From f6486b2c1a34363a33b0de52f6dbab855d667253 Mon Sep 17 00:00:00 2001 From: _ <> Date: Sat, 12 Dec 2020 01:26:58 +0000 Subject: [PATCH] :wrench: config (ptth_relay): add feature flags - dev mode - scraper auth These will gate features I'm adding soon. --- crates/ptth_relay/src/config.rs | 14 +++++++++++ crates/ptth_relay/src/lib.rs | 6 +++++ issues/2020-12Dec/auth-route-YNQAQKJS.md | 32 ++++++++++++------------ src/tests.rs | 1 + 4 files changed, 37 insertions(+), 16 deletions(-) diff --git a/crates/ptth_relay/src/config.rs b/crates/ptth_relay/src/config.rs index e6d1a46..f8ad9bd 100644 --- a/crates/ptth_relay/src/config.rs +++ b/crates/ptth_relay/src/config.rs @@ -23,10 +23,22 @@ pub mod file { pub display_name: Option , } + // Stuff that's identical between the file and the runtime structures + + #[derive (Default, Deserialize)] + pub struct Isomorphic { + #[serde (default)] + pub enable_dev_mode: bool, + #[serde (default)] + pub enable_scraper_auth: bool, + } + #[derive (Deserialize)] pub struct Config { pub port: Option , pub servers: Vec , + #[serde (flatten)] + pub iso: Isomorphic, } } @@ -39,6 +51,7 @@ pub struct Server { pub struct Config { pub servers: HashMap , + pub iso: file::Isomorphic, } impl TryFrom for Server { @@ -68,6 +81,7 @@ impl TryFrom for Config { Ok (Self { servers, + iso: f.iso, }) } } diff --git a/crates/ptth_relay/src/lib.rs b/crates/ptth_relay/src/lib.rs index c3ed79f..ee9161b 100644 --- a/crates/ptth_relay/src/lib.rs +++ b/crates/ptth_relay/src/lib.rs @@ -495,6 +495,12 @@ async fn reload_config ( (*config) = new_config; debug! ("Loaded {} server configs", config.servers.len ()); + debug! ("enable_dev_mode: {}", config.iso.enable_dev_mode); + debug! ("enable_scraper_auth: {}", config.iso.enable_scraper_auth); + + if config.iso.enable_dev_mode { + error! ("Dev mode is enabled! This might turn off some security features. If you see this in production, escalate it to someone!"); + } Ok (()) } diff --git a/issues/2020-12Dec/auth-route-YNQAQKJS.md b/issues/2020-12Dec/auth-route-YNQAQKJS.md index 2561d30..fec8b62 100644 --- a/issues/2020-12Dec/auth-route-YNQAQKJS.md +++ b/issues/2020-12Dec/auth-route-YNQAQKJS.md @@ -31,22 +31,22 @@ stronger is ready. ## Proposed impl plan -- Add feature flags to ptth_relay.toml for dev mode and scrapers -- Make sure Docker release CAN build -- Add failing test to block releases -- Make sure `cargo test` fails and Docker release can NOT build -- Add hard-coded hash of 1 API key, with 1 week expiration -- (POC) Test with curl -- Manually create SQLite DB for API keys, add 1 hash -- Impl DB reads -- Remove hard-coded API key -- Make sure `cargo test` passes and Docker CAN build -- (MVP) Test with curl -- Impl and test DB init / migration -- Impl DB writes (Add / revoke keys) as CLI commands -- Implement API (Behind X-Email auth) for that, test with curl -- Set up mitmproxy or something to add X-Email header in dev env -- Implement web UI (Behind X-Email) +- (X) Add feature flags to ptth_relay.toml for dev mode and scrapers +- ( ) Make sure Docker release CAN build +- ( ) Add failing test to block releases +- ( ) Make sure `cargo test` fails and Docker release can NOT build +- ( ) Add hard-coded hash of 1 API key, with 1 week expiration +- ( ) (POC) Test with curl +- ( ) Manually create SQLite DB for API keys, add 1 hash +- ( ) Impl DB reads +- ( ) Remove hard-coded API key +- ( ) Make sure `cargo test` passes and Docker CAN build +- ( ) (MVP) Test with curl +- ( ) Impl and test DB init / migration +- ( ) Impl DB writes (Add / revoke keys) as CLI commands +- ( ) Implement API (Behind X-Email auth) for that, test with curl +- ( ) Set up mitmproxy or something to add X-Email header in dev env +- ( ) Implement web UI (Behind X-Email) POC is the proof-of-concept - At this point we will know that in theory the feature can work. diff --git a/src/tests.rs b/src/tests.rs index a0eb534..993faef 100644 --- a/src/tests.rs +++ b/src/tests.rs @@ -39,6 +39,7 @@ fn end_to_end () { display_name: None, }, ], + iso: Default::default (), }; let config = ptth_relay::config::Config::try_from (config_file).expect ("Can't load config");