Parse token hash at startup

2019-10-21 11:19:54 -04:00 · 2019-10-21 11:19:54 -04:00 · 23d12a80fb
parent c3aee8b422
commit 23d12a80fb
3 changed files with 45 additions and 9 deletions
--- a/src/main.rs
+++ b/src/main.rs
@ -14,6 +14,11 @@ use diesel::r2d2::{self, ConnectionManager};
 use diesel::sqlite::SqliteConnection;
 use std::process;

+#[cfg(feature = "dev")]
+use dotenv;
+#[cfg(not(feature = "dev"))]
+use std::fs;
+
 pub mod models;
 pub mod queries;
 pub mod routes;
@ -32,7 +37,6 @@ fn main() {
        {
            Config::debug()
        }
-
        #[cfg(not(feature = "dev"))]
        {
            setup::init()
@ -47,11 +51,29 @@ fn main() {
        process::exit(1);
    });

+    let token = {
+        #[cfg(feature = "dev")]
+        {
+            dotenv::dotenv().ok();
+            let token = get_env!("TOKEN");
+            setup::hash(&token)
+        }
+        #[cfg(not(feature = "dev"))]
+        {
+            let token_path = setup::get_token_path();
+            fs::read(&token_path).unwrap_or_else(|e| {
+                eprintln!("Can't read bearer token hash from disk: {}.", e);
+                process::exit(1);
+            })
+        }
+    };
+
    let port = config.port;
    let max_filesize = (config.max_filesize as f64 * 1.37) as usize;

    HttpServer::new(move || {
        App::new()
+            .data(token.clone())
            .data(config.clone())
            .data(pool.clone())
            .wrap(setup::logger_middleware())
--- a/src/routes.rs
+++ b/src/routes.rs
@ -50,6 +50,7 @@ macro_rules! put_then {
 }

 /// Handles error from single GET queries using find
+#[inline(always)]
 fn find_error<T>(error: BlockingError<diesel::result::Error>) -> Result<T, actix_web::Error> {
    match error {
        BlockingError::Error(e) => match e {
--- a/src/setup.rs
+++ b/src/setup.rs
@ -3,13 +3,12 @@
 use crate::Pool;

 use actix_web::middleware::Logger;
+use blake2::{Blake2b, Digest};
 use diesel::r2d2::{self, ConnectionManager};
 use diesel::sqlite::SqliteConnection;
 use std::env;
 use std::path::PathBuf;

-#[cfg(not(feature = "dev"))]
-use blake2::{Blake2b, Digest};
 #[cfg(not(feature = "dev"))]
 use dirs;
 #[cfg(feature = "dev")]
@ -41,11 +40,27 @@ fn get_config_path() -> PathBuf {
    path
 }

+/// Returns a path to the bearer token hash
+#[cfg(not(feature = "dev"))]
+pub fn get_token_path() -> PathBuf {
+    let mut path = get_data_dir();
+    path.push("token");
+    path
+}
+
+/// Returns the BLAKE2b digest of the input string
+pub fn hash(input: &str) -> Vec<u8> {
+    let mut hasher = Blake2b::new();
+    hasher.input(input);
+    hasher.result().to_vec()
+}
+
 /// Returns an environment variable and panic if it isn't found
 #[cfg(feature = "dev")]
+#[macro_export]
 macro_rules! get_env {
    ($k:literal) => {
-        env::var($k).expect(&format!("Can't find {} environment variable.", $k));
+        std::env::var($k).expect(&format!("Can't find {} environment variable.", $k));
    };
 }

@ -249,11 +264,9 @@ pub fn init() -> Config {
            eprintln!("Can't read token: {}", e);
            process::exit(1);
        });
-        let mut hasher = Blake2b::new();
-        hasher.input(&token);
-        let mut token_path = data_dir.clone();
-        token_path.push("token");
-        fs::write(&token_path, hasher.result().as_slice()).unwrap_or_else(|e| {
+        let token_hash = hash(&token);
+        let token_path = get_token_path();
+        fs::write(&token_path, token_hash.as_slice()).unwrap_or_else(|e| {
            eprintln!("Can't write token: {}", e);
            process::exit(1);
        });