_token),`
Validate the session token A previous commit added authentication token checks. Auth tokens are replaced with session tokens, which can (and should) expire. This commit validates sessions, which now allows access to gated operations. 2023-10-03 21:04:35 +00:00			`None => None,`
Set up authentication routes 2023-10-03 15:10:37 +00:00			`})`
			`}`
Import a questionably refactored version of file-service 2023-09-19 22:55:53 +00:00
Set up authentication routes 2023-10-03 15:10:37 +00:00			`fn with_session() -> impl Filter<Extract = (SessionToken,), Error = Rejection> + Copy {`
			`warp::any()`
			`.and(warp::header::<String>("cookie"))`
Validate the session token with file uploads File uploads now check the session token before continuing. Resolves: https://www.pivotaltracker.com/story/show/186174680 2023-10-03 21:30:43 +00:00			`.and_then(\|cookie_str: String\| async move {`
			`match parse_cookies(&cookie_str).ok().and_then(get_session_token) {`
			`Some(session_token) => Ok(session_token),`
			`None => Err(warp::reject()),`
			`}`
			`})`
Set up authentication routes 2023-10-03 15:10:37 +00:00			`}`
Import a questionably refactored version of file-service 2023-09-19 22:55:53 +00:00
Set up authentication routes 2023-10-03 15:10:37 +00:00			`#[tokio::main]`
			`pub async fn main() {`
			`pretty_env_logger::init();`
Import a questionably refactored version of file-service 2023-09-19 22:55:53 +00:00
Add a CLI application for user management 2023-10-03 20:32:00 +00:00			`let authdb = AuthDB::new(PathBuf::from(&std::env::var("AUTHDB").unwrap()))`
			`.await`
			`.unwrap();`
Set up authentication routes 2023-10-03 15:10:37 +00:00			`let store = Store::new(PathBuf::from(&std::env::var("FILE_SHARE_DIR").unwrap()));`
Import a questionably refactored version of file-service 2023-09-19 22:55:53 +00:00
Set up authentication routes 2023-10-03 15:10:37 +00:00			`let app = App::new(authdb, store);`
Swap from iron to warp and start rebuilding the app 2023-09-21 03:06:34 +00:00
Set up the delete route Sets up the delete route, including post-delete redirect back to the root. Also adds logging. Delete does not actually delete things yet. 2023-09-22 04:38:26 +00:00			`let log = warp::log("file_service");`
Set up authentication routes 2023-10-03 15:10:37 +00:00			`let root = warp::path!()`
			`.and(warp::get())`
			`.and(with_app(app.clone()))`
			`.and(maybe_with_session())`
			`.then(handle_index);`
Set up the delete route Sets up the delete route, including post-delete redirect back to the root. Also adds logging. Delete does not actually delete things yet. 2023-09-22 04:38:26 +00:00
Serve the CSS file 2023-10-06 23:04:15 +00:00			`let styles = warp::path!("css").and(warp::get()).then(handle_css);`

Set up authentication routes 2023-10-03 15:10:37 +00:00			`let auth = warp::path!("auth")`
Complete upload 2023-09-27 02:43:33 +00:00			`.and(warp::post())`
Finish the auth handler and create app auth stubs 2023-10-03 15:28:09 +00:00			`.and(with_app(app.clone()))`
Set up authentication routes 2023-10-03 15:10:37 +00:00			`.and(warp::filters::body::form())`
			`.then(handle_auth);`
Complete upload 2023-09-27 02:43:33 +00:00
Validate the session token with file uploads File uploads now check the session token before continuing. Resolves: https://www.pivotaltracker.com/story/show/186174680 2023-10-03 21:30:43 +00:00			`let upload_via_form = warp::path!("upload")`
Set up the delete route Sets up the delete route, including post-delete redirect back to the root. Also adds logging. Delete does not actually delete things yet. 2023-09-22 04:38:26 +00:00			`.and(warp::post())`
Set up authentication routes 2023-10-03 15:10:37 +00:00			`.and(with_app(app.clone()))`
			`.and(with_session())`
Set a maximum upload to 15MB 2023-10-05 04:08:27 +00:00			`.and(warp::multipart::form().max_length(MAX_UPLOAD))`
Set up authentication routes 2023-10-03 15:10:37 +00:00			`.then(handle_upload);`
Set up the delete route Sets up the delete route, including post-delete redirect back to the root. Also adds logging. Delete does not actually delete things yet. 2023-09-22 04:38:26 +00:00
Add the handler to delete a file 2023-10-26 02:54:05 +00:00			`let delete_via_form = warp::path!("delete" / String)`
			`.and(warp::post())`
			`.and(with_app(app.clone()))`
			`.and(with_session())`
			`.then(\|id, app, token\| handle_delete(app, token, FileId::from(id)));`

Attempt to add etag caching 2023-09-21 04:00:09 +00:00			`let thumbnail = warp::path!(String / "tn")`
Set up the delete route Sets up the delete route, including post-delete redirect back to the root. Also adds logging. Delete does not actually delete things yet. 2023-09-22 04:38:26 +00:00			`.and(warp::get())`
Attempt to add etag caching 2023-09-21 04:00:09 +00:00			`.and(warp::header::optional::<String>("if-none-match"))`
Set up authentication routes 2023-10-03 15:10:37 +00:00			`.and(with_app(app.clone()))`
			`.then(move \|id, old_etags, app: App\| thumbnail(app, id, old_etags));`
Refactor file and thumbnail serving to common code 2023-09-22 02:15:58 +00:00
			`let file = warp::path!(String)`
Set up the delete route Sets up the delete route, including post-delete redirect back to the root. Also adds logging. Delete does not actually delete things yet. 2023-09-22 04:38:26 +00:00			`.and(warp::get())`
Refactor file and thumbnail serving to common code 2023-09-22 02:15:58 +00:00			`.and(warp::header::optional::<String>("if-none-match"))`
Set up authentication routes 2023-10-03 15:10:37 +00:00			`.and(with_app(app.clone()))`
			`.then(move \|id, old_etags, app: App\| file(app, id, old_etags));`
Render thumbnails 2023-09-21 03:31:52 +00:00
Set up the delete route Sets up the delete route, including post-delete redirect back to the root. Also adds logging. Delete does not actually delete things yet. 2023-09-22 04:38:26 +00:00			`let server = warp::serve(`
Serve the CSS file 2023-10-06 23:04:15 +00:00			`root.or(styles)`
			`.or(auth)`
Handle file uploads with a validated session 2023-10-03 21:47:54 +00:00			`.or(upload_via_form)`
Add the handler to delete a file 2023-10-26 02:54:05 +00:00			`.or(delete_via_form)`
Handle file uploads with a validated session 2023-10-03 21:47:54 +00:00			`.or(thumbnail)`
			`.or(file)`
			`.with(log),`
Set up the delete route Sets up the delete route, including post-delete redirect back to the root. Also adds logging. Delete does not actually delete things yet. 2023-09-22 04:38:26 +00:00			`);`
Set up authentication routes 2023-10-03 15:10:37 +00:00
Swap from iron to warp and start rebuilding the app 2023-09-21 03:06:34 +00:00			`server`
			`.run(SocketAddr::new(IpAddr::V4(Ipv4Addr::new(0, 0, 0, 0)), 8002))`
			`.await;`
Import a questionably refactored version of file-service 2023-09-19 22:55:53 +00:00			`}`