Tsumanu/actix-admin
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

add example with login

Browse Source
This commit is contained in:
manuel 2022-08-06 21:49:52 +02:00
parent 77bfb05f20
commit 75a409cd73
15 changed files with 102 additions and 248 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
.gitignore vendored
View File

@ -15,4 +15,7 @@ Cargo.lock
/target
database.db
database.*
database.db-wal
database.db-wal
*.secret
*.env
example/.env

1
Cargo.toml
View File

@ -5,6 +5,7 @@ edition = "2021"
[dependencies]
actix-web = "4.0.1"
actix-session = { version = "0.7.1", features = [] }
actix-multipart = "0.4.0"
futures-util = "0.3.21"
chrono = "0.4.20"

21
azure_auth/Cargo.toml
View File

@ -1,21 +0,0 @@
[package]
name = "azure_auth"
version = "0.1.0"
edition = "2021"
[dependencies]
actix-web = "4.0.1"
actix-rt = "2.7.0"
actix-session = "0.5.0"
oauth2 = "4.1"
base64 = "0.13.0"
async-trait = "0.1.53"
rand = "0.8.5"
url = "2.2.2"
http = "0.2.6"
dotenv = "0.15"
futures = "0.3.21"
serde = "1.0.136"
serde_json = "1.0.79"
serde_derive = "1.0.136"

160
azure_auth/src/lib.rs
View File

@ -1,160 +0,0 @@
#[macro_use]
extern crate serde_derive;
use actix_session::{Session};
use actix_web::http::header;
use actix_web::{web, HttpResponse};
use http::{HeaderMap, Method};
use oauth2::basic::BasicClient;
use oauth2::reqwest::async_http_client;
use oauth2::{
AccessToken, AuthorizationCode, CsrfToken, //PkceCodeChallenge,
Scope, TokenResponse
};
use std::str;
use url::Url;
use oauth2::{
AuthUrl, ClientId, ClientSecret, TokenUrl,
};
#[allow(non_snake_case)]
#[derive(Serialize, Deserialize, Debug)]
pub struct UserInfo {
mail: String,
userPrincipalName: String,
displayName: String,
givenName: String,
surname: String,
id: String,
}
// AppDataTrait
pub trait AppDataTrait {
fn get_oauth(&self) -> &BasicClient;
}
#[derive(Clone, Debug)]
pub struct AzureAuth {
auth_url: AuthUrl,
token_url: TokenUrl,
client_id: ClientId,
client_secret: ClientSecret
}
impl AzureAuth {
pub fn new(oauth2_server: &String, client_id: &String, client_secret: &String) -> Self {
let azure_auth = AzureAuth {
auth_url: AuthUrl::new(format!("https://{}/oauth2/v2.0/authorize", oauth2_server)).expect("Invalid authorization endpoint URL"),
token_url: TokenUrl::new(format!("https://{}/oauth2/v2.0/token", oauth2_server)).expect("Invalid token endpoint URL"),
client_id: ClientId::new(client_id.clone()),
client_secret: ClientSecret::new(client_secret.clone())
};
azure_auth
}
pub fn get_api_base_url() -> &'static str {
"https://graph.microsoft.com/v1.0"
}
pub fn get_oauth_client(self) -> BasicClient {
BasicClient::new(
self.client_id,
Some(self.client_secret),
self.auth_url,
Some(self.token_url),
)
}
pub fn create_scope<T: AppDataTrait + 'static>(self) -> actix_web::Scope {
let scope = web::scope("/auth")
.route("/login", web::get().to(login::<T>))
.route("/logout", web::get().to(logout))
.route("/auth", web::get().to(auth::<T>))
;
scope
}
}
pub async fn login<T: AppDataTrait>(data: web::Data<T>) -> HttpResponse {
// Create a PKCE code verifier and SHA-256 encode it as a code challenge.
// let (_pkce_code_challenge, _pkce_code_verifier) = PkceCodeChallenge::new_random_sha256();
// Generate the authorization URL to which we'll redirect the user.
let (auth_url, _csrf_token) = &data
.get_oauth()
.authorize_url(CsrfToken::new_random)
// Set the desired scopes.
.add_scope(Scope::new("openid".to_string()))
// Set the PKCE code challenge, need to pass verifier to /auth.
//.set_pkce_challenge(pkce_code_challenge)
.url();
HttpResponse::Found()
.append_header((header::LOCATION, auth_url.to_string()))
.finish()
}
pub async fn logout(session: Session) -> HttpResponse {
session.remove("user_info");
HttpResponse::Found()
.append_header((header::LOCATION, "/".to_string()))
.finish()
}
async fn read_user(api_base_url: &str, access_token: &AccessToken) -> UserInfo {
let url = Url::parse(format!("{}/me", api_base_url).as_str()).unwrap();
let mut headers = HeaderMap::new();
headers.insert(
"Authorization",
format!("Bearer {}", access_token.secret()).parse().unwrap(),
);
let resp = async_http_client(oauth2::HttpRequest {
url,
method: Method::GET,
headers: headers,
body: Vec::new(),
})
.await
.expect("Request failed");
let s: &str = match str::from_utf8(&resp.body) {
Ok(v) => v,
Err(e) => panic!("Invalid UTF-8 sequence: {}", e),
};
serde_json::from_slice(&resp.body).unwrap()
}
#[derive(Deserialize)]
pub struct AuthRequest {
code: String,
state: String,
}
pub async fn auth<T: AppDataTrait>(
session: Session,
data: web::Data<T>,
params: web::Query<AuthRequest>,
) -> HttpResponse {
let code = AuthorizationCode::new(params.code.clone());
let _state = CsrfToken::new(params.state.clone());
let api_base_url = AzureAuth::get_api_base_url();
// Exchange the code with a token.
let token = &data
.get_oauth()
.exchange_code(code)
//.set_pkce_verifier()
.request_async(async_http_client)
.await
.expect("exchange_code failed");
let user_info = read_user(api_base_url, token.access_token()).await;
session.insert("user_info", &user_info).unwrap();
HttpResponse::Found().append_header(("location", "/")).finish()
}

6
example/.env.example
View File

@ -1,4 +1,4 @@
DATABASE_URL=sqlite://database.db
OAUTH2_CLIENT_SECRET=
OAUTH2_CLIENT_ID=
OAUTH2_SERVER=
OAUTH2_CLIENT_SECRET= "TODO"
OAUTH2_CLIENT_ID= "TODO"
OAUTH2_SERVER= URL + TenantId like "login.microsoftonline.com/a5f5xxxx-xxxx-414a-8463-xxxxxxxxxxxxx"

22
example/azure_auth/src/lib.rs
View File

@ -20,13 +20,7 @@ use oauth2::{
#[allow(non_snake_case)]
#[derive(Serialize, Deserialize, Debug)]
pub struct UserInfo {
mail: String,
userPrincipalName: String,
displayName: String,
givenName: String,
surname: String,
id: String,
role: String
userPrincipalName: String
}
// AppDataTrait
@ -68,7 +62,7 @@ impl AzureAuth {
}
pub fn create_scope<T: AppDataTrait + 'static>(self) -> actix_web::Scope {
let scope = web::scope("/auth")
let scope = web::scope("/azure-auth")
.route("/login", web::get().to(login::<T>))
.route("/logout", web::get().to(logout))
.route("/auth", web::get().to(auth::<T>))
@ -87,6 +81,9 @@ pub async fn login<T: AppDataTrait>(data: web::Data<T>) -> HttpResponse {
.authorize_url(CsrfToken::new_random)
// Set the desired scopes.
.add_scope(Scope::new("openid".to_string()))
.add_scope(Scope::new("email".to_string()))
.add_scope(Scope::new("profile".to_string()))
.add_scope(Scope::new("offline_access".to_string()))
// Set the PKCE code challenge, need to pass verifier to /auth.
//.set_pkce_challenge(pkce_code_challenge)
.url();
@ -121,10 +118,11 @@ async fn read_user(api_base_url: &str, access_token: &AccessToken) -> UserInfo {
.await
.expect("Request failed");
let s: &str = match str::from_utf8(&resp.body) {
Ok(v) => v,
Err(e) => panic!("Invalid UTF-8 sequence: {}", e),
};
// let s: &str = match str::from_utf8(&resp.body) {
// Ok(v) => v,
// Err(e) => panic!("Invalid UTF-8 sequence: {}", e),
// };
// println!("{:?}", s);
serde_json::from_slice(&resp.body).unwrap()
}

15
example/src/main.rs
View File

@ -40,9 +40,9 @@ impl AzureAuthAppDataTrait for AppState {
async fn index(session: Session, data: web::Data<AppState>) -> HttpResponse {
let login = session.get::<UserInfo>("user_info").unwrap();
let web_auth_link = if login.is_some() {
"/auth/logout"
"azure-auth/logout"
} else {
"/auth/login"
"azure-auth/login"
};
let mut ctx = Context::new();
@ -55,7 +55,14 @@ fn create_actix_admin_builder() -> ActixAdminBuilder {
let post_view_model = ActixAdminViewModel::from(Post);
let comment_view_model = ActixAdminViewModel::from(Comment);
let mut admin_builder = ActixAdminBuilder::new();
let configuration = ActixAdminConfiguration {
enable_auth: true,
user_is_logged_in: Some(|session: Session| -> bool { session.get::<UserInfo>("user_info").unwrap().is_some() }),
login_link: "/azure-auth/login".to_string(),
logout_link: "/azure-auth/logout".to_string()
};
let mut admin_builder = ActixAdminBuilder::new(configuration);
admin_builder.add_entity::<AppState, Post>(&post_view_model);
admin_builder.add_entity::<AppState, Comment>(&comment_view_model);
@ -79,7 +86,7 @@ async fn main() {
.get_oauth_client()
// This example will be running its own server at 127.0.0.1:5000.
.set_redirect_uri(
RedirectUrl::new("http://localhost:5000/auth".to_string())
RedirectUrl::new("http://localhost:5000/azure-auth/auth".to_string())
.expect("Invalid redirect URL"),
);

4
example/templates/base.html
View File

@ -2,9 +2,9 @@
<html>
<head>
<meta charset="utf-8">
<title>Actix Web</title>
<title>Actix Admin Example</title>
<link rel="stylesheet" href="https://unpkg.com/@picocss/pico@latest/css/pico.classless.min.css">
<link rel="stylesheet" href="https://cdn.jsdelivr.net/npm/bulma@0.9.4/css/bulma.min.css">
</head>
<body>

5
example/templates/index.html
View File

@ -1,5 +1,8 @@
{% extends "base.html" %}
{% block content %}
<a href="/{{ web_auth_link }}">{{ web_auth_link }}</a>
<ul>
<li><a href="/{{ web_auth_link }}">Auth-Example</a></li>
<li><a href="/admin/">Actix-Admin</a></li>
</ul>
{% endblock content %}

8
example/templates/list.html
View File

@ -1,8 +0,0 @@
{% extends "base.html" %}
{% block content %}
<p>posts: {{ posts }}</p>
<p>page: {{ page }}</p>
<p>posts_per_page: {{ posts_per_page }}</p>
<p>num_pages: {{ num_pages }}</p>
{% endblock content %}

5
src/builder.rs
View File

@ -11,7 +11,7 @@ pub struct ActixAdminBuilder {
}
pub trait ActixAdminBuilderTrait {
fn new() -> Self;
fn new(configuration: ActixAdminConfiguration) -> Self;
fn add_entity<T: ActixAdminAppDataTrait + 'static, E: ActixAdminViewModelTrait + 'static>(
&mut self,
view_model: &ActixAdminViewModel,
@ -21,11 +21,12 @@ pub trait ActixAdminBuilderTrait {
}
impl ActixAdminBuilderTrait for ActixAdminBuilder {
fn new() -> Self {
fn new(configuration: ActixAdminConfiguration) -> Self {
ActixAdminBuilder {
actix_admin: ActixAdmin {
entity_names: Vec::new(),
view_models: HashMap::new(),
configuration: configuration
},
scopes: Vec::new(),
}

14
src/lib.rs
View File

@ -3,6 +3,7 @@ use sea_orm::DatabaseConnection;
use std::collections::HashMap;
use tera::{Tera, Result, to_value, try_get_value };
use std::{ hash::BuildHasher};
use actix_session::{Session};
pub mod view_model;
pub mod model;
@ -14,7 +15,7 @@ pub mod prelude {
pub use crate::model::{ ActixAdminModel, ActixAdminModelTrait};
pub use crate::view_model::{ ActixAdminViewModel, ActixAdminViewModelTrait, ActixAdminViewModelField, ActixAdminViewModelFieldType };
pub use actix_admin_macros::{ DeriveActixAdminModel, DeriveActixAdminSelectList };
pub use crate::{ ActixAdminAppDataTrait, ActixAdmin };
pub use crate::{ ActixAdminAppDataTrait, ActixAdmin, ActixAdminConfiguration };
pub use crate::{ hashmap, ActixAdminSelectListTrait };
}
@ -91,9 +92,18 @@ pub trait ActixAdminSelectListTrait {
fn get_key_value() -> Vec<(String, String)>;
}
// ActixAdminModel
#[derive(Clone, Debug)]
pub struct ActixAdminConfiguration {
pub enable_auth: bool,
pub user_is_logged_in: Option<fn(Session) -> bool>,
pub login_link: String,
pub logout_link: String
}
#[derive(Clone, Debug)]
pub struct ActixAdmin {
pub entity_names: Vec<String>,
pub view_models: HashMap<String, ActixAdminViewModel>,
pub configuration: ActixAdminConfiguration,
}

1
src/model.rs
View File

@ -6,7 +6,6 @@ use std::collections::HashMap;
use actix_multipart:: {Multipart, MultipartError} ;
use futures_util::stream::StreamExt as _;
use chrono::{NaiveDateTime, NaiveDate};
use sea_orm::prelude::*;
#[async_trait]
pub trait ActixAdminModelTrait {

15
src/routes/index.rs
View File

@ -1,15 +1,28 @@
use actix_web::{error, web, Error, HttpResponse};
use actix_session::{Session};
use tera::{Context};
use crate::prelude::*;
use crate::TERA;
pub async fn index<T: ActixAdminAppDataTrait>(data: web::Data<T>) -> Result<HttpResponse, Error> {
pub async fn index<T: ActixAdminAppDataTrait>(session: Session, data: web::Data<T>) -> Result<HttpResponse, Error> {
let entity_names = &data.get_actix_admin().entity_names;
let actix_admin = data.get_actix_admin();
let mut ctx = Context::new();
ctx.insert("entity_names", &entity_names);
let enable_auth = &actix_admin.configuration.enable_auth;
ctx.insert("enable_auth", &enable_auth);
if *enable_auth {
println!("auth enabled");
let func = &actix_admin.configuration.user_is_logged_in.unwrap();
ctx.insert("user_is_logged_in", &func(session));
ctx.insert("login_link", &actix_admin.configuration.login_link);
ctx.insert("logout_link", &actix_admin.configuration.logout_link);
}
let body = TERA
.render("index.html", &ctx)
.map_err(|_| error::ErrorInternalServerError("Template error"))?;

68
templates/header.html
View File

@ -1,32 +1,40 @@
<nav class="navbar is-dark mb-4" role="navigation" aria-label="main navigation">
<div class="navbar-brand">
<a class="navbar-item" href="/admin/">
Actix Admin
</a>
<a role="button" class="navbar-burger" aria-label="menu" aria-expanded="false" data-target="navbarBasicExample">
<span aria-hidden="true"></span>
<span aria-hidden="true"></span>
<span aria-hidden="true"></span>
</a>
</div>
<div id="navbarBasicExample" class="navbar-menu">
<div class="navbar-start">
{% for entity_name in entity_names -%}
<a href="/admin/{{ entity_name }}/list" class="navbar-item">{{ entity_name | title }}</a>
{%- endfor %}
<nav class="navbar is-dark mb-4" role="navigation" aria-label="main navigation">
<div class="navbar-brand">
<a class="navbar-item" href="/admin/">
Actix Admin
</a>
</div>
<div class="navbar-end">
<div class="navbar-item">
<div class="buttons">
<a class="button is-light">
Log in
</a>
</div>
</div>
</div>
<a role="button" class="navbar-burger" aria-label="menu" aria-expanded="false" data-target="navbarBasicExample">
<span aria-hidden="true"></span>
<span aria-hidden="true"></span>
<span aria-hidden="true"></span>
</a>
</div>
<div id="navbarBasicExample" class="navbar-menu">
<div class="navbar-start">
{% for entity_name in entity_names -%}
<a href="/admin/{{ entity_name }}/list" class="navbar-item">{{ entity_name | title }}</a>
{%- endfor %}
</div>
<div class="navbar-end">
<div class="navbar-item">
<div class="buttons">
{% if enable_auth %}
{% if user_is_logged_in %}
<a href="{{ logout_link }}" class="button is-light">
Log out
</a>
{% else %}
<a href="{{ login_link }}" class="button is-light">
Log in
</a>
{% endif %}
{% endif %}
</div>
</nav>
</div>
</div>
</div>
</nav>