diff --git a/Cargo.lock b/Cargo.lock index 6490c01..73bbc94 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -35,7 +35,7 @@ dependencies = [ "brotli", "bytes", "bytestring", - "derive_more", + "derive_more 0.99.18", "encoding_rs", "flate2", "futures-core", @@ -123,15 +123,15 @@ dependencies = [ [[package]] name = "actix-session" -version = "0.10.0" +version = "0.10.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "ac013ca53d36acb0cc60f5437381c97c291f51a12a5bd8d02febc3a3aaf53390" +checksum = "efe6976a74f34f1b6d07a6c05aadc0ed0359304a7781c367fa5b4029418db08f" dependencies = [ "actix-service", "actix-utils", "actix-web", "anyhow", - "derive_more", + "derive_more 1.0.0", "rand", "redis", "serde", @@ -169,7 +169,7 @@ dependencies = [ "bytestring", "cfg-if", "cookie 0.16.2", - "derive_more", + "derive_more 0.99.18", "encoding_rs", "futures-core", "futures-util", @@ -335,9 +335,9 @@ dependencies = [ [[package]] name = "anyhow" -version = "1.0.86" +version = "1.0.89" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b3d1d046238990b9cf5bcde22a3fb3584ee5cf65fb2765f454ed428c7a0063da" +checksum = "86fdf8605db99b54d3cd748a44c6d04df638eb5dafb219b135d0149bd0db01f6" [[package]] name = "arc-swap" @@ -420,12 +420,6 @@ version = "0.20.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "0ea22880d78093b0cbe17c89f64a7d457941e65759157ec6cb31a31d652b05e5" -[[package]] -name = "base64" -version = "0.21.7" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "9d297deb1925b89f2ccc13d7635fa0714f12c87adce1c75356b39ca9b7178567" - [[package]] name = "base64" version = "0.22.1" @@ -796,6 +790,27 @@ dependencies = [ "syn 2.0.76", ] +[[package]] +name = "derive_more" +version = "1.0.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "4a9b99b9cbbe49445b21764dc0625032a89b145a2642e67603e1c936f5458d05" +dependencies = [ + "derive_more-impl", +] + +[[package]] +name = "derive_more-impl" +version = "1.0.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "cb7330aeadfbe296029522e6c40f315320aba36fc43a5b3632f3795348f3bd22" +dependencies = [ + "proc-macro2", + "quote", + "syn 2.0.76", + "unicode-xid", +] + [[package]] name = "deunicode" version = "1.6.0" @@ -888,9 +903,9 @@ dependencies = [ [[package]] name = "fake" -version = "2.9.2" +version = "2.10.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "1c25829bde82205da46e1823b2259db6273379f626fc211f126f65654a2669be" +checksum = "2d391ba4af7f1d93f01fcf7b2f29e2bc9348e109dfdbf4dcbdc51dfa38dab0b6" dependencies = [ "deunicode", "rand", @@ -1563,9 +1578,9 @@ dependencies = [ [[package]] name = "mutually_exclusive_features" -version = "0.0.3" +version = "0.1.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "6d02c0b00610773bb7fc61d85e13d86c7858cbdf00e1a120bfc41bc055dbaa0e" +checksum = "e94e1e6445d314f972ff7395df2de295fe51b71821694f0b0e1e79c4f12c8577" [[package]] name = "nom" @@ -2078,9 +2093,9 @@ checksum = "7a66a03ae7c801facd77a29370b4faec201768915ac14a721ba36f20bc9c209b" [[package]] name = "reqwest" -version = "0.12.7" +version = "0.12.8" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f8f4955649ef5c38cc7f9e8aa41761d48fb9677197daea9984dc54f56aad5e63" +checksum = "f713147fbe92361e52392c73b8c9e48c04c6625bce969ef54dc901e58e042a7b" dependencies = [ "base64 0.22.1", "bytes", @@ -2266,9 +2281,9 @@ checksum = "94143f37725109f92c262ed2cf5e59bce7498c01bcc1502d7b9afe439a4e9f49" [[package]] name = "secrecy" -version = "0.8.0" +version = "0.10.3" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "9bd1c54ea06cfd2f6b63219704de0b9b4f72dcc2b8fdef820be6cd799780e91e" +checksum = "e891af845473308773346dc847b2c23ee78fe442e0472ac50e22a18a93d3ae5a" dependencies = [ "serde", "zeroize", @@ -2305,9 +2320,9 @@ checksum = "61697e0a1c7e512e84a621326239844a24d8207b4669b41bc18b32ea5cbf988b" [[package]] name = "serde" -version = "1.0.209" +version = "1.0.210" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "99fce0ffe7310761ca6bf9faf5115afbc19688edd00171d81b1bb1b116c63e09" +checksum = "c8e3592472072e6e22e0a54d5904d9febf8508f65fb8552499a1abc7d1078c3a" dependencies = [ "serde_derive", ] @@ -2325,9 +2340,9 @@ dependencies = [ [[package]] name = "serde_derive" -version = "1.0.209" +version = "1.0.210" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a5831b979fd7b5439637af1752d535ff49f4860c0f341d1baeb6faf0f4242170" +checksum = "243902eda00fad750862fc144cea25caca5e20d615af0a81bee94ca738f1df1f" dependencies = [ "proc-macro2", "quote", @@ -2336,9 +2351,9 @@ dependencies = [ [[package]] name = "serde_json" -version = "1.0.127" +version = "1.0.129" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "8043c06d9f82bd7271361ed64f415fe5e12a77fdb52e573e7f06a516dea329ad" +checksum = "6dbcf9b78a125ee667ae19388837dd12294b858d101fdd393cb9d5501ef09eb2" dependencies = [ "itoa", "memchr", @@ -2473,9 +2488,9 @@ dependencies = [ [[package]] name = "sqlx" -version = "0.8.1" +version = "0.8.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "fcfa89bea9500db4a0d038513d7a060566bfc51d46d1c014847049a45cce85e8" +checksum = "93334716a037193fac19df402f8571269c84a00852f6a7066b5d2616dcd64d3e" dependencies = [ "sqlx-core", "sqlx-macros", @@ -2486,9 +2501,9 @@ dependencies = [ [[package]] name = "sqlx-core" -version = "0.8.1" +version = "0.8.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d06e2f2bd861719b1f3f0c7dbe1d80c30bf59e76cf019f07d9014ed7eefb8e08" +checksum = "d4d8060b456358185f7d50c55d9b5066ad956956fddec42ee2e8567134a8936e" dependencies = [ "atoi", "byteorder", @@ -2530,9 +2545,9 @@ dependencies = [ [[package]] name = "sqlx-macros" -version = "0.8.1" +version = "0.8.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "2f998a9defdbd48ed005a89362bd40dd2117502f15294f61c8d47034107dbbdc" +checksum = "cac0692bcc9de3b073e8d747391827297e075c7710ff6276d9f7a1f3d58c6657" dependencies = [ "proc-macro2", "quote", @@ -2543,9 +2558,9 @@ dependencies = [ [[package]] name = "sqlx-macros-core" -version = "0.8.1" +version = "0.8.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "3d100558134176a2629d46cec0c8891ba0be8910f7896abfdb75ef4ab6f4e7ce" +checksum = "1804e8a7c7865599c9c79be146dc8a9fd8cc86935fa641d3ea58e5f0688abaa5" dependencies = [ "dotenvy", "either", @@ -2569,9 +2584,9 @@ dependencies = [ [[package]] name = "sqlx-mysql" -version = "0.8.1" +version = "0.8.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "936cac0ab331b14cb3921c62156d913e4c15b74fb6ec0f3146bd4ef6e4fb3c12" +checksum = "64bb4714269afa44aef2755150a0fc19d756fb580a67db8885608cf02f47d06a" dependencies = [ "atoi", "base64 0.22.1", @@ -2613,9 +2628,9 @@ dependencies = [ [[package]] name = "sqlx-postgres" -version = "0.8.1" +version = "0.8.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "9734dbce698c67ecf67c442f768a5e90a49b2a4d61a9f1d59f73874bd4cf0710" +checksum = "6fa91a732d854c5d7726349bb4bb879bb9478993ceb764247660aee25f67c2f8" dependencies = [ "atoi", "base64 0.22.1", @@ -2653,9 +2668,9 @@ dependencies = [ [[package]] name = "sqlx-sqlite" -version = "0.8.1" +version = "0.8.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a75b419c3c1b1697833dd927bdc4c6545a620bc1bbafabd44e1efbe9afcd337e" +checksum = "d5b2cf34a45953bfd3daaf3db0f7a7878ab9b7a6b91b422d24a7a9e4c857b680" dependencies = [ "atoi", "chrono", @@ -2739,18 +2754,18 @@ dependencies = [ [[package]] name = "thiserror" -version = "1.0.63" +version = "1.0.64" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c0342370b38b6a11b6cc11d6a805569958d54cfa061a29969c3b5ce2ea405724" +checksum = "d50af8abc119fb8bb6dbabcfa89656f46f84aa0ac7688088608076ad2b459a84" dependencies = [ "thiserror-impl", ] [[package]] name = "thiserror-impl" -version = "1.0.63" +version = "1.0.64" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a4558b58466b9ad7ca0f102865eccc95938dca1a74a856f2b57b6629050da261" +checksum = "08904e7672f5eb876eaaf87e0ce17857500934f4981c4a0ab2b4aa98baac7fc3" dependencies = [ "proc-macro2", "quote", @@ -2929,9 +2944,9 @@ dependencies = [ [[package]] name = "tracing-actix-web" -version = "0.7.11" +version = "0.7.13" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "4ee9e39a66d9b615644893ffc1704d2a89b5b315b7fd0228ad3182ca9a306b19" +checksum = "15bc0cd5f72e837e310f4d978a90abf202a7f7d8ef3272246bae381d0086d3bf" dependencies = [ "actix-web", "mutually_exclusive_features", @@ -3060,9 +3075,15 @@ checksum = "52ea75f83c0137a9b98608359a5f1af8144876eb67bcb1ce837368e906a9f524" [[package]] name = "unicode-segmentation" -version = "1.11.0" +version = "1.12.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d4c87d22b6e3f4a18d4d40ef354e97c90fcb14dd91d7dc0aa9d8a1172ebf7202" +checksum = "f6ccf251212114b54433ec949fd6a7841275f9ada20dddd2f29e9ceea4501493" + +[[package]] +name = "unicode-xid" +version = "0.2.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ebc1c04c71510c7f702b52b7c350734c9ff1295c464a03335b00bb84fc54f853" [[package]] name = "unicode_categories" @@ -3099,9 +3120,9 @@ dependencies = [ [[package]] name = "uuid" -version = "1.10.0" +version = "1.11.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "81dfa00651efa65069b0b6b651f4aaa31ba9e3c3ce0137aaad053604ee7e0314" +checksum = "f8c5f0a0af699448548ad1a2fbf920fb4bee257eae39953ba95cb84891a0446a" dependencies = [ "getrandom", "serde", @@ -3468,13 +3489,13 @@ checksum = "589f6da84c646204747d1270a2a5661ea66ed1cced2631d546fdfb155959f9ec" [[package]] name = "wiremock" -version = "0.6.1" +version = "0.6.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "6a59f8ae78a4737fb724f20106fb35ccb7cfe61ff335665d3042b3aa98e34717" +checksum = "7fff469918e7ca034884c7fd8f93fe27bacb7fcb599fd879df6c7b429a29b646" dependencies = [ "assert-json-diff", "async-trait", - "base64 0.21.7", + "base64 0.22.1", "deadpool", "futures", "http 1.1.0", diff --git a/Cargo.toml b/Cargo.toml index 6a5bcdd..a29fd25 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -13,11 +13,11 @@ path = "src/main.rs" name = "zero2prod" [dependencies] -actix-web = "4" -tokio = { version = "1", features = ["macros", "rt-multi-thread"] } -serde = "1.0.115" -config = { version = "0.14", default-features = false, features = ["yaml"] } -sqlx = { version = "0.8", default-features = false, features = [ +actix-web = "4.9.0" +tokio = { version = "1.40.0", features = ["macros", "rt-multi-thread"] } +serde = "1.0.210" +config = { version = "0.14.0", default-features = false, features = ["yaml"] } +sqlx = { version = "0.8.2", default-features = false, features = [ "runtime-tokio-rustls", "macros", "postgres", @@ -25,38 +25,38 @@ sqlx = { version = "0.8", default-features = false, features = [ "chrono", "migrate", ] } -uuid = { version = "1", features = ["v4", "serde"] } -chrono = { version = "0.4.22", default-features = false, features = ["clock"] } -reqwest = { version = "0.12", default-features = false, features = [ +uuid = { version = "1.11.0", features = ["v4", "serde"] } +chrono = { version = "0.4.38", default-features = false, features = ["clock"] } +reqwest = { version = "0.12.8", default-features = false, features = [ "json", "rustls-tls", "cookies", ] } -log = "0.4" -tracing = "0.1.19" -tracing-subscriber = { version = "0.3", features = ["registry", "env-filter"] } -tracing-bunyan-formatter = "0.3.1" -thiserror = "1.0.24" -serde-aux = "4" -unicode-segmentation = "1.7.1" -rand = { version = "0.8", features = ["std_rng"] } -anyhow = "1.0.40" -base64 = "0.22.0" -argon2 = { version = "0.5", features = ["std"] } -validator = "0.18" +log = "0.4.22" +tracing = "0.1.40" +tracing-subscriber = { version = "0.3.18", features = ["registry", "env-filter"] } +tracing-bunyan-formatter = "0.3.9" +thiserror = "1.0.64" +serde-aux = "4.5.0" +unicode-segmentation = "1.12.0" +rand = { version = "0.8.5", features = ["std_rng"] } +anyhow = "1.0.89" +base64 = "0.22.1" +argon2 = { version = "0.5.3", features = ["std"] } +validator = "0.18.1" tracing-log = "0.2.0" -tracing-actix-web = "0.7" -secrecy = { version = "0.8", features = ["serde"] } -actix-web-flash-messages = { version = "0.5", features = ["cookies"] } -actix-session = { version = "0.10", features = ["redis-session-rustls"] } -serde_json = "1" +tracing-actix-web = "0.7.13" +secrecy = { version = "0.10.3", features = ["serde"] } +actix-web-flash-messages = { version = "0.5.0", features = ["cookies"] } +actix-session = { version = "0.10.1", features = ["redis-session-rustls"] } +serde_json = "1.0.129" [dev-dependencies] quickcheck = "1.0.3" -quickcheck_macros = "1" -fake = "2.9" -wiremock = "0.6" -serde_json = "1.0.61" +quickcheck_macros = "1.0.0" +fake = "2.10.0" +wiremock = "0.6.2" +serde_json = "1.0.129" serde_urlencoded = "0.7.1" linkify = "0.10" -claims = "0.7" +claims = "0.7.1" diff --git a/scripts/init_db.sh b/scripts/init_db.sh index 42625bf..ac5787f 100755 --- a/scripts/init_db.sh +++ b/scripts/init_db.sh @@ -40,7 +40,7 @@ then --publish "${DB_PORT}":5432 \ --detach \ --name "${CONTAINER_NAME}" \ - postgres -N 1000 + postgres:17-alpine -N 1000 # ^ Increased maximum number of connections for testing purposes until [ \ diff --git a/scripts/init_redis.sh b/scripts/init_redis.sh index 44d97b4..0d52e3f 100755 --- a/scripts/init_redis.sh +++ b/scripts/init_redis.sh @@ -15,6 +15,6 @@ docker run \ -p "6379:6379" \ -d \ --name "redis_$(date '+%s')" \ - redis:7 + redis:7-alpine >&2 echo "Redis is ready to go!" \ No newline at end of file diff --git a/src/authentication/password.rs b/src/authentication/password.rs index 5c12360..fbfacc4 100644 --- a/src/authentication/password.rs +++ b/src/authentication/password.rs @@ -2,7 +2,7 @@ use crate::telemetry::spawn_blocking_with_tracing; use anyhow::Context; use argon2::password_hash::SaltString; use argon2::{Algorithm, Argon2, Params, PasswordHash, PasswordHasher, PasswordVerifier, Version}; -use secrecy::{ExposeSecret, Secret}; +use secrecy::{ExposeSecret, SecretBox, SecretString}; use sqlx::PgPool; #[derive(thiserror::Error, Debug)] @@ -15,14 +15,14 @@ pub enum AuthError { pub struct Credentials { pub username: String, - pub password: Secret, + pub password: SecretString, } #[tracing::instrument(name = "Get stored credentials", skip(username, pool))] async fn get_stored_credentials( username: &str, pool: &PgPool, -) -> Result)>, anyhow::Error> { +) -> Result)>, anyhow::Error> { let row = sqlx::query!( r#" SELECT user_id, password_hash @@ -34,7 +34,7 @@ async fn get_stored_credentials( .fetch_optional(pool) .await .context("Failed to performed a query to retrieve stored credentials.")? - .map(|row| (row.user_id, Secret::new(row.password_hash))); + .map(|row| (row.user_id, SecretBox::new(Box::new(row.password_hash)))); Ok(row) } @@ -44,11 +44,11 @@ pub async fn validate_credentials( pool: &PgPool, ) -> Result { let mut user_id = None; - let mut expected_password_hash = Secret::new( - "$argon2id$v=19$m=15000,t=2,p=1$\ + let mut expected_password_hash = SecretBox::new( + Box::new("$argon2id$v=19$m=15000,t=2,p=1$\ gZiV/M1gPc22ElAH/Jh1Hw$\ CWOrkoo7oJBQ/iyh7uJ0LO2aLEfrHwTWllSAxT0zRno" - .to_string(), + .to_string()), ); if let Some((stored_user_id, stored_password_hash)) = @@ -70,12 +70,12 @@ pub async fn validate_credentials( } #[tracing::instrument( - name = "Validate credentials", + name = "Validate credentialsSecret", skip(expected_password_hash, password_candidate) )] fn verify_password_hash( - expected_password_hash: Secret, - password_candidate: Secret, + expected_password_hash: SecretBox, + password_candidate: SecretString, ) -> Result<(), AuthError> { let expected_password_hash = PasswordHash::new(expected_password_hash.expose_secret()) .context("Failed to parse hash in PHC string format.")?; @@ -92,7 +92,7 @@ fn verify_password_hash( #[tracing::instrument(name = "Change password", skip(password, pool))] pub async fn change_password( user_id: uuid::Uuid, - password: Secret, + password: SecretString, pool: &PgPool, ) -> Result<(), anyhow::Error> { let password_hash = spawn_blocking_with_tracing(move || compute_password_hash(password)) @@ -113,7 +113,7 @@ pub async fn change_password( Ok(()) } -fn compute_password_hash(password: Secret) -> Result, anyhow::Error> { +fn compute_password_hash(password: SecretString) -> Result, anyhow::Error> { let salt = SaltString::generate(&mut rand::thread_rng()); let password_hash = Argon2::new( Algorithm::Argon2id, @@ -122,5 +122,5 @@ fn compute_password_hash(password: Secret) -> Result, any ) .hash_password(password.expose_secret().as_bytes(), &salt)? .to_string(); - Ok(Secret::new(password_hash)) + Ok(SecretBox::new(Box::new(password_hash))) } diff --git a/src/configuration.rs b/src/configuration.rs index 1201720..32608b9 100644 --- a/src/configuration.rs +++ b/src/configuration.rs @@ -1,6 +1,6 @@ use crate::domain::SubscriberEmail; use crate::email_client::EmailClient; -use secrecy::{ExposeSecret, Secret}; +use secrecy::{ExposeSecret, SecretString}; use serde_aux::field_attributes::deserialize_number_from_string; use sqlx::postgres::{PgConnectOptions, PgSslMode}; use std::convert::{TryFrom, TryInto}; @@ -10,7 +10,7 @@ pub struct Settings { pub database: DatabaseSettings, pub application: ApplicationSettings, pub email_client: EmailClientSettings, - pub redis_uri: Secret, + pub redis_uri: SecretString, } #[derive(serde::Deserialize, Clone)] @@ -19,13 +19,13 @@ pub struct ApplicationSettings { pub port: u16, pub host: String, pub base_url: String, - pub hmac_secret: Secret, + pub hmac_secret: SecretString, } #[derive(serde::Deserialize, Clone)] pub struct DatabaseSettings { pub username: String, - pub password: Secret, + pub password: SecretString, #[serde(deserialize_with = "deserialize_number_from_string")] pub port: u16, pub host: String, @@ -54,7 +54,7 @@ impl DatabaseSettings { pub struct EmailClientSettings { pub base_url: String, pub sender_email: String, - pub authorization_token: Secret, + pub authorization_token: SecretString, #[serde(deserialize_with = "deserialize_number_from_string")] pub timeout_milliseconds: u64, } diff --git a/src/email_client.rs b/src/email_client.rs index 36dfba3..cf9b53b 100644 --- a/src/email_client.rs +++ b/src/email_client.rs @@ -1,19 +1,19 @@ use crate::domain::SubscriberEmail; use reqwest::Client; -use secrecy::{ExposeSecret, Secret}; +use secrecy::{ExposeSecret, SecretString}; pub struct EmailClient { http_client: Client, base_url: String, sender: SubscriberEmail, - authorization_token: Secret, + authorization_token: SecretString, } impl EmailClient { pub fn new( base_url: String, sender: SubscriberEmail, - authorization_token: Secret, + authorization_token: SecretString, timeout: std::time::Duration, ) -> Self { let http_client = Client::builder().timeout(timeout).build().unwrap(); @@ -72,7 +72,7 @@ mod tests { use fake::faker::internet::en::SafeEmail; use fake::faker::lorem::en::{Paragraph, Sentence}; use fake::{Fake, Faker}; - use secrecy::Secret; + use secrecy::SecretString; use wiremock::matchers::{any, header, header_exists, method, path}; use wiremock::{Mock, MockServer, Request, ResponseTemplate}; @@ -113,7 +113,7 @@ mod tests { EmailClient::new( base_url, email(), - Secret::new(Faker.fake()), + SecretString::from(Faker.fake::()), std::time::Duration::from_millis(200), ) } diff --git a/src/routes/admin/password/post.rs b/src/routes/admin/password/post.rs index 2f97a29..f8a4c4b 100644 --- a/src/routes/admin/password/post.rs +++ b/src/routes/admin/password/post.rs @@ -3,14 +3,14 @@ use crate::routes::admin::dashboard::get_username; use crate::utils::{e500, see_other}; use actix_web::{web, HttpResponse}; use actix_web_flash_messages::FlashMessage; -use secrecy::{ExposeSecret, Secret}; +use secrecy::{ExposeSecret, SecretString}; use sqlx::PgPool; #[derive(serde::Deserialize)] pub struct FormData { - current_password: Secret, - new_password: Secret, - new_password_check: Secret, + current_password: SecretString, + new_password: SecretString, + new_password_check: SecretString, } pub async fn change_password( diff --git a/src/routes/login/post.rs b/src/routes/login/post.rs index 4c161c3..0a4734b 100644 --- a/src/routes/login/post.rs +++ b/src/routes/login/post.rs @@ -7,13 +7,13 @@ use actix_web::http::header::LOCATION; use actix_web::web; use actix_web::HttpResponse; use actix_web_flash_messages::FlashMessage; -use secrecy::Secret; +use secrecy::SecretString; use sqlx::PgPool; #[derive(serde::Deserialize)] pub struct FormData { username: String, - password: Secret, + password: SecretString, } #[tracing::instrument( diff --git a/src/startup.rs b/src/startup.rs index 8ade551..25589e5 100644 --- a/src/startup.rs +++ b/src/startup.rs @@ -14,7 +14,7 @@ use actix_web::web::Data; use actix_web::{web, App, HttpServer}; use actix_web_flash_messages::storage::CookieMessageStore; use actix_web_flash_messages::FlashMessagesFramework; -use secrecy::{ExposeSecret, Secret}; +use secrecy::{ExposeSecret, SecretString}; use sqlx::postgres::PgPoolOptions; use sqlx::PgPool; use std::net::TcpListener; @@ -69,8 +69,8 @@ async fn run( db_pool: PgPool, email_client: EmailClient, base_url: String, - hmac_secret: Secret, - redis_uri: Secret, + hmac_secret: SecretString, + redis_uri: SecretString, ) -> Result { let db_pool = Data::new(db_pool); let email_client = Data::new(email_client); @@ -115,4 +115,4 @@ async fn run( } #[derive(Clone)] -pub struct HmacSecret(pub Secret); +pub struct HmacSecret(pub SecretString); diff --git a/tests/api/health_check.rs b/tests/api/health_check.rs index ca17875..6ef57dd 100644 --- a/tests/api/health_check.rs +++ b/tests/api/health_check.rs @@ -9,7 +9,7 @@ async fn health_check_works() { // Act let response = client // Use the returned application address - .get(&format!("{}/health_check", &app.address)) + .get(format!("{}/health_check", &app.address)) .send() .await .expect("Failed to execute request."); diff --git a/tests/api/helpers.rs b/tests/api/helpers.rs index 25d4590..79c0cd3 100644 --- a/tests/api/helpers.rs +++ b/tests/api/helpers.rs @@ -1,6 +1,6 @@ use argon2::password_hash::SaltString; use argon2::{Algorithm, Argon2, Params, PasswordHasher, Version}; -use secrecy::Secret; +use secrecy::SecretString; use sqlx::{Connection, Executor, PgConnection, PgPool}; use std::sync::LazyLock; use uuid::Uuid; @@ -55,7 +55,7 @@ impl TestApp { pub async fn post_subscriptions(&self, body: String) -> reqwest::Response { self.api_client - .post(&format!("{}/subscriptions", &self.address)) + .post(format!("{}/subscriptions", &self.address)) .header("Content-Type", "application/x-www-form-urlencoded") .body(body) .send() @@ -68,7 +68,7 @@ impl TestApp { Body: serde::Serialize, { self.api_client - .post(&format!("{}/login", &self.address)) + .post(format!("{}/login", &self.address)) .form(body) .send() .await @@ -77,7 +77,7 @@ impl TestApp { pub async fn get_login_html(&self) -> String { self.api_client - .get(&format!("{}/login", &self.address)) + .get(format!("{}/login", &self.address)) .send() .await .expect("Failed to execute request.") @@ -88,7 +88,7 @@ impl TestApp { pub async fn get_admin_dashboard(&self) -> reqwest::Response { self.api_client - .get(&format!("{}/admin/dashboard", &self.address)) + .get(format!("{}/admin/dashboard", &self.address)) .send() .await .expect("Failed to execute request.") @@ -100,7 +100,7 @@ impl TestApp { pub async fn get_change_password(&self) -> reqwest::Response { self.api_client - .get(&format!("{}/admin/password", &self.address)) + .get(format!("{}/admin/password", &self.address)) .send() .await .expect("Failed to execute request.") @@ -112,7 +112,7 @@ impl TestApp { pub async fn post_logout(&self) -> reqwest::Response { self.api_client - .post(&format!("{}/admin/logout", &self.address)) + .post(format!("{}/admin/logout", &self.address)) .send() .await .expect("Failed to execute request.") @@ -123,7 +123,7 @@ impl TestApp { Body: serde::Serialize, { self.api_client - .post(&format!("{}/admin/password", &self.address)) + .post(format!("{}/admin/password", &self.address)) .form(body) .send() .await @@ -132,7 +132,7 @@ impl TestApp { pub async fn get_publish_newsletter(&self) -> reqwest::Response { self.api_client - .get(&format!("{}/admin/newsletters", &self.address)) + .get(format!("{}/admin/newsletters", &self.address)) .send() .await .expect("Failed to execute request.") @@ -147,7 +147,7 @@ impl TestApp { Body: serde::Serialize, { self.api_client - .post(&format!("{}/admin/newsletters", &self.address)) + .post(format!("{}/admin/newsletters", &self.address)) .form(body) .send() .await @@ -233,7 +233,7 @@ async fn configure_database(config: &DatabaseSettings) -> PgPool { let maintenance_settings = DatabaseSettings { database_name: "postgres".to_string(), username: "postgres".to_string(), - password: Secret::new("password".to_string()), + password: SecretString::from("password"), ..config.clone() }; let mut connection = PgConnection::connect_with(&maintenance_settings.connect_options()) diff --git a/tests/api/newsletter.rs b/tests/api/newsletter.rs index f09a68c..9327c69 100644 --- a/tests/api/newsletter.rs +++ b/tests/api/newsletter.rs @@ -11,7 +11,7 @@ async fn create_unconfirmed_subscriber(app: &TestApp) -> ConfirmationLinks { // their details must be randomised to avoid conflicts! let name: String = Name().fake(); let email: String = SafeEmail().fake(); - let body = serde_urlencoded::to_string(&serde_json::json!({ + let body = serde_urlencoded::to_string(serde_json::json!({ "name": name, "email": email })) @@ -24,7 +24,7 @@ async fn create_unconfirmed_subscriber(app: &TestApp) -> ConfirmationLinks { .expect(1) .mount_as_scoped(&app.email_server) .await; - app.post_subscriptions(body.into()) + app.post_subscriptions(body) .await .error_for_status() .unwrap();