Compare commits

...

26 Commits

Author SHA1 Message Date
1f88524c16
feat: add basic ci
Some checks failed
continuous-integration/drone/push Build is failing
Signed-off-by: kjuulh <contact@kjuulh.io>
2023-10-22 12:31:53 +02:00
71b5a63700
feat: with como_web
Some checks failed
continuous-integration/drone/push Build is failing
Signed-off-by: kjuulh <contact@kjuulh.io>
2023-10-21 11:23:11 +02:00
6e16fc6b2b
feat: move project to crates
Signed-off-by: kjuulh <contact@kjuulh.io>
2023-10-21 11:14:58 +02:00
381b472eca
feat: with mold
Some checks failed
continuous-integration/drone/push Build is failing
Signed-off-by: kjuulh <contact@kjuulh.io>
2023-09-08 21:40:09 +02:00
491ec81298
feat: allow dead code
Some checks failed
continuous-integration/drone/push Build is failing
Signed-off-by: kjuulh <contact@kjuulh.io>
2023-09-05 22:05:17 +02:00
cdeefba39a
feat(auth): with basic auth options
Some checks failed
continuous-integration/drone/push Build is failing
Signed-off-by: kjuulh <contact@kjuulh.io>
2023-08-20 21:19:54 +02:00
ec483ce875
chore(fmt): run clippy fix
Some checks failed
continuous-integration/drone/push Build is failing
Signed-off-by: kjuulh <contact@kjuulh.io>
2023-08-20 17:23:19 +02:00
1f13172ec0
fix(auth): remove rest of todos for hot path
Some checks failed
continuous-integration/drone/push Build is failing
Signed-off-by: kjuulh <contact@kjuulh.io>
2023-08-20 16:29:07 +02:00
7a71f9b106
chore: fmt
Some checks failed
continuous-integration/drone/push Build is failing
Signed-off-by: kjuulh <contact@kjuulh.io>
2023-08-20 16:05:27 +02:00
57d30f2129
chore(fmt): run clippy fix
Some checks failed
continuous-integration/drone/push Build is failing
Signed-off-by: kjuulh <contact@kjuulh.io>
2023-08-20 14:09:15 +02:00
e6084a7f4e
feat(auth): add authentication integration
Some checks failed
continuous-integration/drone/push Build is failing
Signed-off-by: kjuulh <contact@kjuulh.io>
2023-08-20 14:08:40 +02:00
48d09c8ae3
refactor(auth): dyn Introspection
Some checks failed
continuous-integration/drone/push Build is failing
Signed-off-by: kjuulh <contact@kjuulh.io>
2023-08-20 12:08:14 +02:00
f65e85dbe1
feat(auth): add file merge as base
Some checks failed
continuous-integration/drone/push Build is failing
Signed-off-by: kjuulh <contact@kjuulh.io>
2023-08-20 01:44:54 +02:00
acde8b17e1
refactor(auth): setup convenience for OAuth
Some checks failed
continuous-integration/drone/push Build is failing
Signed-off-by: kjuulh <contact@kjuulh.io>
2023-08-20 01:25:46 +02:00
0bb7074334
refactor(auth): move into central auth-engine setup
Some checks failed
continuous-integration/drone/push Build is failing
Signed-off-by: kjuulh <contact@kjuulh.io>
2023-08-20 01:15:11 +02:00
5837ee0288
chore(auth): with introspection
Signed-off-by: kjuulh <contact@kjuulh.io>
2023-08-20 00:23:27 +02:00
0893f285a3
chore(auth): add config and tests
Signed-off-by: kjuulh <contact@kjuulh.io>
2023-08-19 23:59:33 +02:00
a2db6ca64a
chore(auth): add tests
Signed-off-by: kjuulh <contact@kjuulh.io>
2023-08-19 16:43:50 +02:00
7dcd3b4efe
feat(auth): add base oauth client
Signed-off-by: kjuulh <contact@kjuulh.io>
2023-08-19 16:24:08 +02:00
48e9d73e6d
feat(auth): add base oauth client
Signed-off-by: kjuulh <contact@kjuulh.io>
2023-08-19 16:15:17 +02:00
5e879b7ef2
feat(auth): add base oauth client
Signed-off-by: kjuulh <contact@kjuulh.io>
2023-08-19 15:42:29 +02:00
9d064a1287
feat: with comments and abort
Some checks failed
continuous-integration/drone/push Build is failing
continuous-integration/drone Build is failing
Signed-off-by: kjuulh <contact@kjuulh.io>
2023-07-27 16:58:40 +02:00
258dc8779c
feat: with setup ssh
Some checks failed
continuous-integration/drone/push Build is failing
Signed-off-by: kjuulh <contact@kjuulh.io>
2023-07-27 16:57:51 +02:00
1192f366f0 Merge pull request 'Configure Renovate' (#18) from renovate/configure into main
Some checks reported errors
continuous-integration/drone/push Build was killed
continuous-integration/drone Build is failing
Reviewed-on: #18
2023-07-27 14:47:39 +00:00
8ec89ed678 Add renovate.json
Some checks reported errors
continuous-integration/drone/pr Build was killed
continuous-integration/drone/push Build was killed
2023-07-27 14:46:57 +00:00
0b966816a8
feat: with template
Some checks reported errors
continuous-integration/drone/push Build encountered an error
continuous-integration/drone Build is failing
Signed-off-by: kjuulh <contact@kjuulh.io>
2023-07-27 16:44:18 +02:00
121 changed files with 9778 additions and 996 deletions

3
.cargo/config.toml Normal file
View File

@ -0,0 +1,3 @@
[target.x86_64-unknown-linux-gnu]
linker = "/usr/bin/clang"
rustflags = ["-C", "link-arg=--ld-path=/usr/bin/mold"]

View File

@ -1,88 +1,3 @@
kind: pipeline
name: default
type: docker
steps:
- name: load_secret
image: debian:buster-slim
volumes:
- name: ssh
path: /root/.ssh/
environment:
SSH_KEY:
from_secret: gitea_id_ed25519
commands:
- mkdir -p $HOME/.ssh/
- echo "$SSH_KEY" | base64 -d > $HOME/.ssh/id_ed25519
- name: build
image: kasperhermansen/cuddle:latest
pull: always
volumes:
- name: ssh
path: /root/.ssh/
- name: dockersock
path: /var/run
commands:
- apk add bash git
- git remote set-url origin $DRONE_GIT_SSH_URL
- cuddle_cli x setup_ssh
- cuddle_cli x start_deployment
- cuddle_cli x render_templates
- cuddle_cli x render_como_templates
- cuddle_cli x build_release
- cuddle_cli x push_release
- cuddle_cli x deploy_release
environment:
DOCKER_BUILDKIT: 1
DOCKER_USERNAME:
from_secret: docker_username
DOCKER_PASSWORD:
from_secret: docker_password
SSH_KEY:
from_secret: gitea_id_ed25519
- name: push_tags
image: kasperhermansen/drone-semantic-release:latest
pull: always
volumes:
- name: ssh
path: /root/.ssh/
- name: dockersock
path: /var/run
commands:
- semantic-release --no-ci
environment:
DOCKER_BUILDKIT: 1
SSH_KEY:
from_secret: gitea_id_ed25519
depends_on:
- build
- name: send telegram notification
image: appleboy/drone-telegram
settings:
token:
from_secret: telegram_token
to: 2129601481
format: markdown
depends_on:
- build
- push_tags
when:
status: [failure, success]
services:
- name: docker
image: docker:dind
privileged: true
volumes:
- name: dockersock
path: /var/run
volumes:
- name: ssh
temp: {}
- name: dockersock
temp: {}
kind: template
load: drone-template.yaml
name: como

2364
Cargo.lock generated

File diff suppressed because it is too large Load Diff

View File

@ -1,21 +1,18 @@
[workspace]
members = [
"como_bin",
"como_core",
"como_domain",
"como_infrastructure",
"como_gql",
"como_api",
"crates/*",
"ci"
]
resolver = "2"
[workspace.dependencies]
como_bin = { path = "./como_bin/" }
como_core = { path = "./como_core/" }
como_domain = { path = "./como_domain/" }
como_infrastructure = { path = "./como_infrastructure/" }
como_gql = { path = "./como_gql/" }
como_api = { path = "./como_api/" }
como_bin = { path = "./crates/como_bin/" }
como_core = { path = "./crates/como_core/" }
como_domain = { path = "./crates/como_domain/" }
como_infrastructure = { path = "./crates/como_infrastructure/" }
como_gql = { path = "./crates/como_gql/" }
como_api = { path = "./crates/como_api/" }
como_auth = { path = "./crates/como_auth/" }
async-trait = "0.1.68"
async-graphql = { version = "5.0.9", features = ["uuid"] }
@ -51,3 +48,6 @@ clap = { version = "4.3.0", features = ["derive", "env"] }
argon2 = { version = "0.5.0" }
rand_core = { version = "0.6.4" }
pretty_assertions = "1.4.0"
sealed_test = "1.0.0"

8
ci/Cargo.toml Normal file
View File

@ -0,0 +1,8 @@
[package]
name = "ci"
version = "0.1.0"
edition = "2021"
# See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html
[dependencies]

3
ci/src/main.rs Normal file
View File

@ -0,0 +1,3 @@
fn main() {
println!("Hello, world!");
}

View File

@ -1,186 +0,0 @@
use std::borrow::Cow;
use crate::router::AppState;
use crate::zitadel::{IntrospectionConfig, IntrospectionState};
use async_sqlx_session::PostgresSessionStore;
use axum::extract::{FromRef, FromRequestParts, Query, State};
use axum::headers::authorization::Basic;
use axum::headers::{Authorization, Cookie};
use axum::http::request::Parts;
use axum::http::StatusCode;
use axum::http::{header::SET_COOKIE, HeaderMap};
use axum::response::{IntoResponse, Redirect};
use axum::routing::get;
use axum::{async_trait, RequestPartsExt, Router, TypedHeader};
use axum_sessions::async_session::{Session, SessionStore};
use como_domain::users::User;
use como_infrastructure::register::ServiceRegister;
use oauth2::basic::BasicClient;
use oauth2::{reqwest::async_http_client, AuthorizationCode, CsrfToken, Scope, TokenResponse};
use oauth2::{RedirectUrl, TokenIntrospectionResponse};
use serde::Deserialize;
use zitadel::oidc::introspection::introspect;
#[derive(Debug, Deserialize)]
pub struct ZitadelAuthParams {
return_url: Option<String>,
}
pub async fn zitadel_auth(State(client): State<BasicClient>) -> impl IntoResponse {
let (auth_url, _csrf_token) = client
.authorize_url(CsrfToken::new_random)
.add_scope(Scope::new("identify".to_string()))
.add_scope(Scope::new("openid".to_string()))
.url();
Redirect::to(auth_url.as_ref())
}
pub static COOKIE_NAME: &str = "SESSION";
#[derive(Debug, Deserialize)]
#[allow(dead_code)]
pub struct AuthRequest {
code: String,
state: String,
}
pub async fn login_authorized(
Query(query): Query<AuthRequest>,
State(store): State<PostgresSessionStore>,
State(oauth_client): State<BasicClient>,
State(introspection_state): State<IntrospectionState>,
) -> impl IntoResponse {
let token = oauth_client
.exchange_code(AuthorizationCode::new(query.code.clone()))
.request_async(async_http_client)
.await
.unwrap();
let config = IntrospectionConfig::from_ref(&introspection_state);
let res = introspect(
&config.introspection_uri,
&config.authority,
&config.authentication,
token.access_token().secret(),
)
.await
.unwrap();
let mut session = Session::new();
session
.insert(
"user",
User {
id: res.sub().unwrap().into(),
},
)
.unwrap();
let cookie = store.store_session(session).await.unwrap().unwrap();
let cookie = format!("{}={}; SameSite=Lax; Path=/", COOKIE_NAME, cookie);
let mut headers = HeaderMap::new();
headers.insert(SET_COOKIE, cookie.parse().unwrap());
(headers, Redirect::to("http://localhost:3000/dash/home"))
}
pub struct AuthController;
impl AuthController {
pub async fn new_router(
_service_register: ServiceRegister,
app_state: AppState,
) -> anyhow::Result<Router> {
Ok(Router::new()
.route("/zitadel", get(zitadel_auth))
.route("/authorized", get(login_authorized))
.with_state(app_state))
}
}
pub struct UserFromSession {
pub user: User,
}
#[async_trait]
impl<S> FromRequestParts<S> for UserFromSession
where
PostgresSessionStore: FromRef<S>,
BasicClient: FromRef<S>,
IntrospectionState: FromRef<S>,
S: Send + Sync,
{
type Rejection = (StatusCode, &'static str);
async fn from_request_parts(parts: &mut Parts, state: &S) -> Result<Self, Self::Rejection> {
let store = PostgresSessionStore::from_ref(state);
let cookie: Option<TypedHeader<Cookie>> = parts.extract().await.unwrap();
let session_cookie = cookie.as_ref().and_then(|cookie| cookie.get(COOKIE_NAME));
if let None = session_cookie {
let introspection_state = IntrospectionState::from_ref(state);
let basic: Option<TypedHeader<Authorization<Basic>>> = parts.extract().await.unwrap();
if let Some(basic) = basic {
let config = IntrospectionConfig::from_ref(&introspection_state);
let res = introspect(
&config.introspection_uri,
&config.authority,
&config.authentication,
basic.password(),
)
.await
.unwrap();
return Ok(UserFromSession {
user: User {
id: res.sub().unwrap().into(),
},
});
}
return Err((StatusCode::UNAUTHORIZED, "No session was found"));
}
let session_cookie = session_cookie.unwrap();
tracing::debug!(
"UserFromSession: got session cookie from user agent, {}={}",
COOKIE_NAME,
session_cookie
);
// continue to decode the session cookie
let user =
if let Some(session) = store.load_session(session_cookie.to_owned()).await.unwrap() {
if let Some(user) = session.get::<User>("user") {
tracing::debug!(
"UserFromSession: session decoded success, user_id={:?}",
user.id
);
user
} else {
return Err((
StatusCode::INTERNAL_SERVER_ERROR,
"No `user_id` found in session",
));
}
} else {
tracing::debug!(
"UserIdFromSession: err session not exists in store, {}={}",
COOKIE_NAME,
session_cookie
);
return Err((StatusCode::BAD_REQUEST, "No session found for cookie"));
};
Ok(UserFromSession { user })
}
}

View File

@ -1,20 +0,0 @@
use oauth2::{basic::BasicClient, AuthUrl, ClientId, ClientSecret, RedirectUrl, TokenUrl};
use std::env;
pub fn oauth_client() -> BasicClient {
let client_id = env::var("CLIENT_ID").expect("Missing CLIENT_ID!");
let client_secret = env::var("CLIENT_SECRET").expect("Missing CLIENT_SECRET!");
let redirect_url = env::var("REDIRECT_URL").expect("missing REDIRECT_URL");
let auth_url = env::var("AUTH_URL").expect("missing AUTH_URL");
let token_url = env::var("TOKEN_URL").expect("missing TOKEN_URL");
BasicClient::new(
ClientId::new(client_id),
Some(ClientSecret::new(client_secret)),
AuthUrl::new(auth_url).unwrap(),
Some(TokenUrl::new(token_url).unwrap()),
)
.set_redirect_uri(RedirectUrl::new(redirect_url).unwrap())
}

View File

@ -1,90 +0,0 @@
pub mod client;
use axum::extract::FromRef;
use openidconnect::IntrospectionUrl;
use zitadel::{
axum::introspection::IntrospectionStateBuilderError,
credentials::Application,
oidc::{discovery::discover, introspection::AuthorityAuthentication},
};
#[derive(Clone, Debug)]
pub struct IntrospectionState {
pub(crate) config: IntrospectionConfig,
}
/// Configuration that must be inject into the axum application state. Used by the
/// [IntrospectionStateBuilder](super::IntrospectionStateBuilder). This struct is also used to create the [IntrospectionState](IntrospectionState)
#[derive(Debug, Clone)]
pub struct IntrospectionConfig {
pub(crate) authority: String,
pub(crate) authentication: AuthorityAuthentication,
pub(crate) introspection_uri: IntrospectionUrl,
}
impl FromRef<IntrospectionState> for IntrospectionConfig {
fn from_ref(input: &IntrospectionState) -> Self {
input.config.clone()
}
}
pub struct IntrospectionStateBuilder {
authority: String,
authentication: Option<AuthorityAuthentication>,
}
/// Builder for [IntrospectionConfig]
impl IntrospectionStateBuilder {
pub fn new(authority: &str) -> Self {
Self {
authority: authority.to_string(),
authentication: None,
}
}
pub fn with_basic_auth(
&mut self,
client_id: &str,
client_secret: &str,
) -> &mut IntrospectionStateBuilder {
self.authentication = Some(AuthorityAuthentication::Basic {
client_id: client_id.to_string(),
client_secret: client_secret.to_string(),
});
self
}
pub fn with_jwt_profile(&mut self, application: Application) -> &mut IntrospectionStateBuilder {
self.authentication = Some(AuthorityAuthentication::JWTProfile { application });
self
}
pub async fn build(&mut self) -> Result<IntrospectionState, IntrospectionStateBuilderError> {
if self.authentication.is_none() {
return Err(IntrospectionStateBuilderError::NoAuthSchema);
}
let metadata = discover(&self.authority)
.await
.map_err(|source| IntrospectionStateBuilderError::Discovery { source })?;
let introspection_uri = metadata
.additional_metadata()
.introspection_endpoint
.clone();
if introspection_uri.is_none() {
return Err(IntrospectionStateBuilderError::NoIntrospectionUrl);
}
Ok(IntrospectionState {
config: IntrospectionConfig {
authority: self.authority.clone(),
introspection_uri: introspection_uri.unwrap(),
authentication: self.authentication.as_ref().unwrap().clone(),
},
})
}
}

View File

@ -10,7 +10,9 @@ como_gql.workspace = true
como_core.workspace = true
como_domain.workspace = true
como_infrastructure.workspace = true
como_auth.workspace = true
async-trait.workspace = true
async-graphql.workspace = true
async-graphql-axum.workspace = true
axum.workspace = true

View File

@ -0,0 +1,160 @@
use std::fmt::Display;
use crate::router::AppState;
use axum::extract::{FromRef, FromRequestParts, Query, State};
use axum::headers::authorization::Basic;
use axum::headers::{Authorization, Cookie};
use axum::http::request::Parts;
use axum::http::StatusCode;
use axum::response::{ErrorResponse, IntoResponse, Redirect};
use axum::routing::get;
use axum::{async_trait, Json, RequestPartsExt, Router, TypedHeader};
use como_domain::users::User;
use como_infrastructure::register::ServiceRegister;
use serde::Deserialize;
use serde_json::json;
#[derive(Debug, Deserialize)]
pub struct ZitadelAuthParams {
#[allow(dead_code)]
return_url: Option<String>,
}
trait AnyhowExtensions<T, E>
where
E: Display,
{
fn into_response(self) -> Result<T, ErrorResponse>;
}
impl<T, E> AnyhowExtensions<T, E> for anyhow::Result<T, E>
where
E: Display,
{
fn into_response(self) -> Result<T, ErrorResponse> {
match self {
Ok(o) => Ok(o),
Err(e) => {
tracing::error!("failed with anyhow error: {}", e);
Err(ErrorResponse::from((
StatusCode::INTERNAL_SERVER_ERROR,
Json(json!({
"status": "something",
})),
)))
}
}
}
}
pub async fn zitadel_auth(
State(services): State<ServiceRegister>,
) -> Result<impl IntoResponse, ErrorResponse> {
let url = services.auth_service.login().await.into_response()?;
Ok(Redirect::to(&url.to_string()))
}
#[derive(Debug, Deserialize)]
#[allow(dead_code)]
pub struct AuthRequest {
code: String,
state: String,
}
pub async fn login_authorized(
Query(query): Query<AuthRequest>,
State(services): State<ServiceRegister>,
) -> Result<impl IntoResponse, ErrorResponse> {
let (headers, url) = services
.auth_service
.login_authorized(&query.code, &query.state)
.await
.into_response()?;
Ok((headers, Redirect::to(url.as_str())))
}
pub struct AuthController;
impl AuthController {
pub async fn new_router(
_service_register: ServiceRegister,
app_state: AppState,
) -> anyhow::Result<Router> {
Ok(Router::new()
.route("/zitadel", get(zitadel_auth))
.route("/authorized", get(login_authorized))
.with_state(app_state))
}
}
pub struct UserFromSession {
pub user: User,
}
pub static COOKIE_NAME: &str = "SESSION";
#[async_trait]
impl<S> FromRequestParts<S> for UserFromSession
where
ServiceRegister: FromRef<S>,
S: Send + Sync,
{
type Rejection = (StatusCode, &'static str);
async fn from_request_parts(parts: &mut Parts, state: &S) -> Result<Self, Self::Rejection> {
let services = ServiceRegister::from_ref(state);
let cookie: Option<TypedHeader<Cookie>> = parts.extract().await.unwrap();
let session_cookie = cookie.as_ref().and_then(|cookie| cookie.get(COOKIE_NAME));
if let None = session_cookie {
let basic: Option<TypedHeader<Authorization<Basic>>> = parts.extract().await.unwrap();
if let Some(basic) = basic {
let token = services
.auth_service
.login_token(basic.username(), basic.password())
.await
.into_response()
.map_err(|_| {
(
StatusCode::INTERNAL_SERVER_ERROR,
"could not get token from basic",
)
})?;
return Ok(UserFromSession {
user: User { id: token },
});
}
return Err(anyhow::anyhow!("No session was found"))
.into_response()
.map_err(|_| (StatusCode::INTERNAL_SERVER_ERROR, "did not find a cookie"))?;
}
let session_cookie = session_cookie.unwrap();
// continue to decode the session cookie
let user = services
.auth_service
.get_user_from_session(session_cookie)
.await
.into_response()
.map_err(|_| {
(
StatusCode::INTERNAL_SERVER_ERROR,
"failed to decode session cookie",
)
})?;
Ok(UserFromSession {
user: User { id: user.id },
})
}
}

View File

@ -1,19 +1,15 @@
use std::env;
use anyhow::Context;
use async_sqlx_session::PostgresSessionStore;
use axum::extract::FromRef;
use axum::http::{HeaderValue, Method};
use axum::Router;
use como_infrastructure::register::ServiceRegister;
use oauth2::basic::BasicClient;
use tower::ServiceBuilder;
use tower_http::{cors::CorsLayer, trace::TraceLayer};
use crate::controllers::auth::AuthController;
use crate::controllers::graphql::GraphQLController;
use crate::zitadel::client::oauth_client;
use crate::zitadel::{IntrospectionState, IntrospectionStateBuilder};
pub struct Api;
@ -23,20 +19,8 @@ impl Api {
cors_origin: &str,
service_register: ServiceRegister,
) -> anyhow::Result<()> {
let client_id = env::var("CLIENT_ID").expect("Missing CLIENT_ID!");
let client_secret = env::var("CLIENT_SECRET").expect("Missing CLIENT_SECRET!");
let zitadel_url = env::var("ZITADEL_URL").expect("missing ZITADEL_URL");
let is = IntrospectionStateBuilder::new(&zitadel_url)
.with_basic_auth(&client_id, &client_secret)
.build()
.await?;
let oauth_client = oauth_client();
let app_state = AppState {
oauth_client,
store: service_register.session_store.clone(),
introspection_state: is,
service_register: service_register.clone(),
};
let router = Router::new()
@ -79,25 +63,11 @@ impl Api {
#[derive(Clone)]
pub struct AppState {
oauth_client: BasicClient,
introspection_state: IntrospectionState,
store: PostgresSessionStore,
service_register: ServiceRegister,
}
impl FromRef<AppState> for BasicClient {
fn from_ref(state: &AppState) -> Self {
state.oauth_client.clone()
}
}
impl FromRef<AppState> for PostgresSessionStore {
fn from_ref(state: &AppState) -> Self {
state.store.clone()
}
}
impl FromRef<AppState> for IntrospectionState {
impl FromRef<AppState> for ServiceRegister {
fn from_ref(input: &AppState) -> Self {
input.introspection_state.clone()
input.service_register.clone()
}
}

View File

@ -0,0 +1,67 @@
use async_trait::async_trait;
use oauth2::{basic::BasicClient, AuthUrl, ClientId, ClientSecret, RedirectUrl, TokenUrl};
use std::{env, ops::Deref, sync::Arc};
#[async_trait]
pub trait OAuthClient {
async fn get_token(&self) -> anyhow::Result<()>;
}
pub struct OAuth(Arc<dyn OAuthClient + Send + Sync + 'static>);
impl OAuth {
pub fn new_zitadel() -> Self {
Self(Arc::new(ZitadelOAuthClient {
client: oauth_client(),
}))
}
pub fn new_noop() -> Self {
Self(Arc::new(NoopOAuthClient {}))
}
}
impl Deref for OAuth {
type Target = Arc<dyn OAuthClient + Send + Sync + 'static>;
fn deref(&self) -> &Self::Target {
&self.0
}
}
pub struct NoopOAuthClient;
#[async_trait]
impl OAuthClient for NoopOAuthClient {
async fn get_token(&self) -> anyhow::Result<()> {
Ok(())
}
}
pub struct ZitadelOAuthClient {
client: BasicClient,
}
#[async_trait]
impl OAuthClient for ZitadelOAuthClient {
async fn get_token(&self) -> anyhow::Result<()> {
Ok(())
}
}
fn oauth_client() -> BasicClient {
let client_id = env::var("CLIENT_ID").expect("Missing CLIENT_ID!");
let client_secret = env::var("CLIENT_SECRET").expect("Missing CLIENT_SECRET!");
let redirect_url = env::var("REDIRECT_URL").expect("missing REDIRECT_URL");
let auth_url = env::var("AUTH_URL").expect("missing AUTH_URL");
let token_url = env::var("TOKEN_URL").expect("missing TOKEN_URL");
BasicClient::new(
ClientId::new(client_id),
Some(ClientSecret::new(client_secret)),
AuthUrl::new(auth_url).unwrap(),
Some(TokenUrl::new(token_url).unwrap()),
)
.set_redirect_uri(RedirectUrl::new(redirect_url).unwrap())
}

View File

@ -0,0 +1,30 @@
[package]
name = "como_auth"
version = "0.1.0"
edition = "2021"
# See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html
[dependencies]
clap.workspace = true
async-trait.workspace = true
axum.workspace = true
axum-extra.workspace = true
axum-sessions.workspace = true
serde.workspace = true
uuid.workspace = true
sqlx.workspace = true
anyhow.workspace = true
tracing.workspace = true
async-sqlx-session.workspace = true
zitadel = { version = "3.3.1", features = ["axum"] }
tower = "0.4.13"
tower-http = { version = "0.4.0", features = ["cors", "trace"] }
oauth2 = "4.4.0"
openidconnect = "3.0.0"
[dev-dependencies]
tokio.workspace = true
pretty_assertions.workspace = true
sealed_test.workspace = true

View File

@ -0,0 +1,128 @@
use std::{ops::Deref, sync::Arc};
use anyhow::Context;
use async_trait::async_trait;
use axum::http::{header::SET_COOKIE, HeaderMap};
use oauth2::url::Url;
use crate::{
introspection::IntrospectionService,
oauth::{OAuth, ZitadelConfig},
session::{SessionService, User},
AuthClap, AuthEngine,
};
#[async_trait]
pub trait Auth {
async fn login(&self) -> anyhow::Result<Url>;
async fn login_token(&self, user: &str, password: &str) -> anyhow::Result<String>;
async fn login_authorized(&self, code: &str, state: &str) -> anyhow::Result<(HeaderMap, Url)>;
async fn get_user_from_session(&self, cookie: &str) -> anyhow::Result<User>;
}
#[derive(Clone)]
pub struct AuthService(Arc<dyn Auth + Send + Sync + 'static>);
impl AuthService {
pub async fn new(config: &AuthClap, session: SessionService) -> anyhow::Result<Self> {
match config.engine {
AuthEngine::Noop => Ok(Self::new_noop()),
AuthEngine::Zitadel => {
let oauth: OAuth = ZitadelConfig::try_from(config.zitadel.clone())?.into();
let introspection: IntrospectionService =
IntrospectionService::new_zitadel(config).await?;
Ok(Self::new_zitadel(oauth, introspection, session))
}
}
}
pub fn new_zitadel(
oauth: OAuth,
introspection: IntrospectionService,
session: SessionService,
) -> Self {
Self(Arc::new(ZitadelAuthService {
oauth,
introspection,
session,
}))
}
pub fn new_noop() -> Self {
Self(Arc::new(NoopAuthService {}))
}
}
impl Deref for AuthService {
type Target = Arc<dyn Auth + Send + Sync + 'static>;
fn deref(&self) -> &Self::Target {
&self.0
}
}
pub struct ZitadelAuthService {
oauth: OAuth,
introspection: IntrospectionService,
session: SessionService,
}
pub static COOKIE_NAME: &str = "SESSION";
#[async_trait]
impl Auth for ZitadelAuthService {
async fn login(&self) -> anyhow::Result<Url> {
let authorize_url = self.oauth.authorize_url().await?;
Ok(authorize_url)
}
async fn login_authorized(&self, code: &str, _state: &str) -> anyhow::Result<(HeaderMap, Url)> {
let token = self.oauth.exchange(code).await?;
let user_id = self.introspection.get_id_token(token.as_str()).await?;
let cookie_value = self.session.insert_user("user", user_id.as_str()).await?;
let cookie = format!("{}={}; SameSite=Lax; Path=/", COOKIE_NAME, cookie_value);
let mut headers = HeaderMap::new();
headers.insert(SET_COOKIE, cookie.parse().unwrap());
Ok((
headers,
Url::parse("http://localhost:3000/dash/home")
.context("failed to parse login_authorized zitadel return url")?,
))
}
async fn login_token(&self, _user: &str, password: &str) -> anyhow::Result<String> {
self.introspection.get_id_token(password).await
}
async fn get_user_from_session(&self, cookie: &str) -> anyhow::Result<User> {
match self.session.get_user(cookie).await? {
Some(u) => Ok(User { id: u }),
None => Err(anyhow::anyhow!("failed to find user")),
}
}
}
pub struct NoopAuthService {}
#[async_trait]
impl Auth for NoopAuthService {
async fn login(&self) -> anyhow::Result<Url> {
todo!()
}
async fn login_authorized(
&self,
_code: &str,
_state: &str,
) -> anyhow::Result<(HeaderMap, Url)> {
todo!()
}
async fn login_token(&self, _user: &str, _password: &str) -> anyhow::Result<String> {
todo!()
}
async fn get_user_from_session(&self, _cookie: &str) -> anyhow::Result<User> {
todo!()
}
}

View File

@ -0,0 +1,159 @@
use std::{ops::Deref, sync::Arc};
use async_trait::async_trait;
use axum::extract::FromRef;
use oauth2::TokenIntrospectionResponse;
use openidconnect::IntrospectionUrl;
use zitadel::{
axum::introspection::IntrospectionStateBuilderError,
credentials::Application,
oidc::{
discovery::discover,
introspection::{introspect, AuthorityAuthentication},
},
};
use crate::AuthClap;
#[async_trait]
pub trait Introspection {
async fn get_user(&self) -> anyhow::Result<()>;
async fn get_id_token(&self, token: &str) -> anyhow::Result<String>;
}
pub struct IntrospectionService(Arc<dyn Introspection + Send + Sync + 'static>);
impl IntrospectionService {
pub async fn new_zitadel(config: &AuthClap) -> anyhow::Result<Self> {
let res = IntrospectionStateBuilder::new(&config.zitadel.authority_url.clone().unwrap())
.with_basic_auth(
&config.zitadel.client_id.clone().unwrap(),
&config.zitadel.client_secret.clone().unwrap(),
)
.build()
.await?;
Ok(IntrospectionService(Arc::new(ZitadelIntrospection::new(
res,
))))
}
}
impl Deref for IntrospectionService {
type Target = Arc<dyn Introspection + Send + Sync + 'static>;
fn deref(&self) -> &Self::Target {
&self.0
}
}
pub struct ZitadelIntrospection {
state: IntrospectionState,
}
impl ZitadelIntrospection {
pub fn new(state: IntrospectionState) -> Self {
Self { state }
}
}
#[async_trait]
impl Introspection for ZitadelIntrospection {
async fn get_user(&self) -> anyhow::Result<()> {
Ok(())
}
async fn get_id_token(&self, token: &str) -> anyhow::Result<String> {
let config = &self.state.config;
let res = introspect(
&config.introspection_uri,
&config.authority,
&config.authentication,
token,
)
.await?;
Ok(res
.sub()
.ok_or(anyhow::anyhow!("could not find a userid (sub) in token"))?
.to_string())
}
}
#[derive(Clone, Debug)]
pub struct IntrospectionState {
pub(crate) config: IntrospectionConfig,
}
/// Configuration that must be inject into the axum application state. Used by the
/// [IntrospectionStateBuilder](super::IntrospectionStateBuilder). This struct is also used to create the [IntrospectionState](IntrospectionState)
#[derive(Debug, Clone)]
pub struct IntrospectionConfig {
pub authority: String,
pub authentication: AuthorityAuthentication,
pub introspection_uri: IntrospectionUrl,
}
impl FromRef<IntrospectionState> for IntrospectionConfig {
fn from_ref(input: &IntrospectionState) -> Self {
input.config.clone()
}
}
pub struct IntrospectionStateBuilder {
authority: String,
authentication: Option<AuthorityAuthentication>,
}
/// Builder for [IntrospectionConfig]
impl IntrospectionStateBuilder {
pub fn new(authority: &str) -> Self {
Self {
authority: authority.to_string(),
authentication: None,
}
}
pub fn with_basic_auth(
&mut self,
client_id: &str,
client_secret: &str,
) -> &mut IntrospectionStateBuilder {
self.authentication = Some(AuthorityAuthentication::Basic {
client_id: client_id.to_string(),
client_secret: client_secret.to_string(),
});
self
}
#[allow(dead_code)]
pub fn with_jwt_profile(&mut self, application: Application) -> &mut IntrospectionStateBuilder {
self.authentication = Some(AuthorityAuthentication::JWTProfile { application });
self
}
pub async fn build(&mut self) -> Result<IntrospectionState, IntrospectionStateBuilderError> {
let authentication = self
.authentication
.clone()
.ok_or(IntrospectionStateBuilderError::NoAuthSchema)?;
let metadata = discover(&self.authority)
.await
.map_err(|source| IntrospectionStateBuilderError::Discovery { source })?;
let introspection_uri = metadata
.additional_metadata()
.introspection_endpoint
.clone()
.ok_or(IntrospectionStateBuilderError::NoIntrospectionUrl)?;
Ok(IntrospectionState {
config: IntrospectionConfig {
authority: self.authority.clone(),
introspection_uri: introspection_uri,
authentication: authentication,
},
})
}
}

242
crates/como_auth/src/lib.rs Normal file
View File

@ -0,0 +1,242 @@
use oauth::{OAuth, ZitadelConfig};
use serde::{Deserialize, Serialize};
mod auth;
mod introspection;
mod oauth;
mod session;
pub use auth::{Auth, AuthService};
use session::SessionClap;
pub use session::SessionService;
#[derive(clap::ValueEnum, Clone, PartialEq, Eq, Debug)]
pub enum AuthEngine {
Noop,
Zitadel,
}
#[derive(clap::ValueEnum, Clone, PartialEq, Eq, Debug)]
pub enum SessionBackend {
InMemory,
Postgresql,
}
#[derive(clap::Args, Clone, PartialEq, Eq, Debug)]
pub struct AuthClap {
#[arg(
env = "AUTH_ENGINE",
long = "auth-engine",
requires_ifs = [
( "zitadel", "ZitadelClap" )
],
default_value = "noop" )
]
pub engine: AuthEngine,
#[arg(
env = "SESSION_BACKEND",
long = "session-backend",
requires_ifs = [
( "postgresql", "PostgresqlSessionClap" )
],
default_value = "in-memory" )
]
pub session_backend: SessionBackend,
#[clap(flatten)]
pub zitadel: ZitadelClap,
#[clap(flatten)]
pub session: SessionClap,
}
#[derive(Clone, Debug, PartialEq, Eq, Serialize, Deserialize)]
pub struct AuthConfigFile {
zitadel: Option<ZitadelClap>,
}
#[derive(clap::Args, Clone, Debug, PartialEq, Eq, Serialize, Deserialize)]
#[group(requires_all = ["auth_url", "client_id", "client_secret", "redirect_url", "token_url", "authority_url"])]
pub struct ZitadelClap {
#[arg(env = "ZITADEL_AUTH_URL", long = "zitadel-auth-url")]
pub auth_url: Option<String>,
#[arg(env = "ZITADEL_CLIENT_ID", long = "zitadel-client-id")]
pub client_id: Option<String>,
#[arg(env = "ZITADEL_CLIENT_SECRET", long = "zitadel-client-secret")]
pub client_secret: Option<String>,
#[arg(env = "ZITADEL_REDIRECT_URL", long = "zitadel-redirect-url")]
pub redirect_url: Option<String>,
#[arg(env = "ZITADEL_AUTHORITY_URL", long = "zitadel-authority-url")]
pub authority_url: Option<String>,
#[arg(env = "ZITADEL_TOKEN_URL", long = "zitadel-token-url")]
pub token_url: Option<String>,
}
impl TryFrom<AuthClap> for OAuth {
type Error = anyhow::Error;
fn try_from(value: AuthClap) -> Result<Self, Self::Error> {
match value.engine {
AuthEngine::Noop => Ok(OAuth::new_noop()),
AuthEngine::Zitadel => Ok(OAuth::from(ZitadelConfig::try_from(value.zitadel)?)),
}
}
}
impl AuthClap {
pub fn merge(&mut self, config: AuthConfigFile) -> &mut Self {
if let Some(zitadel) = config.zitadel {
if let Some(auth_url) = zitadel.auth_url {
if let Some(_) = self.zitadel.auth_url {
_ = self.zitadel.auth_url.replace(auth_url);
}
}
if let Some(client_id) = zitadel.client_id {
if let Some(_) = self.zitadel.client_id {
_ = self.zitadel.client_id.replace(client_id);
}
}
if let Some(client_secret) = zitadel.client_secret {
if let Some(_) = self.zitadel.client_secret {
_ = self.zitadel.client_secret.replace(client_secret);
}
}
if let Some(redirect_url) = zitadel.redirect_url {
if let Some(_) = self.zitadel.redirect_url {
_ = self.zitadel.redirect_url.replace(redirect_url);
}
}
if let Some(authority_url) = zitadel.authority_url {
if let Some(_) = self.zitadel.authority_url {
_ = self.zitadel.authority_url.replace(authority_url);
}
}
if let Some(token_url) = zitadel.token_url {
if let Some(_) = self.zitadel.token_url {
_ = self.zitadel.token_url.replace(token_url);
}
}
}
self
}
}
#[cfg(test)]
mod test {
use crate::{
session::{PostgresqlSessionClap, SessionClap},
AuthClap, AuthEngine, SessionBackend, ZitadelClap,
};
use clap::Parser;
use pretty_assertions::assert_eq;
#[derive(Parser)]
#[command(author, version, about, long_about = None)]
pub struct Cli {
#[command(subcommand)]
command: Commands,
}
#[derive(clap::Subcommand, Clone, Debug, Eq, PartialEq)]
pub enum Commands {
One {
#[clap(flatten)]
options: AuthClap,
},
}
#[test]
fn test_command_parse_as_default_noop() {
let cli: Cli = Cli::parse_from(&["base", "one"]);
assert_eq!(
cli.command,
Commands::One {
options: AuthClap {
engine: AuthEngine::Noop,
zitadel: ZitadelClap {
auth_url: None,
client_id: None,
client_secret: None,
redirect_url: None,
token_url: None,
authority_url: None,
},
session_backend: SessionBackend::InMemory,
session: SessionClap {
postgresql: PostgresqlSessionClap { conn: None }
}
}
}
);
}
#[test]
fn test_command_parse_as_noop() {
let cli: Cli = Cli::parse_from(&["base", "one", "--auth-engine", "noop"]);
assert_eq!(
cli.command,
Commands::One {
options: AuthClap {
engine: AuthEngine::Noop,
zitadel: ZitadelClap {
auth_url: None,
client_id: None,
client_secret: None,
redirect_url: None,
token_url: None,
authority_url: None,
},
session_backend: crate::SessionBackend::InMemory,
session: crate::SessionClap {
postgresql: PostgresqlSessionClap { conn: None }
}
}
}
);
}
#[test]
fn test_command_parse_as_zitadel() {
let cli: Cli = Cli::parse_from(&[
"base",
"one",
"--auth-engine=zitadel",
"--zitadel-client-id=something",
"--zitadel-client-secret=something",
"--zitadel-auth-url=https://something",
"--zitadel-redirect-url=https://something",
"--zitadel-token-url=https://something",
"--zitadel-authority-url=https://something",
]);
assert_eq!(
cli.command,
Commands::One {
options: AuthClap {
engine: AuthEngine::Zitadel,
zitadel: ZitadelClap {
auth_url: Some("https://something".into()),
client_id: Some("something".into()),
client_secret: Some("something".into()),
redirect_url: Some("https://something".into()),
token_url: Some("https://something".into()),
authority_url: Some("https://something".into()),
},
session_backend: crate::SessionBackend::InMemory,
session: crate::SessionClap {
postgresql: PostgresqlSessionClap { conn: None }
}
},
}
);
}
}

View File

@ -0,0 +1,288 @@
use async_trait::async_trait;
use oauth2::reqwest::async_http_client;
use oauth2::url::Url;
use oauth2::{basic::BasicClient, AuthUrl, ClientId, ClientSecret, RedirectUrl, TokenUrl};
use oauth2::{AuthorizationCode, CsrfToken, Scope, TokenResponse};
use std::ops::Deref;
use std::sync::Arc;
use crate::ZitadelClap;
#[async_trait]
pub trait OAuthClient {
async fn get_token(&self) -> anyhow::Result<()>;
async fn authorize_url(&self) -> anyhow::Result<Url>;
async fn exchange(&self, code: &str) -> anyhow::Result<String>;
}
pub struct OAuth(Arc<dyn OAuthClient + Send + Sync + 'static>);
impl OAuth {
pub fn new_zitadel(config: ZitadelConfig) -> Self {
Self(Arc::new(ZitadelOAuthClient::from(config)))
}
pub fn new_noop() -> Self {
Self(Arc::new(NoopOAuthClient {}))
}
}
impl Deref for OAuth {
type Target = Arc<dyn OAuthClient + Send + Sync + 'static>;
fn deref(&self) -> &Self::Target {
&self.0
}
}
impl From<ZitadelConfig> for OAuth {
fn from(value: ZitadelConfig) -> Self {
Self::new_zitadel(value)
}
}
// -- Noop
#[derive(clap::Args, Clone)]
pub struct NoopOAuthClient;
#[async_trait]
impl OAuthClient for NoopOAuthClient {
async fn get_token(&self) -> anyhow::Result<()> {
Ok(())
}
async fn authorize_url(&self) -> anyhow::Result<Url> {
Ok(Url::parse("http://localhost:3000/auth/zitadel").unwrap())
}
async fn exchange(&self, _code: &str) -> anyhow::Result<String> {
Ok(String::new())
}
}
// -- Zitadel
#[derive(Clone)]
pub struct ZitadelConfig {
auth_url: String,
client_id: String,
client_secret: String,
redirect_url: String,
token_url: String,
authority_url: String,
}
pub struct ZitadelOAuthClient {
client: BasicClient,
}
impl ZitadelOAuthClient {
pub fn new(
client_id: impl Into<String>,
client_secret: impl Into<String>,
redirect_url: impl Into<String>,
auth_url: impl Into<String>,
token_url: impl Into<String>,
authority_url: impl Into<String>,
) -> Self {
Self {
client: Self::oauth_client(ZitadelConfig {
client_id: client_id.into(),
client_secret: client_secret.into(),
redirect_url: redirect_url.into(),
auth_url: auth_url.into(),
token_url: token_url.into(),
authority_url: authority_url.into(),
}),
}
}
fn oauth_client(config: ZitadelConfig) -> BasicClient {
BasicClient::new(
ClientId::new(config.client_id),
Some(ClientSecret::new(config.client_secret)),
AuthUrl::new(config.auth_url).unwrap(),
Some(TokenUrl::new(config.token_url).unwrap()),
)
.set_redirect_uri(RedirectUrl::new(config.redirect_url).unwrap())
}
}
impl From<ZitadelConfig> for ZitadelOAuthClient {
fn from(value: ZitadelConfig) -> Self {
Self::new(
value.client_id,
value.client_secret,
value.redirect_url,
value.auth_url,
value.token_url,
value.authority_url,
)
}
}
impl TryFrom<ZitadelClap> for ZitadelConfig {
type Error = anyhow::Error;
fn try_from(value: ZitadelClap) -> Result<Self, Self::Error> {
Ok(Self {
auth_url: value
.auth_url
.ok_or(anyhow::anyhow!("auth_url was not set"))?,
client_id: value
.client_id
.ok_or(anyhow::anyhow!("client_id was not set"))?,
client_secret: value
.client_secret
.ok_or(anyhow::anyhow!("client_secret was not set"))?,
redirect_url: value
.redirect_url
.ok_or(anyhow::anyhow!("redirect_url was not set"))?,
token_url: value
.token_url
.ok_or(anyhow::anyhow!("token_url was not set"))?,
authority_url: value
.authority_url
.ok_or(anyhow::anyhow!("authority_url was not set"))?,
})
}
}
#[async_trait]
impl OAuthClient for ZitadelOAuthClient {
async fn get_token(&self) -> anyhow::Result<()> {
Ok(())
}
async fn authorize_url(&self) -> anyhow::Result<Url> {
let (auth_url, _csrf_token) = self
.client
.authorize_url(CsrfToken::new_random)
.add_scope(Scope::new("identify".to_string()))
.add_scope(Scope::new("openid".to_string()))
.url();
Ok(auth_url)
}
async fn exchange(&self, code: &str) -> anyhow::Result<String> {
let token = self
.client
.exchange_code(AuthorizationCode::new(code.to_string()))
.request_async(async_http_client)
.await?;
Ok(token.access_token().secret().clone())
}
}
#[cfg(test)]
mod tests {
use crate::ZitadelClap;
use clap::Parser;
use sealed_test::prelude::*;
#[derive(Parser)]
#[command(author, version, about, long_about = None)]
pub struct Cli {
#[clap(flatten)]
options: ZitadelClap,
}
#[derive(Parser, Debug)]
#[command(author, version, about, long_about = None)]
pub struct CliSubCommand {
#[command(subcommand)]
command: Commands,
}
#[derive(clap::Subcommand, Clone, Debug, Eq, PartialEq)]
pub enum Commands {
One {
#[clap(flatten)]
options: ZitadelClap,
},
}
#[tokio::test]
async fn test_parse_clap_zitadel() {
let cli: Cli = Cli::parse_from(&[
"base",
"--zitadel-client-id=something",
"--zitadel-client-secret=something",
"--zitadel-auth-url=https://something",
"--zitadel-redirect-url=https://something",
"--zitadel-token-url=https://something",
"--zitadel-authority-url=https://something",
]);
println!("{:?}", cli.options);
pretty_assertions::assert_eq!(
cli.options,
ZitadelClap {
auth_url: Some("https://something".into()),
client_id: Some("something".into()),
client_secret: Some("something".into()),
redirect_url: Some("https://something".into()),
token_url: Some("https://something".into()),
authority_url: Some("https://something".into()),
}
);
}
#[test]
fn test_parse_clap_zitadel_fails_require_all() {
let cli = CliSubCommand::try_parse_from(&[
"base",
"one",
// "--zitadel-client-id=something", // We want to trigger missing variable
"--zitadel-client-secret=something",
"--zitadel-auth-url=https://something",
"--zitadel-redirect-url=https://something",
"--zitadel-token-url=https://something",
"--zitadel-authority-url=https://something",
]);
pretty_assertions::assert_eq!(cli.is_err(), true);
}
#[sealed_test]
fn test_parse_clap_env_zitadel() {
std::env::set_var("ZITADEL_CLIENT_ID", "something");
std::env::set_var("ZITADEL_CLIENT_SECRET", "something");
std::env::set_var("ZITADEL_AUTH_URL", "https://something");
std::env::set_var("ZITADEL_REDIRECT_URL", "https://something");
std::env::set_var("ZITADEL_TOKEN_URL", "https://something");
std::env::set_var("ZITADEL_AUTHORITY_URL", "https://something");
let cli = CliSubCommand::parse_from(&["base", "one"]);
pretty_assertions::assert_eq!(
cli.command,
Commands::One {
options: ZitadelClap {
auth_url: Some("https://something".into()),
client_id: Some("something".into()),
client_secret: Some("something".into()),
redirect_url: Some("https://something".into()),
token_url: Some("https://something".into()),
authority_url: Some("https://something".into()),
}
}
);
}
#[test]
fn test_parse_clap_defaults_to_noop() {
let cli = CliSubCommand::parse_from(&["base", "one"]);
pretty_assertions::assert_eq!(
cli.command,
Commands::One {
options: ZitadelClap {
auth_url: None,
client_id: None,
client_secret: None,
redirect_url: None,
token_url: None,
authority_url: None,
},
}
);
}
}

View File

@ -0,0 +1,120 @@
use std::{ops::Deref, sync::Arc};
use async_sqlx_session::PostgresSessionStore;
use async_trait::async_trait;
use axum_sessions::async_session::{Session as AxumSession, SessionStore as AxumSessionStore};
use serde::{Deserialize, Serialize};
use crate::{AuthClap, SessionBackend};
#[derive(clap::Args, Clone, Debug, PartialEq, Eq, Serialize, Deserialize)]
pub struct SessionClap {
#[clap(flatten)]
pub postgresql: PostgresqlSessionClap,
}
#[derive(clap::Args, Clone, Debug, PartialEq, Eq, Serialize, Deserialize)]
pub struct PostgresqlSessionClap {
#[arg(env = "SESSION_POSTGRES_CONN", long = "session-postgres-conn")]
pub conn: Option<String>,
}
#[async_trait]
pub trait Session {
async fn insert_user(&self, id: &str, user_id: &str) -> anyhow::Result<String>;
async fn get_user(&self, cookie: &str) -> anyhow::Result<Option<String>>;
}
pub struct SessionService(Arc<dyn Session + Send + Sync + 'static>);
impl SessionService {
pub async fn new(config: &AuthClap) -> anyhow::Result<Self> {
match config.session_backend {
SessionBackend::InMemory => Ok(Self(Arc::new(InMemorySessionService {}))),
SessionBackend::Postgresql => {
let postgres_session = PostgresSessionStore::new(
config
.session
.postgresql
.conn
.as_ref()
.expect("SESSION_POSTGRES_CONN to be set"),
)
.await?;
Ok(Self(Arc::new(PostgresSessionService {
store: postgres_session,
})))
}
}
}
}
impl Deref for SessionService {
type Target = Arc<dyn Session + Send + Sync + 'static>;
fn deref(&self) -> &Self::Target {
&self.0
}
}
pub struct PostgresSessionService {
store: PostgresSessionStore,
}
#[derive(Serialize, Deserialize, Clone, Debug)]
pub struct User {
pub id: String,
}
#[async_trait]
impl Session for PostgresSessionService {
async fn insert_user(&self, _id: &str, user_id: &str) -> anyhow::Result<String> {
let mut session = AxumSession::new();
session.insert(
"user",
User {
id: user_id.to_string(),
},
)?;
let cookie = self
.store
.store_session(session)
.await?
.ok_or(anyhow::anyhow!("failed to store session"))?;
Ok(cookie)
}
async fn get_user(&self, cookie: &str) -> anyhow::Result<Option<String>> {
if let Some(session) = self.store.load_session(cookie.to_string()).await.unwrap() {
if let Some(user) = session.get::<User>("user") {
tracing::debug!(
"UserFromSession: session decoded success, user_id={:?}",
user.id
);
Ok(Some(user.id))
} else {
Ok(None)
}
} else {
tracing::debug!(
"UserIdFromSession: err session not exists in store, {}",
cookie
);
Err(anyhow::anyhow!("No session found for cookie"))
}
}
}
pub struct InMemorySessionService {}
#[async_trait]
impl Session for InMemorySessionService {
async fn insert_user(&self, _id: &str, _user_id: &str) -> anyhow::Result<String> {
todo!()
}
async fn get_user(&self, _cookie: &str) -> anyhow::Result<Option<String>> {
todo!()
}
}

View File

@ -1,6 +1,7 @@
use axum::{http::StatusCode, response::IntoResponse, Json};
use serde_json::json;
#[allow(dead_code)]
#[derive(Debug)]
pub enum AppError {
WrongCredentials,

View File

@ -8,7 +8,7 @@ edition = "2021"
[dependencies]
como_core.workspace = true
como_domain.workspace = true
como_auth.workspace = true
axum.workspace = true
async-trait.workspace = true

View File

@ -1,4 +1,5 @@
use clap::ValueEnum;
use como_auth::AuthClap;
#[derive(clap::Parser)]
pub struct AppConfig {
@ -8,8 +9,6 @@ pub struct AppConfig {
pub database_type: DatabaseType,
#[clap(long, env)]
pub rust_log: String,
#[clap(long, env)]
pub token_secret: String,
#[clap(long, env, default_value = "3001")]
pub api_port: u32,
#[clap(long, env, default_value = "true")]
@ -18,6 +17,9 @@ pub struct AppConfig {
pub seed: bool,
#[clap(long, env)]
pub cors_origin: String,
#[clap(flatten)]
pub auth: AuthClap,
}
#[derive(Clone, Debug, ValueEnum)]

View File

@ -1,6 +1,7 @@
use std::sync::Arc;
use async_sqlx_session::PostgresSessionStore;
use como_auth::{AuthService, SessionService};
use como_core::{items::DynItemService, projects::DynProjectService, users::DynUserService};
use tracing::log::info;
@ -20,12 +21,16 @@ pub struct ServiceRegister {
pub project_service: DynProjectService,
pub user_service: DynUserService,
pub session_store: PostgresSessionStore,
pub auth_service: AuthService,
}
impl ServiceRegister {
pub async fn new(pool: ConnectionPool, config: Arc<AppConfig>) -> anyhow::Result<Self> {
info!("creating services");
let session = SessionService::new(&config.auth).await?;
let auth = AuthService::new(&config.auth, session).await?;
let s = match config.database_type {
DatabaseType::Postgres => {
let item_service =
@ -42,6 +47,7 @@ impl ServiceRegister {
user_service,
project_service,
session_store: store,
auth_service: auth,
}
}
DatabaseType::InMemory => {
@ -57,6 +63,7 @@ impl ServiceRegister {
user_service,
project_service,
session_store: store,
auth_service: auth,
}
}
};

View File

@ -0,0 +1 @@

View File

@ -211,7 +211,11 @@ impl ItemService for MemoryItemService {
todo!()
}
async fn update_item(&self, _context: &Context, _item: UpdateItemDto) -> anyhow::Result<ItemDto> {
async fn update_item(
&self,
_context: &Context,
_item: UpdateItemDto,
) -> anyhow::Result<ItemDto> {
todo!()
}
}

14
crates/como_web/.gitignore vendored Normal file
View File

@ -0,0 +1,14 @@
# Generated by Cargo
# will have compiled files and executables
/target/
pkg
# These are backup files generated by rustfmt
**/*.rs.bk
# node e2e test tools and outputs
node_modules/
test-results/
end2end/playwright-report/
playwright/.cache/
.cuddle/

2980
crates/como_web/Cargo.lock generated Normal file

File diff suppressed because it is too large Load Diff

108
crates/como_web/Cargo.toml Normal file
View File

@ -0,0 +1,108 @@
[package]
name = "como_web"
version = "0.1.0"
edition = "2021"
[lib]
crate-type = ["cdylib", "rlib"]
[dependencies]
console_error_panic_hook = "0.1"
console_log = "0.2"
cfg-if = "1"
lazy_static = "1"
leptos = { version = "*", features = ["serde"] }
leptos_dom = { version = "*" }
leptos_meta = { version = "*" }
leptos_axum = { version = "*", optional = true }
leptos_router = { version = "*" }
log = "0.4"
simple_logger = "4"
thiserror = "1"
axum = { version = "0.6.1", optional = true }
tower = { version = "0.4.13", optional = true }
tower-http = { version = "0.3.4", features = ["fs"], optional = true }
tokio = { version = "1", features = ["rt-multi-thread", "macros", "time"], optional = true }
wasm-bindgen = "0.2"
tracing-subscriber = { version = "0.3.16", optional = true, features = [
"env-filter",
] }
tracing = { version = "0.1.37", features = ["log"], optional = true }
anyhow = { version = "1.0.71" }
serde = { workspace = true }
chrono = { workspace = true }
uuid = { workspace = true, features = ["v4", "wasm-bindgen", "js", "serde"] }
graphql_client = { version = "0.13.0", features = ["reqwest"] }
reqwasm = "0.5.0"
serde_json = "1.0.96"
[features]
hydrate = ["leptos/hydrate", "leptos_meta/hydrate", "leptos_router/hydrate"]
ssr = [
"dep:axum",
"dep:tower",
"dep:tower-http",
"dep:tokio",
"leptos/ssr",
"leptos_meta/ssr",
"leptos_router/ssr",
"leptos_dom/ssr",
"dep:leptos_axum",
"dep:tracing-subscriber",
"dep:tracing",
]
[package.metadata.cargo-all-features]
denylist = ["axum", "tower", "tower-http", "tokio", "sqlx", "leptos_axum"]
skip_feature_sets = [["ssr", "hydrate"]]
[package.metadata.leptos]
# The name used by wasm-bindgen/cargo-leptos for the JS/WASM bundle. Defaults to the crate name
output-name = "como_web"
# The site root folder is where cargo-leptos generate all output. WARNING: all content of this folder will be erased on a rebuild. Use it in your server setup.
site-root = "target/site"
# The site-root relative folder where all compiled output (JS, WASM and CSS) is written
# Defaults to pkg
site-pkg-dir = "pkg"
# [Optional] The source CSS file. If it ends with .sass or .scss then it will be compiled by dart-sass into CSS. The CSS is optimized by Lightning CSS before being written to <site-root>/<site-pkg>/app.css
style-file = "style/output.css"
# Assets source dir. All files found here will be copied and synchronized to site-root.
# The assets-dir cannot have a sub directory with the same name/path as site-pkg-dir.
#
# Optional. Env: LEPTOS_ASSETS_DIR.
assets-dir = "assets"
# The IP and port (ex: 127.0.0.1:3000) where the server serves the content. Use it in your server setup.
site-addr = "127.0.0.1:3000"
# The port to use for automatic reload monitoring
reload-port = 3002
# [Optional] Command to use when running end2end tests. It will run in the end2end dir.
# [Windows] for non-WSL use "npx.cmd playwright test"
# This binary name can be checked in Powershell with Get-Command npx
end2end-cmd = "npx playwright test"
end2end-dir = "end2end"
# The browserlist query used for optimizing the CSS.
browserquery = "defaults"
# Set by cargo-leptos watch when building with that tool. Controls whether autoreload JS will be included in the head
watch = false
# The environment Leptos will run in, usually either "DEV" or "PROD"
env = "DEV"
# The features to use when compiling the bin target
#
# Optional. Can be over-ridden with the command line parameter --bin-features
bin-features = ["ssr"]
# If the --no-default-features flag should be used when compiling the bin target
#
# Optional. Defaults to false.
bin-default-features = false
# The features to use when compiling the lib target
#
# Optional. Can be over-ridden with the command line parameter --lib-features
lib-features = ["hydrate"]
# If the --no-default-features flag should be used when compiling the lib target
#
# Optional. Defaults to false.
lib-default-features = false

67
crates/como_web/README.md Normal file
View File

@ -0,0 +1,67 @@
<picture>
<source srcset="https://raw.githubusercontent.com/leptos-rs/leptos/main/docs/logos/Leptos_logo_Solid_White.svg" media="(prefers-color-scheme: dark)">
<img src="https://raw.githubusercontent.com/leptos-rs/leptos/main/docs/logos/Leptos_logo_RGB.svg" alt="Leptos Logo">
</picture>
# Leptos Starter Template
This is a template for use with the [Leptos](https://github.com/leptos-rs/leptos) web framework and the [cargo-leptos](https://github.com/akesson/cargo-leptos) tool.
## Creating your template repo
If you don't have `cargo-leptos` installed you can install it with
`cargo install cargo-leptos`
Then run
`cargo leptos new --git leptos-rs/start`
to generate a new project template.
`cd {projectname}`
to go to your newly created project.
Of course you should explore around the project structure, but the best place to start with your application code is in `src/app.rs`.
## Running your project
`cargo leptos watch`
## Installing Additional Tools
By default, `cargo-leptos` uses `nightly` Rust, `cargo-generate`, and `sass`. If you run into any trouble, you may need to install one or more of these tools.
1. `rustup toolchain install nightly --allow-downgrade` - make sure you have Rust nightly
2. `rustup target add wasm32-unknown-unknown` - add the ability to compile Rust to WebAssembly
3. `cargo install cargo-generate` - install `cargo-generate` binary (should be installed automatically in future)
4. `npm install -g sass` - install `dart-sass` (should be optional in future)
## Executing a Server on a Remote Machine Without the Toolchain
After running a `cargo leptos build --release` the minimum files needed are:
1. The server binary located in `target/server/release`
2. The `site` directory and all files within located in `target/site`
Copy these files to your remote server. The directory structure should be:
```text
como_web
site/
```
Set the following enviornment variables (updating for your project as needed):
```text
LEPTOS_OUTPUT_NAME="como_web"
LEPTOS_SITE_ROOT="site"
LEPTOS_SITE_PKG_DIR="pkg"
LEPTOS_SITE_ADDR="127.0.0.1:3000"
LEPTOS_RELOAD_PORT="3001"
```
Finally, run the server binary.
## Notes about SSG and Trunk:
Although it is not recommended, you can also run your project without server integration using the feature `csr` and `trunk serve`:
`trunk serve --open --features csr`
This may be useful for integrating external tools which require a static site, e.g. `tauri`.

Binary file not shown.

After

Width:  |  Height:  |  Size: 15 KiB

View File

@ -0,0 +1,27 @@
yaml-language-server: $schema=https://git.front.kjuulh.io/kjuulh/cuddle/raw/branch/main/schemas/base.json
base: "git@git.front.kjuulh.io:kjuulh/cuddle-rust-plan.git"
vars:
service: "como-web"
deployments: "git@git.front.kjuulh.io:como/deployments.git"
scripts:
render_como_templates:
type: shell
local_up:
type: shell
local_down:
type: shell
"tailwind:watch":
type: "shell"
"tailwind:build":
type: "shell"
"leptos:dev":
type: "shell"
"dev":
type: "shell"
"nodev":
type: "shell"
"refresh:schema":
type: "shell"

View File

@ -0,0 +1,74 @@
{
"name": "end2end",
"version": "1.0.0",
"lockfileVersion": 2,
"requires": true,
"packages": {
"": {
"name": "end2end",
"version": "1.0.0",
"license": "ISC",
"devDependencies": {
"@playwright/test": "^1.28.0"
}
},
"node_modules/@playwright/test": {
"version": "1.28.0",
"resolved": "https://registry.npmjs.org/@playwright/test/-/test-1.28.0.tgz",
"integrity": "sha512-vrHs5DFTPwYox5SGKq/7TDn/S4q6RA1zArd7uhO6EyP9hj3XgZBBM12ktMbnDQNxh/fL1IUKsTNLxihmsU38lQ==",
"dev": true,
"dependencies": {
"@types/node": "*",
"playwright-core": "1.28.0"
},
"bin": {
"playwright": "cli.js"
},
"engines": {
"node": ">=14"
}
},
"node_modules/@types/node": {
"version": "18.11.9",
"resolved": "https://registry.npmjs.org/@types/node/-/node-18.11.9.tgz",
"integrity": "sha512-CRpX21/kGdzjOpFsZSkcrXMGIBWMGNIHXXBVFSH+ggkftxg+XYP20TESbh+zFvFj3EQOl5byk0HTRn1IL6hbqg==",
"dev": true
},
"node_modules/playwright-core": {
"version": "1.28.0",
"resolved": "https://registry.npmjs.org/playwright-core/-/playwright-core-1.28.0.tgz",
"integrity": "sha512-nJLknd28kPBiCNTbqpu6Wmkrh63OEqJSFw9xOfL9qxfNwody7h6/L3O2dZoWQ6Oxcm0VOHjWmGiCUGkc0X3VZA==",
"dev": true,
"bin": {
"playwright": "cli.js"
},
"engines": {
"node": ">=14"
}
}
},
"dependencies": {
"@playwright/test": {
"version": "1.28.0",
"resolved": "https://registry.npmjs.org/@playwright/test/-/test-1.28.0.tgz",
"integrity": "sha512-vrHs5DFTPwYox5SGKq/7TDn/S4q6RA1zArd7uhO6EyP9hj3XgZBBM12ktMbnDQNxh/fL1IUKsTNLxihmsU38lQ==",
"dev": true,
"requires": {
"@types/node": "*",
"playwright-core": "1.28.0"
}
},
"@types/node": {
"version": "18.11.9",
"resolved": "https://registry.npmjs.org/@types/node/-/node-18.11.9.tgz",
"integrity": "sha512-CRpX21/kGdzjOpFsZSkcrXMGIBWMGNIHXXBVFSH+ggkftxg+XYP20TESbh+zFvFj3EQOl5byk0HTRn1IL6hbqg==",
"dev": true
},
"playwright-core": {
"version": "1.28.0",
"resolved": "https://registry.npmjs.org/playwright-core/-/playwright-core-1.28.0.tgz",
"integrity": "sha512-nJLknd28kPBiCNTbqpu6Wmkrh63OEqJSFw9xOfL9qxfNwody7h6/L3O2dZoWQ6Oxcm0VOHjWmGiCUGkc0X3VZA==",
"dev": true
}
}
}

View File

@ -0,0 +1,13 @@
{
"name": "end2end",
"version": "1.0.0",
"description": "",
"main": "index.js",
"scripts": {},
"keywords": [],
"author": "",
"license": "ISC",
"devDependencies": {
"@playwright/test": "^1.28.0"
}
}

View File

@ -0,0 +1,107 @@
import type { PlaywrightTestConfig } from "@playwright/test";
import { devices } from "@playwright/test";
/**
* Read environment variables from file.
* https://github.com/motdotla/dotenv
*/
// require('dotenv').config();
/**
* See https://playwright.dev/docs/test-configuration.
*/
const config: PlaywrightTestConfig = {
testDir: "./tests",
/* Maximum time one test can run for. */
timeout: 30 * 1000,
expect: {
/**
* Maximum time expect() should wait for the condition to be met.
* For example in `await expect(locator).toHaveText();`
*/
timeout: 5000,
},
/* Run tests in files in parallel */
fullyParallel: true,
/* Fail the build on CI if you accidentally left test.only in the source code. */
forbidOnly: !!process.env.CI,
/* Retry on CI only */
retries: process.env.CI ? 2 : 0,
/* Opt out of parallel tests on CI. */
workers: process.env.CI ? 1 : undefined,
/* Reporter to use. See https://playwright.dev/docs/test-reporters */
reporter: "html",
/* Shared settings for all the projects below. See https://playwright.dev/docs/api/class-testoptions. */
use: {
/* Maximum time each action such as `click()` can take. Defaults to 0 (no limit). */
actionTimeout: 0,
/* Base URL to use in actions like `await page.goto('/')`. */
// baseURL: 'http://localhost:3000',
/* Collect trace when retrying the failed test. See https://playwright.dev/docs/trace-viewer */
trace: "on-first-retry",
},
/* Configure projects for major browsers */
projects: [
{
name: "chromium",
use: {
...devices["Desktop Chrome"],
},
},
{
name: "firefox",
use: {
...devices["Desktop Firefox"],
},
},
{
name: "webkit",
use: {
...devices["Desktop Safari"],
},
},
/* Test against mobile viewports. */
// {
// name: 'Mobile Chrome',
// use: {
// ...devices['Pixel 5'],
// },
// },
// {
// name: 'Mobile Safari',
// use: {
// ...devices['iPhone 12'],
// },
// },
/* Test against branded browsers. */
// {
// name: 'Microsoft Edge',
// use: {
// channel: 'msedge',
// },
// },
// {
// name: 'Google Chrome',
// use: {
// channel: 'chrome',
// },
// },
],
/* Folder for test artifacts such as screenshots, videos, traces, etc. */
// outputDir: 'test-results/',
/* Run your local dev server before starting the tests */
// webServer: {
// command: 'npm run start',
// port: 3000,
// },
};
export default config;

View File

@ -0,0 +1,9 @@
import { test, expect } from "@playwright/test";
test("homepage has title and links to intro page", async ({ page }) => {
await page.goto("http://localhost:3000/");
await expect(page).toHaveTitle("Welcome to Leptos");
await expect(page.locator("h1")).toHaveText("Welcome to Leptos!");
});

26
crates/como_web/input.css Normal file
View File

@ -0,0 +1,26 @@
@tailwind base;
@tailwind components;
@tailwind utilities;
html, body {
scroll-behavior: smooth;
min-height: 100%;
@apply bg-gray-100 dark:bg-gray-900 text-gray-900 dark:text-gray-100;
}
.feature-case {
@apply m-8 border-blue-700 border-2 rounded-lg p-4;
}
.dashboard-list-item {
@apply flex flex-col justify-center hover:dark:bg-blue-900 cursor-pointer select-none px-4 py-2 border-y border-y-gray-800;
}
.dashboard-list-project {
@apply dark:bg-gray-800 hover:dark:bg-blue-900 text-gray-300;
}
.dashboard-item {
@apply pl-6
}

View File

@ -0,0 +1,3 @@
max_width = 100
tab_spaces = 4
attr_value_brace_style = "WhenRequired" # "Always", "AlwaysUnlessLit", "WhenRequired" or "Preserve"

View File

@ -0,0 +1,3 @@
[toolchain]
channel = "nightly"

6
crates/como_web/scripts/dev.sh Executable file
View File

@ -0,0 +1,6 @@
#!/bin/bash
zellij run -- sh -c "cuddle x leptos:dev"
zellij run -- sh -c "cuddle x tailwind:watch"

View File

@ -0,0 +1,3 @@
#!/bin/bash
cargo leptos watch

View File

@ -0,0 +1,3 @@
#!/bin/bash
tmux kill-window -t dev || true

View File

@ -0,0 +1,22 @@
#!/bin/bash
graphql-client introspect-schema \
http://localhost:3001/graphql \
--header "Authorization: Basic $COMO_GATEWAY_PAT" \
--output src/api/graphql/schema/schema.json
graphql-client generate \
--schema-path src/api/graphql/schema/schema.json \
src/features/navbar_projects/graphql/queries.graphql \
--output-directory src/features/navbar_projects/gen \
--custom-scalars-module='crate::common::graphql' \
--variables-derives='Clone,Debug' \
--response-derives='Clone,Debug'
graphql-client generate \
--schema-path src/api/graphql/schema/schema.json \
src/features/dashboard_list_view/graphql/queries.graphql \
--output-directory src/features/dashboard_list_view/gen \
--custom-scalars-module='crate::common::graphql' \
--variables-derives='Clone,Debug' \
--response-derives='Clone,Debug'

View File

@ -0,0 +1,3 @@
#!/bin/bash
npx tailwindcss -i ./input.css -o ./style/output.css

View File

@ -0,0 +1,3 @@
#!/bin/bash
npx tailwindcss -i ./input.css -o ./style/output.css --watch

File diff suppressed because it is too large Load Diff

View File

@ -0,0 +1,2 @@
#[cfg(feature = "ssr")]
pub fn register() {}

View File

@ -0,0 +1,55 @@
use leptos::*;
use leptos_meta::*;
use leptos_router::*;
use crate::common::layout::DashboardLayout;
use crate::routes::dash::home::DashHomePage;
use crate::routes::features_view::FeaturesView;
use crate::routes::home::HomePage;
#[component]
pub fn App() -> impl IntoView {
// Provides context that manages stylesheets, titles, meta tags, etc.
provide_meta_context();
view! {
<Stylesheet id="leptos" href="/pkg/como_web.css"/>
<Router>
<main>
<Routes>
<Route
path=""
view=|| {
view! { <HomePage/> }
}
/>
<Route
path="/dash"
view=|| {
view! { <DashboardLayout/> }
}
>
<Route
path=""
view=|| {
view! { <DashHomePage/> }
}
/>
<Route
path="home"
view=|| {
view! { <DashHomePage/> }
}
/>
</Route>
<Route
path="/features"
view=|| {
view! { <FeaturesView/> }
}
/>
</Routes>
</main>
</Router>
}
}

View File

@ -0,0 +1,2 @@
pub mod layout;
pub mod graphql;

View File

@ -0,0 +1 @@
pub type UUID = uuid::Uuid;

View File

@ -0,0 +1,49 @@
use leptos::*;
use leptos_router::*;
use crate::features::command_line::CommandLine;
use crate::features::navbar_projects::NavbarProjects;
#[component]
pub fn DashNav() -> impl IntoView {
view! {
<nav class="min-w-[200px] p-4 space-y-4 h-screen sticky top-0 select-none bg-gray-800">
<div>
<a href="/dash/home" class="text-xl">
"como"
</a>
</div>
<div>
<a href="/dash/current" class="">
"inbox"
</a>
</div>
<div>
<p class="text-sm mb-0.5 dark:text-gray-500">"Favorites"</p>
<a href="/dash/current" class="dark:text-gray-300 pl-2">
"inbox"
</a>
</div>
<div>
<p class="text-sm mb-0.5 dark:text-gray-500">"Projects"</p>
<div class="pl-2 dark:text-gray-300">
<NavbarProjects/>
</div>
</div>
</nav>
}
}
#[component]
pub fn DashboardLayout() -> impl IntoView {
view! {
<div class="flex flex-row">
<DashNav/>
<div id="content" class="px-0.5 flex-grow">
<CommandLine>
<Outlet/>
</CommandLine>
</div>
</div>
}
}

View File

@ -0,0 +1,43 @@
use cfg_if::cfg_if;
cfg_if! { if #[cfg(feature = "ssr")] {
use axum::{
body::{boxed, Body, BoxBody},
extract::State,
response::IntoResponse,
http::{Request, Response, StatusCode, Uri},
};
use axum::response::Response as AxumResponse;
use tower::ServiceExt;
use tower_http::services::ServeDir;
use leptos::{LeptosOptions, view};
use crate::app::App;
pub async fn file_and_error_handler(uri: Uri, State(options): State<LeptosOptions>, req: Request<Body>) -> AxumResponse {
let root = options.site_root.clone();
let res = get_static_file(uri.clone(), &root).await.unwrap();
if res.status() == StatusCode::OK {
res.into_response()
} else{
let handler = leptos_axum::render_app_to_stream(
options.to_owned(),
move || view!{ <App/> }
);
handler(req).await.into_response()
}
}
async fn get_static_file(uri: Uri, root: &str) -> Result<Response<BoxBody>, (StatusCode, String)> {
let req = Request::builder().uri(uri.clone()).body(Body::empty()).unwrap();
// `ServeDir` implements `tower::Service` so we can call it with `tower::ServiceExt::oneshot`
// This path is relative to the cargo root
match ServeDir::new(root).oneshot(req).await {
Ok(res) => Ok(res.map(boxed)),
Err(err) => Err((
StatusCode::INTERNAL_SERVER_ERROR,
format!("Something went wrong: {err}"),
)),
}
}
}}

View File

@ -0,0 +1,3 @@
pub mod command_line;
pub mod dashboard_list_view;
pub mod navbar_projects;

View File

@ -0,0 +1,56 @@
use leptos::*;
#[derive(Clone, Debug)]
pub struct CommandLineState {
hidden: bool,
}
#[component]
pub fn CommandLineModalView() -> impl IntoView {
view! { <div>"modal"</div> }
}
#[component]
pub fn CommandLineModal() -> impl IntoView {
let state =
use_context::<RwSignal<CommandLineState>>().expect("command line state must be provided");
let (hidden, _) = create_slice(state, |state| state.hidden, |state, n| state.hidden = n);
view! {
{move || {
if !hidden.get() {
view! { <CommandLineModalView/> }
} else {
view! { }.into_view()
}
}}
}
}
#[component]
pub fn CommandLine(children: Children) -> impl IntoView {
let state = create_rw_signal(CommandLineState { hidden: true });
provide_context(state);
let (hidden, set_hidden) =
create_slice(state, |state| state.hidden, |state, n| state.hidden = n);
leptos_dom::helpers::window_event_listener(ev::keypress, move |event| {
if event.ctrl_key() {
match event.code().as_str() {
"KeyK" => {
set_hidden.set(!hidden.get());
//log!("toggle command")
}
_ => {}
}
}
});
view! {
<div>
<div>{children()}</div>
<CommandLineModal/>
</div>
}
}

View File

@ -0,0 +1,4 @@
pub mod dashboard_list_view;
pub mod gen;
pub use dashboard_list_view::*;

View File

@ -0,0 +1,93 @@
use graphql_client::{GraphQLQuery, Response};
use leptos::*;
use crate::features::dashboard_list_view::gen::queries::get_projects_list_view::GetProjectsListViewGetProjectsItems;
use super::gen::queries::get_projects_list_view::{
GetProjectsListViewGetProjects, ResponseData, Variables,
};
use super::gen::queries::GetProjectsListView;
pub async fn get_projects_list() -> anyhow::Result<Vec<GetProjectsListViewGetProjects>> {
let request_body = GetProjectsListView::build_query(Variables {});
let payload = serde_json::to_string(&request_body)?;
let res = reqwasm::http::Request::post("http://localhost:3001/graphql")
.credentials(reqwasm::http::RequestCredentials::Include)
.body(payload)
.send()
.await?;
let response_body: Response<ResponseData> = res.json().await?;
Ok(response_body
.data
.ok_or(anyhow::anyhow!("failed to get projects list"))?
.get_projects)
}
#[component]
pub fn DashboardItemView(item: GetProjectsListViewGetProjectsItems) -> impl IntoView {
view! { <div class="dashboard-list-item dashboard-item">{item.title}</div> }
}
#[component]
pub fn DashboardProjectItemView(project: GetProjectsListViewGetProjects) -> impl IntoView {
view! {
<div class="dashboard-list-item dashboard-list-project">
<a href=format!("/dash/project/{}", & project.id) class="project-item flex flex-row">
<div class="space-x-2">
<span>{&project.name}</span>
<span class="text-gray-50">{project.items.len()}</span>
<span class="flex-grow"></span>
</div>
</a>
</div>
}
}
#[component]
pub fn DashboardListView(
projects: Resource<(), Vec<GetProjectsListViewGetProjects>>,
) -> impl IntoView {
let projects_view = move || {
projects.with(|projects| {
if projects.is_none() {
return Vec::new();
}
let projects = projects.as_ref().unwrap();
if projects.is_empty() {
return vec![view! { <div class="project-item">"No projects"</div> }.into_any()];
}
projects
.into_iter()
.filter(|project| !project.items.is_empty())
.map(|project| {
view! {
<div>
<DashboardProjectItemView project=project.clone()/>
{&project
.items
.clone()
.into_iter()
.map(|item| {
view! { <DashboardItemView item=item/> }
})
.collect::<Vec<_>>()
.into_view()}
</div>
}
.into_any()
})
.collect::<Vec<_>>()
})
};
view! {<div class="project-items">{projects_view}</div> }
}
#[component]
pub fn DashboardList() -> impl IntoView {
let projects = create_local_resource(|| (), |_| async { get_projects_list().await.unwrap() });
view! {<DashboardListView projects=projects/> }
}

Some files were not shown because too many files have changed in this diff Show More