Dramatically simplify the certificate example
This commit is contained in:
parent
f922f8c70d
commit
b265ae985c
|
@ -1,12 +1,9 @@
|
||||||
use anyhow::*;
|
use anyhow::Result;
|
||||||
use log::LevelFilter;
|
use log::LevelFilter;
|
||||||
use tokio::sync::RwLock;
|
|
||||||
use kochab::{Certificate, Request, Response, Server};
|
|
||||||
use std::collections::HashMap;
|
|
||||||
use std::sync::Arc;
|
|
||||||
|
|
||||||
// Workaround for Certificates not being hashable
|
use std::fmt::Write;
|
||||||
type CertBytes = Vec<u8>;
|
|
||||||
|
use kochab::{Request, Response, Server};
|
||||||
|
|
||||||
#[tokio::main]
|
#[tokio::main]
|
||||||
async fn main() -> Result<()> {
|
async fn main() -> Result<()> {
|
||||||
|
@ -14,53 +11,23 @@ async fn main() -> Result<()> {
|
||||||
.filter_module("kochab", LevelFilter::Debug)
|
.filter_module("kochab", LevelFilter::Debug)
|
||||||
.init();
|
.init();
|
||||||
|
|
||||||
let users = Arc::<RwLock::<HashMap<CertBytes, String>>>::default();
|
|
||||||
|
|
||||||
Server::new()
|
Server::new()
|
||||||
.add_route("/", move|req| handle_request(users.clone(), req))
|
.add_route("/", handle_request)
|
||||||
.serve_unix("kochab.sock")
|
.serve_unix("kochab.sock")
|
||||||
.await
|
.await
|
||||||
}
|
}
|
||||||
|
|
||||||
/// An ultra-simple demonstration of simple authentication.
|
async fn handle_request(request: Request) -> Result<Response> {
|
||||||
///
|
if let Some(fingerprint) = request.certificate() {
|
||||||
/// If the user attempts to connect, they will be prompted to create a client certificate.
|
let mut message = String::from("You connected with a certificate with a fingerprint of:\n");
|
||||||
/// Once they've made one, they'll be given the opportunity to create an account by
|
|
||||||
/// selecting a username. They'll then get a message confirming their account creation.
|
for byte in fingerprint {
|
||||||
/// Any time this user visits the site in the future, they'll get a personalized welcome
|
write!(&mut message, "{:x}", byte).unwrap();
|
||||||
/// message.
|
|
||||||
async fn handle_request(users: Arc<RwLock<HashMap<CertBytes, String>>>, request: Request) -> Result<Response> {
|
|
||||||
if let Some(Certificate(cert_bytes)) = request.certificate() {
|
|
||||||
// The user provided a certificate
|
|
||||||
let users_read = users.read().await;
|
|
||||||
if let Some(user) = users_read.get(cert_bytes) {
|
|
||||||
// The user has already registered
|
|
||||||
Ok(
|
|
||||||
Response::success_gemini(format!("Welcome {}!", user))
|
|
||||||
)
|
|
||||||
} else {
|
|
||||||
// The user still needs to register
|
|
||||||
drop(users_read);
|
|
||||||
if let Some(query_part) = request.uri().query() {
|
|
||||||
// The user provided some input (a username request)
|
|
||||||
let username = query_part.as_str();
|
|
||||||
let mut users_write = users.write().await;
|
|
||||||
users_write.insert(cert_bytes.clone(), username.to_owned());
|
|
||||||
Ok(
|
|
||||||
Response::success_gemini(
|
|
||||||
format!(
|
|
||||||
"Your account has been created {}! Welcome!",
|
|
||||||
username
|
|
||||||
)
|
|
||||||
)
|
|
||||||
)
|
|
||||||
} else {
|
|
||||||
// The user didn't provide input, and should be prompted
|
|
||||||
Response::input("What username would you like?")
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
Ok(Response::success_plain(message))
|
||||||
} else {
|
} else {
|
||||||
// The user didn't provide a certificate
|
// The user didn't provide a certificate
|
||||||
Ok(Response::client_certificate_required())
|
Ok(Response::client_certificate_required("You didn't provide a client certificate"))
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue