snowykami/meilisearch
1
0
Fork 0
mirror of https://github.com/meilisearch/meilisearch.git synced 2024-11-22 18:17:39 +08:00
Code Issues Actions 9 Packages Projects Releases Wiki Activity

split data and api keys

Browse Source
This commit is contained in:
mpostma 2021-09-20 15:31:03 +02:00
parent e14640e530
commit 09d4e37044
4 changed files with 56 additions and 64 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

49
meilisearch-http/src/data/mod.rs
View File

@ -1,8 +1,6 @@
use std::ops::Deref; use std::ops::Deref;
use std::sync::Arc; use std::sync::Arc;
use sha2::Digest;
use crate::index::{Checked, Settings}; use crate::index::{Checked, Settings};
use crate::index_controller::{ use crate::index_controller::{
error::Result, DumpInfo, IndexController, IndexMetadata, IndexStats, Stats, error::Result, DumpInfo, IndexController, IndexMetadata, IndexStats, Stats,
@ -27,32 +25,7 @@ impl Deref for Data {
pub struct DataInner { pub struct DataInner {
pub index_controller: IndexController, pub index_controller: IndexController,
pub api_keys: ApiKeys, //pub api_keys: ApiKeys,
options: Opt,
}
#[derive(Clone)]
pub struct ApiKeys {
pub public: Option<String>,
pub private: Option<String>,
pub master: Option<String>,
}
impl ApiKeys {
pub fn generate_missing_api_keys(&mut self) {
if let Some(master_key) = &self.master {
if self.private.is_none() {
let key = format!("{}-private", master_key);
let sha = sha2::Sha256::digest(key.as_bytes());
self.private = Some(format!("{:x}", sha));
}
if self.public.is_none() {
let key = format!("{}-public", master_key);
let sha = sha2::Sha256::digest(key.as_bytes());
self.public = Some(format!("{:x}", sha));
}
}
}
} }
impl Data { impl Data {
@ -61,18 +34,8 @@ impl Data {
let index_controller = IndexController::new(&path, &options)?; let index_controller = IndexController::new(&path, &options)?;
let mut api_keys = ApiKeys {
master: options.clone().master_key,
private: None,
public: None,
};
api_keys.generate_missing_api_keys();
let inner = DataInner { let inner = DataInner {
index_controller, index_controller,
api_keys,
options,
}; };
let inner = Arc::new(inner); let inner = Arc::new(inner);
@ -120,14 +83,4 @@ impl Data {
pub async fn dump_status(&self, uid: String) -> Result<DumpInfo> { pub async fn dump_status(&self, uid: String) -> Result<DumpInfo> {
Ok(self.index_controller.dump_info(uid).await?) Ok(self.index_controller.dump_info(uid).await?)
} }
#[inline]
pub fn http_payload_size_limit(&self) -> usize {
self.options.http_payload_size_limit.get_bytes() as usize
}
#[inline]
pub fn api_keys(&self) -> &ApiKeys {
&self.api_keys
}
} }

54
meilisearch-http/src/lib.rs
View File

@ -58,11 +58,41 @@ use actix_web::web;
use extractors::authentication::policies::*; use extractors::authentication::policies::*;
use extractors::payload::PayloadConfig; use extractors::payload::PayloadConfig;
use sha2::Digest;
pub fn configure_data(config: &mut web::ServiceConfig, data: Data) { #[derive(Clone)]
let http_payload_size_limit = data.http_payload_size_limit(); pub struct ApiKeys {
pub public: Option<String>,
pub private: Option<String>,
pub master: Option<String>,
}
impl ApiKeys {
pub fn generate_missing_api_keys(&mut self) {
if let Some(master_key) = &self.master {
if self.private.is_none() {
let key = format!("{}-private", master_key);
let sha = sha2::Sha256::digest(key.as_bytes());
self.private = Some(format!("{:x}", sha));
}
if self.public.is_none() {
let key = format!("{}-public", master_key);
let sha = sha2::Sha256::digest(key.as_bytes());
self.public = Some(format!("{:x}", sha));
}
}
}
}
pub fn configure_data(
config: &mut web::ServiceConfig,
data: Data,
opt: &Opt,
) {
let http_payload_size_limit = opt.http_payload_size_limit.get_bytes() as usize;
config config
.app_data(web::Data::new(data.clone())) .app_data(web::Data::new(data.clone()))
// TODO!: Why are we passing the data with two different things?
.app_data(data) .app_data(data)
.app_data( .app_data(
web::JsonConfig::default() web::JsonConfig::default()
@ -77,8 +107,15 @@ pub fn configure_data(config: &mut web::ServiceConfig, data: Data) {
); );
} }
pub fn configure_auth(config: &mut web::ServiceConfig, data: &Data) { pub fn configure_auth(config: &mut web::ServiceConfig, opts: &Opt) {
let keys = data.api_keys(); let mut keys = ApiKeys {
master: opts.master_key.clone(),
private: None,
public: None,
};
keys.generate_missing_api_keys();
let auth_config = if let Some(ref master_key) = keys.master { let auth_config = if let Some(ref master_key) = keys.master {
let private_key = keys.private.as_ref().unwrap(); let private_key = keys.private.as_ref().unwrap();
let public_key = keys.public.as_ref().unwrap(); let public_key = keys.public.as_ref().unwrap();
@ -94,7 +131,8 @@ pub fn configure_auth(config: &mut web::ServiceConfig, data: &Data) {
AuthConfig::NoAuth AuthConfig::NoAuth
}; };
config.app_data(auth_config); config.app_data(auth_config)
.app_data(keys);
} }
#[cfg(feature = "mini-dashboard")] #[cfg(feature = "mini-dashboard")]
@ -138,7 +176,7 @@ pub fn dashboard(config: &mut web::ServiceConfig, _enable_frontend: bool) {
#[macro_export] #[macro_export]
macro_rules! create_app { macro_rules! create_app {
($data:expr, $enable_frontend:expr) => {{ ($data:expr, $enable_frontend:expr, $opt:expr) => {{
use actix_cors::Cors; use actix_cors::Cors;
use actix_web::middleware::TrailingSlash; use actix_web::middleware::TrailingSlash;
use actix_web::App; use actix_web::App;
@ -147,8 +185,8 @@ macro_rules! create_app {
use meilisearch_http::{configure_auth, configure_data, dashboard}; use meilisearch_http::{configure_auth, configure_data, dashboard};
App::new() App::new()
.configure(|s| configure_data(s, $data.clone())) .configure(|s| configure_data(s, $data.clone(), &$opt))
.configure(|s| configure_auth(s, &$data)) .configure(|s| configure_auth(s, &$opt))
.configure(routes::configure) .configure(routes::configure)
.configure(|s| dashboard(s, $enable_frontend)) .configure(|s| dashboard(s, $enable_frontend))
.wrap( .wrap(

11
meilisearch-http/src/main.rs
View File

@ -64,7 +64,7 @@ async fn main() -> anyhow::Result<()> {
tokio::task::spawn(analytics::analytics_sender(analytics_data, analytics_opt)); tokio::task::spawn(analytics::analytics_sender(analytics_data, analytics_opt));
} }
print_launch_resume(&opt, &data); print_launch_resume(&opt);
run_http(data, opt).await?; run_http(data, opt).await?;
@ -73,7 +73,8 @@ async fn main() -> anyhow::Result<()> {
async fn run_http(data: Data, opt: Opt) -> anyhow::Result<()> { async fn run_http(data: Data, opt: Opt) -> anyhow::Result<()> {
let _enable_dashboard = &opt.env == "development"; let _enable_dashboard = &opt.env == "development";
let http_server = HttpServer::new(move || create_app!(data, _enable_dashboard)) let opt_clone = opt.clone();
let http_server = HttpServer::new(move || create_app!(data, _enable_dashboard, opt_clone))
// Disable signals allows the server to terminate immediately when a user enter CTRL-C // Disable signals allows the server to terminate immediately when a user enter CTRL-C
.disable_signals(); .disable_signals();
@ -83,12 +84,12 @@ async fn run_http(data: Data, opt: Opt) -> anyhow::Result<()> {
.run() .run()
.await?; .await?;
} else { } else {
http_server.bind(opt.http_addr)?.run().await?; http_server.bind(&opt.http_addr)?.run().await?;
} }
Ok(()) Ok(())
} }
pub fn print_launch_resume(opt: &Opt, data: &Data) { pub fn print_launch_resume(opt: &Opt) {
let commit_sha = option_env!("VERGEN_GIT_SHA").unwrap_or("unknown"); let commit_sha = option_env!("VERGEN_GIT_SHA").unwrap_or("unknown");
let commit_date = option_env!("VERGEN_GIT_COMMIT_TIMESTAMP").unwrap_or("unknown"); let commit_date = option_env!("VERGEN_GIT_COMMIT_TIMESTAMP").unwrap_or("unknown");
@ -133,7 +134,7 @@ Anonymous telemetry: \"Enabled\""
eprintln!(); eprintln!();
if data.api_keys().master.is_some() { if opt.master_key.is_some() {
eprintln!("A Master Key has been set. Requests to MeiliSearch won't be authorized unless you provide an authentication key."); eprintln!("A Master Key has been set. Requests to MeiliSearch won't be authorized unless you provide an authentication key.");
} else { } else {
eprintln!("No master key found; The server will accept unidentified requests. \ eprintln!("No master key found; The server will accept unidentified requests. \

6
meilisearch-http/src/routes/mod.rs
View File

@ -10,7 +10,7 @@ use crate::extractors::authentication::{policies::*, GuardedData};
use crate::index::{Settings, Unchecked}; use crate::index::{Settings, Unchecked};
use crate::index_controller::update_actor::RegisterUpdate; use crate::index_controller::update_actor::RegisterUpdate;
use crate::index_controller::{UpdateResult, UpdateStatus}; use crate::index_controller::{UpdateResult, UpdateStatus};
use crate::Data; use crate::{ApiKeys, Data};
mod dump; mod dump;
mod indexes; mod indexes;
@ -262,8 +262,8 @@ struct KeysResponse {
public: Option<String>, public: Option<String>,
} }
pub async fn list_keys(data: GuardedData<Admin, Data>) -> HttpResponse { pub async fn list_keys(data: GuardedData<Admin, ApiKeys>) -> HttpResponse {
let api_keys = data.api_keys.clone(); let api_keys = (*data).clone();
HttpResponse::Ok().json(&KeysResponse { HttpResponse::Ok().json(&KeysResponse {
private: api_keys.private, private: api_keys.private,
public: api_keys.public, public: api_keys.public,