Revert debug auth (#4232)

* Revert "Some changes to help debug auth problems on lemmy.ml (#4220)"

This reverts commit 16ac893e15.

* Rename auth cookie back to jwt
This commit is contained in:
Nutomic 2023-12-05 17:22:08 +01:00 committed by GitHub
parent de85e51fac
commit a790a24c4d
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
6 changed files with 5 additions and 23 deletions

View file

@ -98,6 +98,4 @@
# Sets a response Access-Control-Allow-Origin CORS header # Sets a response Access-Control-Allow-Origin CORS header
# https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Origin # https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Origin
cors_origin: "*" cors_origin: "*"
# Always send cache-control: private header for api responses, avoid problems with wrong caching.
disable_cache_control: true
} }

View file

@ -15,7 +15,6 @@ use lemmy_utils::{
}; };
use std::io::Cursor; use std::io::Cursor;
use totp_rs::{Secret, TOTP}; use totp_rs::{Secret, TOTP};
use tracing::log::warn;
pub mod comment; pub mod comment;
pub mod comment_report; pub mod comment_report;
@ -85,11 +84,6 @@ pub fn read_auth_token(req: &HttpRequest) -> Result<Option<String>, LemmyError>
else if let Some(cookie) = &req.cookie(AUTH_COOKIE_NAME) { else if let Some(cookie) = &req.cookie(AUTH_COOKIE_NAME) {
Ok(Some(cookie.value().to_string())) Ok(Some(cookie.value().to_string()))
} }
// Read old auth cookie
else if let Some(cookie) = &req.cookie("jwt") {
warn!("Falling back to jwt cookie");
Ok(Some(cookie.value().to_string()))
}
// Otherwise, there's no auth // Otherwise, there's no auth
else { else {
Ok(None) Ok(None)

View file

@ -43,7 +43,7 @@ use std::collections::HashSet;
use tracing::warn; use tracing::warn;
use url::{ParseError, Url}; use url::{ParseError, Url};
pub static AUTH_COOKIE_NAME: &str = "auth"; pub static AUTH_COOKIE_NAME: &str = "jwt";
#[tracing::instrument(skip_all)] #[tracing::instrument(skip_all)]
pub async fn is_mod_or_admin( pub async fn is_mod_or_admin(

View file

@ -57,9 +57,6 @@ pub struct Settings {
#[default(None)] #[default(None)]
#[doku(example = "*")] #[doku(example = "*")]
cors_origin: Option<String>, cors_origin: Option<String>,
/// Always send cache-control: private header for api responses, avoid problems with wrong caching.
#[default(None)]
pub disable_cache_control: Option<bool>,
} }
impl Settings { impl Settings {

View file

@ -5,7 +5,7 @@ CWD="$(cd -P -- "$(dirname -- "${BASH_SOURCE[0]}")" && pwd -P)"
cd $CWD/../ cd $CWD/../
cargo clippy --workspace --fix --allow-staged --allow-dirty --tests --all-targets -- -D warnings cargo clippy --workspace --fix --allow-staged --allow-dirty --tests --all-targets --all-features -- -D warnings
# Format rust files # Format rust files
cargo +nightly fmt cargo +nightly fmt

View file

@ -11,7 +11,6 @@ use lemmy_api::{local_user_view_from_jwt, read_auth_token};
use lemmy_api_common::context::LemmyContext; use lemmy_api_common::context::LemmyContext;
use reqwest::header::HeaderValue; use reqwest::header::HeaderValue;
use std::{future::ready, rc::Rc}; use std::{future::ready, rc::Rc};
use tracing::log::warn;
#[derive(Clone)] #[derive(Clone)]
pub struct SessionMiddleware { pub struct SessionMiddleware {
@ -72,11 +71,8 @@ where
// TODO: this means it will be impossible to get any error message for invalid jwt. Need // TODO: this means it will be impossible to get any error message for invalid jwt. Need
// to add a separate endpoint for that. // to add a separate endpoint for that.
// https://github.com/LemmyNet/lemmy/issues/3702 // https://github.com/LemmyNet/lemmy/issues/3702
let local_user_view = local_user_view_from_jwt(jwt, &context).await; let local_user_view = local_user_view_from_jwt(jwt, &context).await.ok();
if let Err(e) = &local_user_view { if let Some(local_user_view) = local_user_view {
warn!("Failed to handle user login: {e}");
}
if let Ok(local_user_view) = local_user_view {
req.extensions_mut().insert(local_user_view); req.extensions_mut().insert(local_user_view);
} }
} }
@ -85,14 +81,11 @@ where
// Add cache-control header. If user is authenticated, mark as private. Otherwise cache // Add cache-control header. If user is authenticated, mark as private. Otherwise cache
// up to one minute. // up to one minute.
let cache_value = if jwt.is_some() {
let disable_cache = context.settings().disable_cache_control.unwrap_or(false);
let cache_value = if jwt.is_some() || disable_cache {
"private" "private"
} else { } else {
"public, max-age=60" "public, max-age=60"
}; };
res res
.headers_mut() .headers_mut()
.insert(CACHE_CONTROL, HeaderValue::from_static(cache_value)); .insert(CACHE_CONTROL, HeaderValue::from_static(cache_value));