oab key fix

oab/src/api/token.rs

@@ -37,14 +37,18 @@ pub async fn get(
             "select access.name, access.rid, access.level from access, user_role, role WHERE user_role.user_id = ? && access.role_id=user_role.role_id && role.id=user_role.role_id && role.app_id = ?",
             )
             .bind(&t.id)
-            .bind(n)
+            .bind(&n)
             .fetch_all(stat.sqlx())
             .await?;
+            let appobj = models::app::Entity::find_by_id(&n)
+                .one(stat.db())
+                .await?
+                .unwrap();
             let u = models::user::Entity::find_by_id(&t.id)
                 .one(stat.db())
                 .await?
                 .unwrap();
-            let str = u.token(result).to_string()?;
+            let str = u.token(result).to_string(&appobj.key)?;
             // tokio::spawn(async move {
             //     let mut interval = tokio::time::interval(Duration::from_secs(5));
             //     interval.tick().await;

oab/src/api/user.rs

@@ -143,7 +143,7 @@ pub async fn login(
         .fetch_all(stat.sqlx())
         .await?;
         Ok(HttpResponse::build(http::StatusCode::OK)
-            .insert_header(("auth_token", u.token(result).to_string()?))
+            .insert_header(("auth_token", u.token(result).to_string(&stat.key)?))
             .body("".to_string()))
     } else {
         Ok(HttpResponse::build(http::StatusCode::FORBIDDEN)

oab/src/cfg.rs

@@ -26,6 +26,7 @@ lazy_static! {
     pub static ref CLI: AppCli = AppCli::new();
 }
 
+pub static mut KEY: String = String::new();
 // lazy_static! {
 //     pub static ref CONFIG: ApplicationConfig = ApplicationConfig::new();
 // }
@@ -135,6 +136,9 @@ impl AppState {
             Ok(f) => f,
             Err(ref e) if e.kind() == io::ErrorKind::NotFound => {
                 // res.connect_sqlx().unwrap();
+                unsafe {
+                    KEY = res.key.clone();
+                }
                 return res;
             }
             Err(e) => panic!("{}", e),
@@ -150,7 +154,9 @@ impl AppState {
         } else {
             println!("release_mode is enable!")
         }
-        info!("asd");
+        unsafe {
+            KEY = res.key.clone();
+        }
         res
     }
     pub fn defaut() -> Self {

oab/src/libs/auth.rs

@@ -21,7 +21,9 @@ use tracing::warn;
 use crate::models;
 
 // custom request auth middleware
-pub struct Auth;
+pub struct Auth {
+    pub key: String,
+}
 
 impl<S, B> Transform<S, ServiceRequest> for Auth
 where
@@ -37,6 +39,7 @@ where
 
     fn new_transform(&self, service: S) -> Self::Future {
         ok(AuthMiddleware {
+            key: self.key.clone(),
             service: Rc::new(RefCell::new(service)),
         })
     }
@@ -44,6 +47,7 @@ where
 
 pub struct AuthMiddleware<S> {
     service: Rc<RefCell<S>>,
+    key: String,
 }
 
 impl<S, B> Service<ServiceRequest> for AuthMiddleware<S>
@@ -62,18 +66,17 @@ where
 
     fn call(&self, req: ServiceRequest) -> Self::Future {
         let svc = self.service.clone();
+        let key = self.key.clone();
 
         Box::pin(async move {
             match req.headers().get("auth_token") {
-                Some(h) => {
-                    match models::Token::from(h.to_str().unwrap_or("")){
+                Some(h) => match models::Token::from(h.to_str().unwrap_or(""), &key) {
                     Ok(t) => {
                         req.extensions_mut().insert(t.id.clone());
                         req.extensions_mut().insert(t);
                     }
                     Err(e) => warn!("{}", e),
-                    } 
-                }
+                },
                 None => {}
             }
             // let value = HeaderValue::from_str("").unwrap();

oab/src/libs/fs.rs

@@ -131,7 +131,7 @@ async fn handle_file(req: &DavRequest, stat: web::Data<AppState>) -> Result<Stri
         None => "",
     };
     match auth_token {
-        Some(t) => match models::Token::from(t.to_str().unwrap_or("")) {
+        Some(t) => match models::Token::from(t.to_str().unwrap_or(""), &stat.key) {
             Ok(t) => {
                 if t.is_valid() {
                     if app_id != "" {

oab/src/main.rs

@@ -74,7 +74,9 @@ async fn web(data: AppState) -> Result<()> {
                         ErrorHandlers::new()
                             .handler(StatusCode::INTERNAL_SERVER_ERROR, add_error_header),
                     )
-                    .wrap(libs::auth::Auth)
+                    .wrap(libs::auth::Auth {
+                        key: data.key.clone(),
+                    })
                     .app_data(json_config)
                     .configure(api::routes),
             )

oab/src/models/user_plugin.rs

@@ -178,10 +178,10 @@ pub struct Token {
 }
 
 impl Token {
-    pub fn from(t: &str) -> Result<Self> {
+    pub fn from(t: &str, key: &str) -> Result<Self> {
         let token = decode::<Self>(
             t,
-            &DecodingKey::from_secret("secret".as_ref()),
+            &DecodingKey::from_secret(key.as_ref()),
             &Validation::default(),
         )?;
         if token.claims.is_valid() {
@@ -197,14 +197,22 @@ impl Token {
             false
         }
     }
-    pub fn to_string(&self) -> Result<String> {
+    pub fn to_string(&self, key: &str) -> Result<String> {
         let token = encode(
             &Header::default(),
             self,
-            &EncodingKey::from_secret("secret".as_ref()),
+            &EncodingKey::from_secret(key.as_ref()),
         )?;
         Ok(token)
     }
+    // pub fn to_string(&self) -> Result<String> {
+    //     let token = encode(
+    //         &Header::default(),
+    //         self,
+    //         &EncodingKey::from_secret(self._key.as_ref()),
+    //     )?;
+    //     Ok(token)
+    // }
 
     fn check(&self, domain: &str, did: &str, l: AccessLevel) -> bool {
         match &self.access {