Add basic http authentification

d898412f · David Huss · 74a822e6 · d898412f · d898412f · d898412f
Commit d898412f authored 2 years ago by David Huss
--- a/Cargo.lock
+++ b/Cargo.lock
@@ -182,6 +182,21 @@ dependencies = [
 "syn",
 ]

+[[package]]
+name = "actix-web-httpauth"
+version = "0.8.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "6dda62cf04bc3a9ad2ea8f314f721951cfdb4cdacec4e984d20e77c7bb170991"
+dependencies = [
+ "actix-utils",
+ "actix-web",
+ "base64",
+ "futures-core",
+ "futures-util",
+ "log",
+ "pin-project-lite",
+]
+
 [[package]]
 name = "adler"
 version = "1.0.2"
@@ -201,9 +216,9 @@ dependencies = [

 [[package]]
 name = "aho-corasick"
-version = "0.7.19"
+version = "0.7.20"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "b4f55bd91a0978cbfd91c457a164bab8b4001c833b7f323132c0a4e1922dd44e"
+checksum = "cc936419f96fa211c1b9166887b38e5e40b19958e5b895be7c1f93adec7071ac"
 dependencies = [
 "memchr",
 ]
@@ -312,9 +327,9 @@ checksum = "572f695136211188308f16ad2ca5c851a712c464060ae6974944458eb83880ba"

 [[package]]
 name = "bytes"
-version = "1.2.1"
+version = "1.3.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "ec8a7b6a70fde80372154c65702f00a0f56f3e1c36abbc6c440484be248856db"
+checksum = "dfb24e866b15a1af2a1b663f10c6b6b8f397a84aadb828f12e5b289ec23a3a3c"

 [[package]]
 name = "bytestring"
@@ -327,9 +342,9 @@ dependencies = [

 [[package]]
 name = "cc"
-version = "1.0.76"
+version = "1.0.77"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "76a284da2e6fe2092f2353e51713435363112dfd60030e22add80be333fb928f"
+checksum = "e9f73505338f7d905b19d18738976aae232eb46b8efc15554ffc56deb5d9ebe4"
 dependencies = [
 "jobserver",
 ]
@@ -428,9 +443,9 @@ dependencies = [

 [[package]]
 name = "cxx"
-version = "1.0.81"
+version = "1.0.82"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "97abf9f0eca9e52b7f81b945524e76710e6cb2366aead23b7d4fbf72e281f888"
+checksum = "d4a41a86530d0fe7f5d9ea779916b7cadd2d4f9add748b99c2c029cbbdfaf453"
 dependencies = [
 "cc",
 "cxxbridge-flags",
@@ -440,9 +455,9 @@ dependencies = [

 [[package]]
 name = "cxx-build"
-version = "1.0.81"
+version = "1.0.82"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "7cc32cc5fea1d894b77d269ddb9f192110069a8a9c1f1d441195fba90553dea3"
+checksum = "06416d667ff3e3ad2df1cd8cd8afae5da26cf9cec4d0825040f88b5ca659a2f0"
 dependencies = [
 "cc",
 "codespan-reporting",
@@ -455,15 +470,15 @@ dependencies = [

 [[package]]
 name = "cxxbridge-flags"
-version = "1.0.81"
+version = "1.0.82"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "8ca220e4794c934dc6b1207c3b42856ad4c302f2df1712e9f8d2eec5afaacf1f"
+checksum = "820a9a2af1669deeef27cb271f476ffd196a2c4b6731336011e0ba63e2c7cf71"

 [[package]]
 name = "cxxbridge-macro"
-version = "1.0.81"
+version = "1.0.82"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "b846f081361125bfc8dc9d3940c84e1fd83ba54bbca7b17cd29483c828be0704"
+checksum = "a08a6e2fcc370a089ad3b4aaf54db3b1b4cee38ddabce5896b33eb693275f470"
 dependencies = [
 "proc-macro2",
 "quote",
@@ -485,9 +500,9 @@ dependencies = [

 [[package]]
 name = "digest"
-version = "0.10.5"
+version = "0.10.6"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "adfbc57365a37acbd2ebf2b64d7e69bb766e2fea813521ed536f5d0520dcf86c"
+checksum = "8168378f4e5023e7218c89c891c0fd8ecdb5e5e4f18cb78f38cf245dd021e76f"
 dependencies = [
 "block-buffer",
 "crypto-common",
@@ -526,9 +541,9 @@ dependencies = [

 [[package]]
 name = "flate2"
-version = "1.0.24"
+version = "1.0.25"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "f82b0f4c27ad9f8bfd1f3208d882da2b09c301bc1c828fd3a00d0216d2fbbff6"
+checksum = "a8a2db397cb1c8772f31494cb8917e48cd1e64f0fa7efac59fbd741a0a8ce841"
 dependencies = [
 "crc32fast",
 "miniz_oxide",
@@ -780,9 +795,9 @@ dependencies = [

 [[package]]
 name = "indexmap"
-version = "1.9.1"
+version = "1.9.2"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "10a35a97730320ffe8e2d410b5d3b69279b98d2c14bdb8b70ea89ecf7888d41e"
+checksum = "1885e79c1fc4b10f0e172c475f458b7f7b93061064d98c3293e98c5ba0c8b399"
 dependencies = [
 "autocfg",
 "hashbrown",
@@ -905,9 +920,9 @@ checksum = "2a60c7ce501c71e03a9c9c0d35b861413ae925bd979cc7a4e30d060069aaac8d"

 [[package]]
 name = "miniz_oxide"
-version = "0.5.4"
+version = "0.6.2"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "96590ba8f175222643a85693f33d26e9c8a015f599c216509b1a6894af675d34"
+checksum = "b275950c28b37e794e8c55d88aeb5e139d0ce23fdbbeda68f8d7174abdf9e8fa"
 dependencies = [
 "adler",
 ]
@@ -979,9 +994,9 @@ checksum = "86f0b0d4bf799edbc74508c1e8bf170ff5f41238e5f8225603ca7caaae2b7860"

 [[package]]
 name = "openssl"
-version = "0.10.42"
+version = "0.10.43"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "12fc0523e3bd51a692c8850d075d74dc062ccf251c0110668cbd921917118a13"
+checksum = "020433887e44c27ff16365eaa2d380547a94544ad509aff6eb5b6e3e0b27b376"
 dependencies = [
 "bitflags",
 "cfg-if",
@@ -1020,9 +1035,9 @@ dependencies = [

 [[package]]
 name = "openssl-sys"
-version = "0.9.77"
+version = "0.9.78"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "b03b84c3b2d099b81f0953422b4d4ad58761589d0229b5506356afca05a3670a"
+checksum = "07d5c8cb6e57b3a3612064d7b18b117912b4ce70955c2504d4b741c9e244b132"
 dependencies = [
 "autocfg",
 "cc",
@@ -1176,9 +1191,9 @@ dependencies = [

 [[package]]
 name = "reqwest"
-version = "0.11.12"
+version = "0.11.13"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "431949c384f4e2ae07605ccaa56d1d9d2ecdb5cadd4f9577ccfab29f2e5149fc"
+checksum = "68cc60575865c7831548863cc02356512e3f1dc2f3f82cb837d7fc4cc8f3c97c"
 dependencies = [
 "base64",
 "bytes",
@@ -1299,9 +1314,9 @@ dependencies = [

 [[package]]
 name = "serde_json"
-version = "1.0.87"
+version = "1.0.89"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "6ce777b7b150d76b9cf60d28b55f5847135a003f7d7350c6be7a773508ce7d45"
+checksum = "020ff22c755c2ed3f8cf162dbb41a7268d934702f3ed3631656ea597e08fc3db"
 dependencies = [
 "itoa",
 "ryu",
@@ -1367,10 +1382,11 @@ checksum = "a507befe795404456341dfab10cef66ead4c041f62b8b11bbb92bffe5d0953e0"

 [[package]]
 name = "sms-gateway"
-version = "0.4.4"
+version = "0.5.0"
 dependencies = [
 "actix-rt",
 "actix-web",
+ "actix-web-httpauth",
 "build-time",
 "chrono",
 "derive_more",
@@ -1379,6 +1395,7 @@ dependencies = [
 "log",
 "once_cell",
 "openssl",
+ "rand",
 "regex",
 "reqwest",
 "serde",
@@ -1517,9 +1534,9 @@ checksum = "cda74da7e1a664f795bb1f8a87ec406fb89a02522cf6e50620d016add6dbbf5c"

 [[package]]
 name = "tokio"
-version = "1.21.2"
+version = "1.22.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "a9e03c497dc955702ba729190dc4aac6f2a0ce97f913e5b1b5912fc5039d9099"
+checksum = "d76ce4a75fb488c605c54bf610f221cea8b0dafb53333c1a67e8ee199dcd2ae3"
 dependencies = [
 "autocfg",
 "bytes",
@@ -1915,9 +1932,9 @@ dependencies = [

 [[package]]
 name = "zstd-sys"
-version = "2.0.1+zstd.1.5.2"
+version = "2.0.3+zstd.1.5.2"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "9fd07cbbc53846d9145dbffdf6dd09a7a0aa52be46741825f5c97bdd4f73f12b"
+checksum = "44ccf97612ac95f3ccb89b2d7346b345e52f1c3019be4984f0455fb4ba991f8a"
 dependencies = [
 "cc",
 "libc",

--- a/Cargo.toml
+++ b/Cargo.toml
@@ -2,7 +2,7 @@
 name = "sms-gateway"
 description = "A http frontend for SMS Server Tools 3"
 authors = ["David Huss <david.huss@hfbk-hamburg.de>"]
-version = "0.4.4"
+version = "0.5.0"
 edition = "2021"

 # See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html
@@ -27,3 +27,5 @@ reqwest = { version = "0.11", features = ["json", "blocking"] }
 # Needed for cross compilation
 openssl = { version = "0.10.29", features = ["vendored"] }
 serde_regex = "1.1.0"
+actix-web-httpauth = "0.8.0"
+rand = "0.8.5"
--- a/README.md
+++ b/README.md
@@ -17,10 +17,10 @@ A http frontend for smstools

 ## Usage

-Send a message via post request (IP and Port need to match your configuration):
+Send a message via post request (IP, Port, username and password need to match your configuration):

 ```bash
-curl -i -d '{"number": "+4915785315089", "text": "Hello from an SMS"}' -H 'Content-Type: application/json' -X POST http://127.0.0.1:4242
+curl -i --user "admin:<PASSWORD>" -d '{"number": "+4915785315089", "text": "Hello from an SMS"}' -H 'Content-Type: application/json' -X POST http://127.0.0.1:4242
 ```

 ## Building

--- a/examples/default-config.toml
+++ b/examples/default-config.toml
@@ -6,6 +6,9 @@ level = "info"
 [server]
 host = "127.0.0.1"
 port = 4242
+# Use this user and password in your requests (basic http-authentification)
+user = "admin"
+password = "9a3a2f736affdc7a9ec2c3c7c34aa2f9b9e433d506136bb8401e33a3169a5caa"

 [sms]
 config_path = "/etc/smsd.conf"

--- a/src/bin/sms-gateway.rs
+++ b/src/bin/sms-gateway.rs
@@ -14,8 +14,15 @@ use actix_web::{
    HttpResponse,
    HttpServer,
    Responder,
+    Error,
    middleware::Logger,
-    web::{Json, Data}
+    web::{Json, Data},
+    dev::ServiceRequest, 
+};
+
+use actix_web_httpauth::{
+    extractors::basic::BasicAuth, 
+    middleware::HttpAuthentication
 };

 use actix_rt::{
@@ -55,7 +62,25 @@ async fn home() -> impl Responder {
 }


+/// Validates http=requests
+async fn validator(
+    req: ServiceRequest,
+    credentials: BasicAuth,
+) -> Result<ServiceRequest, (Error, ServiceRequest)> {
+    info!("Authoriziation via {:?}", &CONFIG.server.password);
+    match credentials.password() == Some(&CONFIG.server.password) && credentials.user_id() == &CONFIG.server.user {
+        true => Ok(req),
+        false => {
+            match credentials.password() {
+                Some(pw) => error!("Authentification failed with credentials: \"{}:{}\", check the configuration file for working credentials", credentials.user_id(), pw),
+                None => error!("Authentification failed for user without credentials: \"{}:\", check the configuration file for working credentials", credentials.user_id()),
+            }
            
+            return Err((Error::from(SmsError::AuthError), req));
+        }
+
+    }
+}



@@ -164,11 +189,13 @@ async fn main() -> std::io::Result<()> {
    let history_data = Data::new(Mutex::new(History::new()));

    HttpServer::new(move || {
+        let auth = HttpAuthentication::basic(validator);
        App::new()
            .app_data(
                Data::clone(&history_data)
            )
            .wrap(Logger::default())
+            .wrap(auth)
            .service(home)
            .service(sms_send)
            .service(eventhandler)

--- a/src/config.rs
+++ b/src/config.rs
@@ -9,6 +9,11 @@ use toml;
 use chrono::Duration;
 use regex::Regex;
 use serde_regex;
+use rand::{
+    thread_rng, 
+    Rng,
+    distributions::Alphanumeric
+};

 pub use log::{info, warn, debug, error};

@@ -23,7 +28,9 @@ pub struct Log {
 #[allow(unused)]
 pub struct Server {
    pub host: String,
-    pub port: u16
+    pub port: u16,
+    pub user: String,
+    pub password: String
 }

 #[derive(Debug, Deserialize, Serialize)]
@@ -194,7 +201,7 @@ fn check_paths(config: &Config) {

 impl Config {
    pub fn new(name: &str) -> Self {
-        let default_config: Config = match toml::from_str(include_str!("../examples/default-config.toml")) {
+        let mut default_config: Config = match toml::from_str(include_str!("../examples/default-config.toml")) {
            Ok(c) => c,
            Err(e) => {
                eprintln!("Error: Could not deserialize default configuration from \"config/default.toml\": {}", e);
@@ -202,6 +209,14 @@ impl Config {
            }
        };

+        // Generate a fresh new secret for each new config
+        let rand_string: String = thread_rng()
+            .sample_iter(&Alphanumeric)
+            .take(32)
+            .map(char::from)
+            .collect();
+        default_config.server.password = rand_string;
+
        // Read an existing config (or create the folder and a default config)
        let mut config = ensure_config(name, default_config);
        env_logger::init_from_env(env_logger::Env::default().default_filter_or(&config.log.level));

--- a/src/errors.rs
+++ b/src/errors.rs
@@ -29,6 +29,8 @@ pub enum SmsError {
  SendFailed,
  #[error("Sending SMS failed, because there was no sent SMS within the given timeout")]
  SendTimeOut,
+  #[error("Failed to authenticate user")]
+  AuthError,
 }

 impl SmsError {
@@ -46,6 +48,7 @@ impl SmsError {
            SmsError::InBlackList(_) => "Forbidden".to_string(),
            SmsError::SendFailed => "Service Unavailable".to_string(),
            SmsError::SendTimeOut => "Gateway Timeout".to_string(),
+            SmsError::AuthError=> "Forbidden".to_string(),
        }
    }
 }
@@ -76,6 +79,7 @@ impl ResponseError for SmsError {
            SmsError::InBlackList(_) => StatusCode::FORBIDDEN,
            SmsError::SendFailed => StatusCode::SERVICE_UNAVAILABLE,
            SmsError::SendTimeOut => StatusCode::GATEWAY_TIMEOUT,
+            SmsError::AuthError => StatusCode::FORBIDDEN,
        }
    }
 }