feat(auth): disable auth option (#93)

dan-online · Nov 7, 2024 · a1acb30 · a1acb30
1 parent 619b2e5
commit a1acb30
Show file tree

Hide file tree

Showing 8 changed files with 54 additions and 11 deletions.
diff --git a/src/routes/list.rs b/src/routes/list.rs
@@ -36,7 +36,7 @@ impl Default for ListQuery {
 #[get("/list")]
 pub async fn list(
     manager: Data<Arc<PulseManager>>,
-    auth: BasicAuth,
+    auth: Option<BasicAuth>,
     query: web::Query<ListQuery>,
 ) -> Result<impl Responder> {
     if !check_auth(&auth, &manager.settings) {

diff --git a/src/routes/login.rs b/src/routes/login.rs
@@ -7,7 +7,10 @@ use serde_json::json;
 use std::sync::Arc;
 
 #[post("/login")]
-pub async fn login(manager: Data<Arc<PulseManager>>, auth: BasicAuth) -> Result<impl Responder> {
+pub async fn login(
+    manager: Data<Arc<PulseManager>>,
+    auth: Option<BasicAuth>,
+) -> Result<impl Responder> {
     if !check_auth(&auth, &manager.settings) {
         return Ok(HttpResponse::Unauthorized().body("Unauthorized"));
     }

diff --git a/src/routes/status.rs b/src/routes/status.rs
@@ -12,7 +12,7 @@ use std::sync::Arc;
 pub async fn status(
     id: Path<String>,
     manager: Data<Arc<PulseManager>>,
-    auth: BasicAuth,
+    auth: Option<BasicAuth>,
 ) -> Result<impl Responder> {
     if !check_auth(&auth, &manager.settings) {
         return Ok(HttpResponse::Unauthorized().body("Unauthorized"));

diff --git a/src/routes/triggers.rs b/src/routes/triggers.rs
@@ -17,7 +17,7 @@ use tracing::debug;
 pub async fn trigger_post(
     trigger: Path<String>,
     manager: Data<Arc<PulseManager>>,
-    auth: BasicAuth,
+    auth: Option<BasicAuth>,
     body: Json<serde_json::Value>,
 ) -> Result<HttpResponse> {
     if !check_auth(&auth, &manager.settings) {
@@ -115,7 +115,7 @@ pub async fn trigger_get(
     req: HttpRequest,
     trigger: Path<String>,
     manager: Data<Arc<PulseManager>>,
-    auth: BasicAuth,
+    auth: Option<BasicAuth>,
 ) -> Result<HttpResponse> {
     if !check_auth(&auth, &manager.settings) {
         return Ok(HttpResponse::Unauthorized().body("Unauthorized"));

diff --git a/src/service/targets/autopulse.rs b/src/service/targets/autopulse.rs
@@ -20,7 +20,9 @@ impl Autopulse {
     fn get_client(&self) -> anyhow::Result<reqwest::Client> {
         let mut headers = header::HeaderMap::new();
 
-        headers.insert("Authorization", self.auth.to_auth_encoded().parse()?);
+        if self.auth.enabled {
+            headers.insert("Authorization", self.auth.to_auth_encoded().parse()?);
+        }
 
         println!("headers: {:?}", headers);
 

diff --git a/src/settings/auth.rs b/src/settings/auth.rs
@@ -11,8 +11,16 @@ fn default_password() -> String {
     "password".to_string()
 }
 
+#[doc(hidden)]
+const fn default_enabled() -> bool {
+    true
+}
+
 #[derive(Deserialize, Clone, Debug)]
 pub struct Auth {
+    /// Whether authentication is enabled (default: true)
+    #[serde(default = "default_enabled")]
+    pub enabled: bool,
     /// Username for basic auth (default: admin)
     #[serde(default = "default_username")]
     pub username: String,
@@ -24,6 +32,7 @@ pub struct Auth {
 impl Default for Auth {
     fn default() -> Self {
         Self {
+            enabled: default_enabled(),
             username: default_username(),
             password: default_password(),
         }

diff --git a/src/tests/utils/check_auth.rs b/src/tests/utils/check_auth.rs
@@ -11,7 +11,7 @@ mod tests {
         ));
         let settings: Settings = serde_json::from_str("{}")?;
 
-        assert!(check_auth(&auth, &settings));
+        assert!(check_auth(&Some(auth), &settings));
 
         Ok(())
     }
@@ -21,7 +21,7 @@ mod tests {
         let auth = BasicAuth::from(Basic::new("username".to_string(), Some("".to_string())));
         let settings: Settings = serde_json::from_str("{}")?;
 
-        assert!(!check_auth(&auth, &settings));
+        assert!(!check_auth(&Some(auth), &settings));
 
         Ok(())
     }
@@ -34,7 +34,7 @@ mod tests {
         ));
         let settings: Settings = serde_json::from_str("{\"auth\":{\"username\":\"username\"}}")?;
 
-        assert!(check_auth(&auth, &settings));
+        assert!(check_auth(&Some(auth), &settings));
 
         Ok(())
     }
@@ -44,7 +44,26 @@ mod tests {
         let auth = BasicAuth::from(Basic::new("admin".to_string(), Some("pass".to_string())));
         let settings: Settings = serde_json::from_str("{\"auth\":{\"password\":\"pass\"}}")?;
 
-        assert!(check_auth(&auth, &settings));
+        assert!(check_auth(&Some(auth), &settings));
+
+        Ok(())
+    }
+
+    #[test]
+    fn test_check_disabled_auth_provided() -> anyhow::Result<()> {
+        let auth = BasicAuth::from(Basic::new("admin".to_string(), Some("pass".to_string())));
+        let settings: Settings = serde_json::from_str("{\"auth\":{\"enabled\": false}}")?;
+
+        assert!(check_auth(&Some(auth), &settings));
+
+        Ok(())
+    }
+
+    #[test]
+    fn test_check_disabled_auth_none() -> anyhow::Result<()> {
+        let settings: Settings = serde_json::from_str("{\"auth\":{\"enabled\": false}}")?;
+
+        assert!(check_auth(&None, &settings));
 
         Ok(())
     }

diff --git a/src/utils/check_auth.rs b/src/utils/check_auth.rs
@@ -1,7 +1,17 @@
 use crate::settings::Settings;
 use actix_web_httpauth::extractors::basic::BasicAuth;
 
-pub fn check_auth(auth: &BasicAuth, settings: &Settings) -> bool {
+pub fn check_auth(auth: &Option<BasicAuth>, settings: &Settings) -> bool {
+    if !settings.auth.enabled {
+        return true;
+    }
+
+    if auth.is_none() {
+        return false;
+    }
+
+    let auth = auth.as_ref().unwrap();
+
     let username = settings.auth.username.clone();
     let password = settings.auth.password.clone();