From 5fb4932579f47a1196520699753e334362113776 Mon Sep 17 00:00:00 2001 From: DanCodes Date: Thu, 7 Nov 2024 16:04:20 +0000 Subject: [PATCH] feat(auth): disable auth option --- src/routes/list.rs | 2 +- src/routes/login.rs | 5 ++++- src/routes/status.rs | 2 +- src/routes/triggers.rs | 4 ++-- src/service/targets/autopulse.rs | 4 +++- src/settings/auth.rs | 9 +++++++++ src/tests/utils/check_auth.rs | 27 +++++++++++++++++++++++---- src/utils/check_auth.rs | 12 +++++++++++- 8 files changed, 54 insertions(+), 11 deletions(-) diff --git a/src/routes/list.rs b/src/routes/list.rs index b56357e2..ffc72316 100644 --- a/src/routes/list.rs +++ b/src/routes/list.rs @@ -36,7 +36,7 @@ impl Default for ListQuery { #[get("/list")] pub async fn list( manager: Data>, - auth: BasicAuth, + auth: Option, query: web::Query, ) -> Result { if !check_auth(&auth, &manager.settings) { diff --git a/src/routes/login.rs b/src/routes/login.rs index 280ebe73..2d2dbb61 100644 --- a/src/routes/login.rs +++ b/src/routes/login.rs @@ -7,7 +7,10 @@ use serde_json::json; use std::sync::Arc; #[post("/login")] -pub async fn login(manager: Data>, auth: BasicAuth) -> Result { +pub async fn login( + manager: Data>, + auth: Option, +) -> Result { if !check_auth(&auth, &manager.settings) { return Ok(HttpResponse::Unauthorized().body("Unauthorized")); } diff --git a/src/routes/status.rs b/src/routes/status.rs index a76e0b00..6e86a79b 100644 --- a/src/routes/status.rs +++ b/src/routes/status.rs @@ -12,7 +12,7 @@ use std::sync::Arc; pub async fn status( id: Path, manager: Data>, - auth: BasicAuth, + auth: Option, ) -> Result { if !check_auth(&auth, &manager.settings) { return Ok(HttpResponse::Unauthorized().body("Unauthorized")); diff --git a/src/routes/triggers.rs b/src/routes/triggers.rs index ab45479e..b9ce5996 100644 --- a/src/routes/triggers.rs +++ b/src/routes/triggers.rs @@ -17,7 +17,7 @@ use tracing::debug; pub async fn trigger_post( trigger: Path, manager: Data>, - auth: BasicAuth, + auth: Option, body: Json, ) -> Result { if !check_auth(&auth, &manager.settings) { @@ -115,7 +115,7 @@ pub async fn trigger_get( req: HttpRequest, trigger: Path, manager: Data>, - auth: BasicAuth, + auth: Option, ) -> Result { if !check_auth(&auth, &manager.settings) { return Ok(HttpResponse::Unauthorized().body("Unauthorized")); diff --git a/src/service/targets/autopulse.rs b/src/service/targets/autopulse.rs index 5482f19c..145220f6 100644 --- a/src/service/targets/autopulse.rs +++ b/src/service/targets/autopulse.rs @@ -20,7 +20,9 @@ impl Autopulse { fn get_client(&self) -> anyhow::Result { let mut headers = header::HeaderMap::new(); - headers.insert("Authorization", self.auth.to_auth_encoded().parse()?); + if self.auth.enabled { + headers.insert("Authorization", self.auth.to_auth_encoded().parse()?); + } println!("headers: {:?}", headers); diff --git a/src/settings/auth.rs b/src/settings/auth.rs index bdee8ff8..7a0a0d08 100644 --- a/src/settings/auth.rs +++ b/src/settings/auth.rs @@ -11,8 +11,16 @@ fn default_password() -> String { "password".to_string() } +#[doc(hidden)] +const fn default_enabled() -> bool { + true +} + #[derive(Deserialize, Clone, Debug)] pub struct Auth { + /// Whether authentication is enabled (default: true) + #[serde(default = "default_enabled")] + pub enabled: bool, /// Username for basic auth (default: admin) #[serde(default = "default_username")] pub username: String, @@ -24,6 +32,7 @@ pub struct Auth { impl Default for Auth { fn default() -> Self { Self { + enabled: default_enabled(), username: default_username(), password: default_password(), } diff --git a/src/tests/utils/check_auth.rs b/src/tests/utils/check_auth.rs index 375e66f1..bdb49f49 100644 --- a/src/tests/utils/check_auth.rs +++ b/src/tests/utils/check_auth.rs @@ -11,7 +11,7 @@ mod tests { )); let settings: Settings = serde_json::from_str("{}")?; - assert!(check_auth(&auth, &settings)); + assert!(check_auth(&Some(auth), &settings)); Ok(()) } @@ -21,7 +21,7 @@ mod tests { let auth = BasicAuth::from(Basic::new("username".to_string(), Some("".to_string()))); let settings: Settings = serde_json::from_str("{}")?; - assert!(!check_auth(&auth, &settings)); + assert!(!check_auth(&Some(auth), &settings)); Ok(()) } @@ -34,7 +34,7 @@ mod tests { )); let settings: Settings = serde_json::from_str("{\"auth\":{\"username\":\"username\"}}")?; - assert!(check_auth(&auth, &settings)); + assert!(check_auth(&Some(auth), &settings)); Ok(()) } @@ -44,7 +44,26 @@ mod tests { let auth = BasicAuth::from(Basic::new("admin".to_string(), Some("pass".to_string()))); let settings: Settings = serde_json::from_str("{\"auth\":{\"password\":\"pass\"}}")?; - assert!(check_auth(&auth, &settings)); + assert!(check_auth(&Some(auth), &settings)); + + Ok(()) + } + + #[test] + fn test_check_disabled_auth_provided() -> anyhow::Result<()> { + let auth = BasicAuth::from(Basic::new("admin".to_string(), Some("pass".to_string()))); + let settings: Settings = serde_json::from_str("{\"auth\":{\"enabled\": false}}")?; + + assert!(check_auth(&Some(auth), &settings)); + + Ok(()) + } + + #[test] + fn test_check_disabled_auth_none() -> anyhow::Result<()> { + let settings: Settings = serde_json::from_str("{\"auth\":{\"enabled\": false}}")?; + + assert!(check_auth(&None, &settings)); Ok(()) } diff --git a/src/utils/check_auth.rs b/src/utils/check_auth.rs index d88ea665..f05822ca 100644 --- a/src/utils/check_auth.rs +++ b/src/utils/check_auth.rs @@ -1,7 +1,17 @@ use crate::settings::Settings; use actix_web_httpauth::extractors::basic::BasicAuth; -pub fn check_auth(auth: &BasicAuth, settings: &Settings) -> bool { +pub fn check_auth(auth: &Option, settings: &Settings) -> bool { + if !settings.auth.enabled { + return true; + } + + if auth.is_none() { + return false; + } + + let auth = auth.as_ref().unwrap(); + let username = settings.auth.username.clone(); let password = settings.auth.password.clone();