✨ Basic Auth

Cargo.toml

@@ -13,15 +13,25 @@ hyper-util = { version = "0.1.2", features = ["full"] }
 lazy_static = "1.4.0"
 mime = "0.3.17"
 percent-encoding = "2.3.1"
-poem = { version = "2.0.0", features = ["tokio-metrics", "websocket", "static-files", "reqwest"] }
+poem = { version = "2.0.0", features = [
-poem-openapi = { version = "4.0.0", features = ["swagger-ui"] }
+  "tokio-metrics",
+  "websocket",
+  "static-files",
+  "reqwest",
+] }
+poem-openapi = { version = "4.0.0" }
 queryst = "3.0.0"
 rand = "0.8.5"
 regex = "1.10.2"
 reqwest = { git = "https://github.com/seanmonstar/reqwest.git", branch = "hyper-v1", version = "0.11.23" }
 serde = "1.0.195"
 serde_json = "1.0.111"
-tokio = { version = "1.35.1", features = ["rt-multi-thread", "macros", "time", "full"] }
+tokio = { version = "1.35.1", features = [
+  "rt-multi-thread",
+  "macros",
+  "time",
+  "full",
+] }
 tokio-tungstenite = "0.21.0"
 toml = "0.8.8"
 tracing = "0.1.40"

Settings.toml

@@ -1,4 +1,5 @@
 regions = "./regions"
+secret = "aEXcED5xJ3"
 
 [listen]
 proxies = "0.0.0.0:80"

src/auth.rs

@@ -0,0 +1,50 @@
+use http::StatusCode;
+use poem::{
+    web::headers::{self, authorization::Basic, HeaderMapExt},
+    Endpoint, Error, Middleware, Request, Response, Result,
+};
+
+pub struct BasicAuth {
+    pub username: String,
+    pub password: String,
+}
+
+impl<E: Endpoint> Middleware<E> for BasicAuth {
+    type Output = BasicAuthEndpoint<E>;
+
+    fn transform(&self, ep: E) -> Self::Output {
+        BasicAuthEndpoint {
+            ep,
+            username: self.username.clone(),
+            password: self.password.clone(),
+        }
+    }
+}
+
+pub struct BasicAuthEndpoint<E> {
+    ep: E,
+    username: String,
+    password: String,
+}
+
+#[poem::async_trait]
+impl<E: Endpoint> Endpoint for BasicAuthEndpoint<E> {
+    type Output = E::Output;
+
+    async fn call(&self, req: Request) -> Result<Self::Output> {
+        if let Some(auth) = req.headers().typed_get::<headers::Authorization<Basic>>() {
+            if auth.0.username() == self.username && auth.0.password() == self.password {
+                return self.ep.call(req).await;
+            }
+        }
+        Err(Error::from_response(
+            Response::builder()
+                .header(
+                    "WWW-Authenticate",
+                    "Basic realm=\"RoadSig\", charset=\"UTF-8\"",
+                )
+                .status(StatusCode::UNAUTHORIZED)
+                .finish(),
+        ))
+    }
+}

src/main.rs

@@ -1,3 +1,4 @@
+pub mod auth;
 mod config;
 mod proxies;
 mod sideload;
@@ -5,7 +6,7 @@ mod sideload;
 use std::collections::VecDeque;
 
 use lazy_static::lazy_static;
-use poem::{listener::TcpListener, Route, Server};
+use poem::{listener::TcpListener, EndpointExt, Route, Server};
 use poem_openapi::OpenApiService;
 use proxies::RoadInstance;
 use tokio::sync::Mutex;
@@ -64,7 +65,6 @@ async fn main() -> Result<(), std::io::Error> {
     // Sideload
     let sideload = OpenApiService::new(sideload::SideloadApi, "Sideload API", "1.0")
         .server("http://localhost:3000/cgi");
-    let sideload_ui = sideload.swagger_ui();
 
     let sideload_server = Server::new(TcpListener::bind(
         config::C
@@ -74,9 +74,14 @@ async fn main() -> Result<(), std::io::Error> {
             .unwrap_or("0.0.0.0:81".to_string()),
     ))
     .run(
-        Route::new()
+        Route::new().nest("/cgi", sideload).with(auth::BasicAuth {
-            .nest("/cgi", sideload)
+            username: "RoadSign".to_string(),
-            .nest("/swagger", sideload_ui),
+            password: config::C
+                .read()
+                .await
+                .get_string("secret")
+                .unwrap_or("password".to_string()),
+        }),
     );
 
     tokio::try_join!(proxies_server, sideload_server)?;

src/proxies/config.rs

@@ -1,18 +1,19 @@
 use std::collections::HashMap;
 
+use poem_openapi::Object;
 use queryst::parse;
 use serde::{Deserialize, Serialize};
 use serde_json::json;
 
 use super::responder::StaticResponderConfig;
 
-#[derive(Debug, Clone, Serialize, Deserialize)]
+#[derive(Debug, Object, Clone, Serialize, Deserialize)]
 pub struct Region {
     pub id: String,
     pub locations: Vec<Location>,
 }
 
-#[derive(Debug, Clone, Serialize, Deserialize)]
+#[derive(Debug, Object, Clone, Serialize, Deserialize)]
 pub struct Location {
     pub id: String,
     pub hosts: Vec<String>,
@@ -23,7 +24,7 @@ pub struct Location {
     pub destinations: Vec<Destination>,
 }
 
-#[derive(Debug, Clone, Serialize, Deserialize)]
+#[derive(Debug, Object, Clone, Serialize, Deserialize)]
 pub struct Destination {
     pub id: String,
     pub uri: String,

src/proxies/metrics.rs

@@ -47,6 +47,8 @@ pub struct RoadMetrics {
     pub recent_errors: VecDeque<RoadTrace>,
 }
 
+const MAX_TRACE_COUNT: usize = 10;
+
 impl RoadMetrics {
     pub fn get_success_rate(&self) -> f64 {
         if self.requests_count > 0 {
@@ -60,6 +62,9 @@ impl RoadMetrics {
         self.requests_count += 1;
         self.recent_successes
             .push_back(RoadTrace::from_structs(reg, loc, end));
+        if self.recent_successes.len() > MAX_TRACE_COUNT {
+            self.recent_successes.pop_front();
+        }
     }
 
     pub fn add_faliure_request(
@@ -73,7 +78,7 @@ impl RoadMetrics {
         self.failures_count += 1;
         self.recent_errors
             .push_back(RoadTrace::from_structs_with_error(reg, loc, end, err));
-        if self.recent_errors.len() > 10 {
+        if self.recent_errors.len() > MAX_TRACE_COUNT {
             self.recent_errors.pop_front();
         }
     }

src/sideload/mod.rs

@@ -1,3 +1,19 @@
+use poem_openapi::OpenApi;
+
 pub mod overview;
+pub mod regions;
 
 pub struct SideloadApi;
+
+#[OpenApi]
+impl SideloadApi {
+    #[oai(path = "/", method = "get")]
+    async fn index(&self) -> overview::OverviewResponse {
+        overview::index().await
+    }
+
+    #[oai(path = "/regions", method = "get")]
+    async fn regions_index(&self) -> regions::RegionResponse {
+        regions::index().await
+    }
+}

src/sideload/overview.rs

@@ -1,4 +1,4 @@
-use poem_openapi::{payload::Json, ApiResponse, Object, OpenApi};
+use poem_openapi::{payload::Json, ApiResponse, Object};
 
 use crate::{
     proxies::{
@@ -8,17 +8,15 @@ use crate::{
     ROAD,
 };
 
-use super::SideloadApi;
-
 #[derive(ApiResponse)]
-enum OverviewResponse {
+pub enum OverviewResponse {
     /// Return the overview data.
     #[oai(status = 200)]
     Ok(Json<OverviewData>),
 }
 
 #[derive(Debug, Object, Clone, PartialEq)]
-struct OverviewData {
+pub struct OverviewData {
     /// Loaded regions count
     #[oai(read_only)]
     regions: usize,
@@ -42,10 +40,7 @@ struct OverviewData {
     recent_errors: Vec<RoadTrace>,
 }
 
-#[OpenApi]
+pub async fn index() -> OverviewResponse {
-impl SideloadApi {
-    #[oai(path = "/", method = "get")]
-    async fn index(&self) -> OverviewResponse {
     let locked_app = ROAD.lock().await;
     let regions = locked_app.regions.clone();
     let locations = regions
@@ -78,4 +73,3 @@ impl SideloadApi {
             .collect::<Vec<_>>(),
     }))
 }
-}

src/sideload/regions.rs

@@ -0,0 +1,25 @@
+use poem_openapi::{payload::Json, ApiResponse};
+
+use crate::{proxies::config::Region, ROAD};
+
+#[derive(ApiResponse)]
+pub enum RegionResponse {
+    /// Return the region data.
+    #[oai(status = 200)]
+    Ok(Json<Region>),
+    /// Return the list of region data.
+    #[oai(status = 200)]
+    OkMany(Json<Vec<Region>>),
+    /// Return the region data after created.
+    #[oai(status = 201)]
+    Created(Json<Region>),
+    /// Return was not found.
+    #[oai(status = 404)]
+    NotFound,
+}
+
+pub async fn index() -> RegionResponse {
+    let locked_app = ROAD.lock().await;
+
+    RegionResponse::OkMany(Json(locked_app.regions.clone()))
+}