2017-12-28 21:14:04 -08:00
|
|
|
use std::collections::HashMap;
|
2018-05-08 10:12:57 -07:00
|
|
|
use std::iter::FromIterator;
|
|
|
|
|
use std::rc::Rc;
|
2017-12-28 21:14:04 -08:00
|
|
|
|
2018-05-08 10:12:57 -07:00
|
|
|
use actix::prelude::*;
|
|
|
|
|
use actix_web::middleware::session::{SessionBackend, SessionImpl};
|
|
|
|
|
use actix_web::middleware::Response as MiddlewareResponse;
|
|
|
|
|
use actix_web::{error, Error, HttpRequest, HttpResponse, Result};
|
2018-06-23 12:17:37 +08:00
|
|
|
use cookie::{Cookie, CookieJar, Key, SameSite};
|
2018-05-08 10:12:57 -07:00
|
|
|
use futures::future::{err as FutErr, ok as FutOk, Either};
|
2017-12-28 21:14:04 -08:00
|
|
|
use futures::Future;
|
2017-12-29 01:10:27 -08:00
|
|
|
use http::header::{self, HeaderValue};
|
2018-05-08 10:12:57 -07:00
|
|
|
use rand::{self, Rng};
|
|
|
|
|
use redis_async::resp::RespValue;
|
|
|
|
|
use serde_json;
|
2018-06-23 12:17:37 +08:00
|
|
|
use time::Duration;
|
2017-12-28 21:14:04 -08:00
|
|
|
|
|
|
|
|
use redis::{Command, RedisActor};
|
|
|
|
|
|
|
|
|
|
/// Session that stores data in redis
|
|
|
|
|
pub struct RedisSession {
|
|
|
|
|
changed: bool,
|
|
|
|
|
inner: Rc<Inner>,
|
|
|
|
|
state: HashMap<String, String>,
|
2017-12-29 01:10:27 -08:00
|
|
|
value: Option<String>,
|
2017-12-28 21:14:04 -08:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
impl SessionImpl for RedisSession {
|
|
|
|
|
fn get(&self, key: &str) -> Option<&str> {
|
2018-01-22 10:50:24 -08:00
|
|
|
self.state.get(key).map(|s| s.as_str())
|
2017-12-28 21:14:04 -08:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
fn set(&mut self, key: &str, value: String) {
|
|
|
|
|
self.changed = true;
|
|
|
|
|
self.state.insert(key.to_owned(), value);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
fn remove(&mut self, key: &str) {
|
|
|
|
|
self.changed = true;
|
|
|
|
|
self.state.remove(key);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
fn clear(&mut self) {
|
|
|
|
|
self.changed = true;
|
|
|
|
|
self.state.clear()
|
|
|
|
|
}
|
|
|
|
|
|
2018-01-10 16:51:09 -08:00
|
|
|
fn write(&self, resp: HttpResponse) -> Result<MiddlewareResponse> {
|
2017-12-28 21:14:04 -08:00
|
|
|
if self.changed {
|
2018-05-08 10:12:57 -07:00
|
|
|
Ok(MiddlewareResponse::Future(self.inner.update(
|
|
|
|
|
&self.state,
|
|
|
|
|
resp,
|
|
|
|
|
self.value.as_ref(),
|
|
|
|
|
)))
|
2017-12-29 01:10:27 -08:00
|
|
|
} else {
|
2018-01-10 16:51:09 -08:00
|
|
|
Ok(MiddlewareResponse::Done(resp))
|
2017-12-28 21:14:04 -08:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2017-12-29 01:10:27 -08:00
|
|
|
/// Use redis as session storage.
|
|
|
|
|
///
|
|
|
|
|
/// You need to pass an address of the redis server and random value to the
|
2018-05-08 10:12:57 -07:00
|
|
|
/// constructor of `RedisSessionBackend`. This is private key for cookie
|
|
|
|
|
/// session, When this value is changed, all session data is lost.
|
2017-12-29 01:10:27 -08:00
|
|
|
///
|
2018-05-08 10:12:57 -07:00
|
|
|
/// Note that whatever you write into your session is visible by the user (but
|
|
|
|
|
/// not modifiable).
|
2017-12-29 01:10:27 -08:00
|
|
|
///
|
|
|
|
|
/// Constructor panics if key length is less than 32 bytes.
|
2017-12-28 21:14:04 -08:00
|
|
|
pub struct RedisSessionBackend(Rc<Inner>);
|
|
|
|
|
|
|
|
|
|
impl RedisSessionBackend {
|
|
|
|
|
/// Create new redis session backend
|
2017-12-29 01:10:27 -08:00
|
|
|
///
|
|
|
|
|
/// * `addr` - address of the redis server
|
2018-01-22 00:40:50 -08:00
|
|
|
pub fn new<S: Into<String>>(addr: S, key: &[u8]) -> RedisSessionBackend {
|
2018-05-08 10:12:57 -07:00
|
|
|
RedisSessionBackend(Rc::new(Inner {
|
|
|
|
|
key: Key::from_master(key),
|
|
|
|
|
ttl: "7200".to_owned(),
|
|
|
|
|
addr: RedisActor::start(addr),
|
|
|
|
|
name: "actix-session".to_owned(),
|
2018-06-23 12:17:37 +08:00
|
|
|
path: "/".to_owned(),
|
|
|
|
|
domain: None,
|
|
|
|
|
secure: false,
|
|
|
|
|
max_age: None,
|
|
|
|
|
same_site: None,
|
2018-05-08 10:12:57 -07:00
|
|
|
}))
|
2017-12-28 21:14:04 -08:00
|
|
|
}
|
2017-12-29 01:10:27 -08:00
|
|
|
|
|
|
|
|
/// Set time to live in seconds for session value
|
|
|
|
|
pub fn ttl(mut self, ttl: u16) -> Self {
|
|
|
|
|
Rc::get_mut(&mut self.0).unwrap().ttl = format!("{}", ttl);
|
|
|
|
|
self
|
|
|
|
|
}
|
|
|
|
|
|
2018-01-22 10:50:24 -08:00
|
|
|
/// Set custom cookie name for session id
|
2017-12-29 01:10:27 -08:00
|
|
|
pub fn cookie_name(mut self, name: &str) -> Self {
|
|
|
|
|
Rc::get_mut(&mut self.0).unwrap().name = name.to_owned();
|
|
|
|
|
self
|
|
|
|
|
}
|
2018-06-23 12:17:37 +08:00
|
|
|
|
|
|
|
|
/// Set custom cookie path
|
|
|
|
|
pub fn cookie_path(mut self, path: &str) -> Self {
|
|
|
|
|
Rc::get_mut(&mut self.0).unwrap().path = path.to_owned();
|
|
|
|
|
self
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/// Set custom cookie domain
|
|
|
|
|
pub fn cookie_domain(mut self, domain: &str) -> Self {
|
|
|
|
|
Rc::get_mut(&mut self.0).unwrap().domain = Some(domain.to_owned());
|
|
|
|
|
self
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/// Set custom cookie secure
|
|
|
|
|
/// If the `secure` field is set, a cookie will only be transmitted when the
|
|
|
|
|
/// connection is secure - i.e. `https`
|
|
|
|
|
pub fn cookie_secure(mut self, secure: bool) -> Self {
|
|
|
|
|
Rc::get_mut(&mut self.0).unwrap().secure = secure;
|
|
|
|
|
self
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/// Set custom cookie max-age
|
|
|
|
|
pub fn cookie_max_age(mut self, max_age: Duration) -> Self {
|
|
|
|
|
Rc::get_mut(&mut self.0).unwrap().max_age = Some(max_age);
|
|
|
|
|
self
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/// Set custom cookie SameSite
|
|
|
|
|
pub fn cookie_same_site(mut self, same_site: SameSite) -> Self {
|
|
|
|
|
Rc::get_mut(&mut self.0).unwrap().same_site = Some(same_site);
|
|
|
|
|
self
|
|
|
|
|
}
|
2017-12-28 21:14:04 -08:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
impl<S> SessionBackend<S> for RedisSessionBackend {
|
|
|
|
|
type Session = RedisSession;
|
2018-05-08 10:12:57 -07:00
|
|
|
type ReadFuture = Box<Future<Item = RedisSession, Error = Error>>;
|
2017-12-28 21:14:04 -08:00
|
|
|
|
|
|
|
|
fn from_request(&self, req: &mut HttpRequest<S>) -> Self::ReadFuture {
|
|
|
|
|
let inner = Rc::clone(&self.0);
|
|
|
|
|
|
|
|
|
|
Box::new(self.0.load(req).map(move |state| {
|
2017-12-29 01:10:27 -08:00
|
|
|
if let Some((state, value)) = state {
|
2017-12-28 21:14:04 -08:00
|
|
|
RedisSession {
|
|
|
|
|
changed: false,
|
|
|
|
|
inner: inner,
|
|
|
|
|
state: state,
|
2018-05-08 10:12:57 -07:00
|
|
|
value: Some(value),
|
|
|
|
|
}
|
2017-12-28 21:14:04 -08:00
|
|
|
} else {
|
|
|
|
|
RedisSession {
|
|
|
|
|
changed: false,
|
|
|
|
|
inner: inner,
|
|
|
|
|
state: HashMap::new(),
|
2018-05-08 10:12:57 -07:00
|
|
|
value: None,
|
|
|
|
|
}
|
2017-12-28 21:14:04 -08:00
|
|
|
}
|
|
|
|
|
}))
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
struct Inner {
|
2017-12-29 01:10:27 -08:00
|
|
|
key: Key,
|
|
|
|
|
ttl: String,
|
2018-02-15 16:53:05 -08:00
|
|
|
addr: Addr<Unsync, RedisActor>,
|
2018-06-23 12:17:37 +08:00
|
|
|
name: String,
|
|
|
|
|
path: String,
|
|
|
|
|
domain: Option<String>,
|
|
|
|
|
secure: bool,
|
|
|
|
|
max_age: Option<Duration>,
|
|
|
|
|
same_site: Option<SameSite>,
|
2017-12-28 21:14:04 -08:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
impl Inner {
|
2018-01-22 10:50:24 -08:00
|
|
|
#[cfg_attr(feature = "cargo-clippy", allow(type_complexity))]
|
2018-05-08 10:12:57 -07:00
|
|
|
fn load<S>(
|
|
|
|
|
&self, req: &mut HttpRequest<S>,
|
|
|
|
|
) -> Box<Future<Item = Option<(HashMap<String, String>, String)>, Error = Error>>
|
2018-01-22 10:50:24 -08:00
|
|
|
{
|
2017-12-28 21:14:04 -08:00
|
|
|
if let Ok(cookies) = req.cookies() {
|
|
|
|
|
for cookie in cookies {
|
2017-12-29 01:10:27 -08:00
|
|
|
if cookie.name() == self.name {
|
|
|
|
|
let mut jar = CookieJar::new();
|
|
|
|
|
jar.add_original(cookie.clone());
|
|
|
|
|
if let Some(cookie) = jar.signed(&self.key).get(&self.name) {
|
|
|
|
|
let value = cookie.value().to_owned();
|
|
|
|
|
return Box::new(
|
2018-05-08 10:12:57 -07:00
|
|
|
self.addr
|
|
|
|
|
.send(Command(resp_array!["GET", cookie.value()]))
|
2017-12-29 01:10:27 -08:00
|
|
|
.map_err(Error::from)
|
2018-01-22 10:50:24 -08:00
|
|
|
.and_then(move |res| match res {
|
|
|
|
|
Ok(val) => {
|
|
|
|
|
match val {
|
2018-05-08 10:12:57 -07:00
|
|
|
RespValue::Error(err) => {
|
2018-01-22 10:50:24 -08:00
|
|
|
return Err(
|
2018-05-08 10:12:57 -07:00
|
|
|
error::ErrorInternalServerError(err)
|
|
|
|
|
.into(),
|
|
|
|
|
)
|
|
|
|
|
}
|
|
|
|
|
RespValue::SimpleString(s) => {
|
|
|
|
|
if let Ok(val) = serde_json::from_str(&s)
|
|
|
|
|
{
|
|
|
|
|
return Ok(Some((val, value)));
|
|
|
|
|
}
|
|
|
|
|
}
|
2018-01-22 10:50:24 -08:00
|
|
|
RespValue::BulkString(s) => {
|
2018-05-08 10:12:57 -07:00
|
|
|
if let Ok(val) =
|
|
|
|
|
serde_json::from_slice(&s)
|
|
|
|
|
{
|
|
|
|
|
return Ok(Some((val, value)));
|
2018-01-22 10:50:24 -08:00
|
|
|
}
|
2018-05-08 10:12:57 -07:00
|
|
|
}
|
2018-01-22 10:50:24 -08:00
|
|
|
_ => (),
|
|
|
|
|
}
|
|
|
|
|
Ok(None)
|
2018-05-08 10:12:57 -07:00
|
|
|
}
|
|
|
|
|
Err(err) => {
|
|
|
|
|
Err(error::ErrorInternalServerError(err).into())
|
|
|
|
|
}
|
|
|
|
|
}),
|
|
|
|
|
);
|
2017-12-29 01:10:27 -08:00
|
|
|
} else {
|
2018-05-08 10:12:57 -07:00
|
|
|
return Box::new(FutOk(None));
|
2017-12-29 01:10:27 -08:00
|
|
|
}
|
2017-12-28 21:14:04 -08:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
Box::new(FutOk(None))
|
|
|
|
|
}
|
|
|
|
|
|
2018-05-08 10:12:57 -07:00
|
|
|
fn update(
|
|
|
|
|
&self, state: &HashMap<String, String>, mut resp: HttpResponse,
|
|
|
|
|
value: Option<&String>,
|
|
|
|
|
) -> Box<Future<Item = HttpResponse, Error = Error>> {
|
2017-12-29 01:10:27 -08:00
|
|
|
let (value, jar) = if let Some(value) = value {
|
|
|
|
|
(value.clone(), None)
|
|
|
|
|
} else {
|
|
|
|
|
let mut rng = rand::OsRng::new().unwrap();
|
|
|
|
|
let value = String::from_iter(rng.gen_ascii_chars().take(32));
|
|
|
|
|
|
|
|
|
|
let mut cookie = Cookie::new(self.name.clone(), value.clone());
|
2018-06-23 12:17:37 +08:00
|
|
|
cookie.set_path(self.path.clone());
|
|
|
|
|
cookie.set_secure(self.secure);
|
2017-12-29 01:10:27 -08:00
|
|
|
cookie.set_http_only(true);
|
|
|
|
|
|
2018-06-23 12:17:37 +08:00
|
|
|
if let Some(ref domain) = self.domain {
|
|
|
|
|
cookie.set_domain(domain.clone());
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if let Some(max_age) = self.max_age {
|
|
|
|
|
cookie.set_max_age(max_age);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if let Some(same_site) = self.same_site {
|
|
|
|
|
cookie.set_same_site(same_site);
|
|
|
|
|
}
|
|
|
|
|
|
2017-12-29 01:10:27 -08:00
|
|
|
// set cookie
|
|
|
|
|
let mut jar = CookieJar::new();
|
|
|
|
|
jar.signed(&self.key).add(cookie);
|
|
|
|
|
|
|
|
|
|
(value, Some(jar))
|
|
|
|
|
};
|
|
|
|
|
|
2018-05-08 10:12:57 -07:00
|
|
|
Box::new(match serde_json::to_string(state) {
|
|
|
|
|
Err(e) => Either::A(FutErr(e.into())),
|
|
|
|
|
Ok(body) => Either::B(
|
|
|
|
|
self.addr
|
|
|
|
|
.send(Command(resp_array![
|
|
|
|
|
"SET", value, body, "EX", &self.ttl
|
|
|
|
|
]))
|
|
|
|
|
.map_err(Error::from)
|
|
|
|
|
.and_then(move |res| match res {
|
|
|
|
|
Ok(_) => {
|
|
|
|
|
if let Some(jar) = jar {
|
|
|
|
|
for cookie in jar.delta() {
|
|
|
|
|
let val =
|
|
|
|
|
HeaderValue::from_str(&cookie.to_string())?;
|
|
|
|
|
resp.headers_mut().append(header::SET_COOKIE, val);
|
2017-12-28 21:14:04 -08:00
|
|
|
}
|
2018-05-08 10:12:57 -07:00
|
|
|
}
|
|
|
|
|
Ok(resp)
|
|
|
|
|
}
|
|
|
|
|
Err(err) => Err(error::ErrorInternalServerError(err).into()),
|
|
|
|
|
}),
|
|
|
|
|
),
|
|
|
|
|
})
|
2017-12-28 21:14:04 -08:00
|
|
|
}
|
|
|
|
|
}
|
