Skip to content

Commit

Permalink
Allow specify the secret directly in config file
Browse files Browse the repository at this point in the history
  • Loading branch information
@photino
photino committed Dec 7, 2023
1 parent b87d92f commit 018d153
Show file tree
Hide file tree
Showing 12 changed files with 152 additions and 151 deletions.
2 changes: 1 addition & 1 deletion examples/dioxus-desktop/Cargo.toml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -40,4 +40,4 @@ version = "0.13.5"

[dependencies.zino-dioxus]
path = "../../zino-dioxus"
version = "0.1.5"
version = "0.1.4"
17 changes: 10 additions & 7 deletions zino-core/src/application/secret_key.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,16 +4,19 @@ use std::sync::OnceLock;

/// Initializes the secret key.
pub(super) fn init<APP: Application + ?Sized>() {
let checksum: [u8; 32] = APP::config()
let config = APP::config();
let checksum: [u8; 32] = config
.get_str("checksum")
.and_then(|checksum| checksum.as_bytes().first_chunk().copied())
.unwrap_or_else(|| {
tracing::warn!("the `checksum` is not set properly for deriving a secret key");

let app_name = APP::name();
let app_version = APP::version();
let app_key = format!("{app_name}@{app_version}");
crypto::digest(app_key.as_bytes())
let secret = config
.get_str("secret")
.map(|s| s.to_owned())
.unwrap_or_else(|| {
tracing::warn!("an auto-generated `secret` is used for deriving a secret key");
format!("{}@{}", APP::name(), APP::version())
});
crypto::digest(secret.as_bytes())
});

let secret_key = crypto::derive_key("ZINO:APPLICATION", &checksum);
Expand Down
23 changes: 9 additions & 14 deletions zino-core/src/auth/access_key.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,7 @@ use hmac::{
Hmac, Mac,
};
use rand::{distributions::Alphanumeric, Rng};
use std::{borrow::Cow, env, fmt, iter, sync::LazyLock};
use std::{borrow::Cow, fmt, iter, sync::LazyLock};

#[cfg(feature = "auth-totp")]
use totp_rs::{Algorithm, TOTP};
Expand Down Expand Up @@ -124,22 +124,17 @@ impl AsRef<[u8]> for SecretAccessKey {

/// Shared secret.
static SECRET_KEY: LazyLock<[u8; 64]> = LazyLock::new(|| {
let config = State::shared().config();
let app_config = State::shared().config();
let config = app_config.get_table("access-key").unwrap_or(app_config);
let checksum: [u8; 32] = config
.get_table("access-key")
.and_then(|t| t.get_str("checksum"))
.get_str("checksum")
.and_then(|checksum| checksum.as_bytes().first_chunk().copied())
.unwrap_or_else(|| {
tracing::warn!("the `checksum` is not set properly for deriving a secret key");

let app_name = config
.get_str("name")
.map(|s| s.to_owned())
.unwrap_or_else(|| {
env::var("CARGO_PKG_NAME")
.expect("fail to get the environment variable `CARGO_PKG_NAME`")
});
crypto::digest(app_name.as_bytes())
let secret = config.get_str("secret").unwrap_or_else(|| {
tracing::warn!("an auto-generated `secret` is used for deriving a secret key");
crate::application::APP_NMAE.as_ref()
});
crypto::digest(secret.as_bytes())
});
crypto::derive_key("ZINO:ACCESS-KEY", &checksum)
});
23 changes: 9 additions & 14 deletions zino-core/src/auth/jwt_claims.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,7 @@ use jwt_simple::{
common::VerificationOptions,
};
use serde::{de::DeserializeOwned, Serialize};
use std::{env, sync::LazyLock, time::Duration};
use std::{sync::LazyLock, time::Duration};

/// JWT Claims.
#[derive(Debug, Clone)]
Expand Down Expand Up @@ -192,22 +192,17 @@ static DEFAULT_REFRESH_INTERVAL: LazyLock<Duration> = LazyLock::new(|| {

/// Shared secret access key for the HMAC algorithm.
static SECRET_KEY: LazyLock<JwtHmacKey> = LazyLock::new(|| {
let config = State::shared().config();
let app_config = State::shared().config();
let config = app_config.get_table("jwt").unwrap_or(app_config);
let checksum: [u8; 32] = config
.get_table("jwt")
.and_then(|t| t.get_str("checksum"))
.get_str("checksum")
.and_then(|checksum| checksum.as_bytes().first_chunk().copied())
.unwrap_or_else(|| {
tracing::warn!("the `checksum` is not set properly for deriving a secret key");

let app_name = config
.get_str("name")
.map(|s| s.to_owned())
.unwrap_or_else(|| {
env::var("CARGO_PKG_NAME")
.expect("fail to get the environment variable `CARGO_PKG_NAME`")
});
crypto::digest(app_name.as_bytes())
let secret = config.get_str("secret").unwrap_or_else(|| {
tracing::warn!("an auto-generated `secret` is used for deriving a secret key");
crate::application::APP_NMAE.as_ref()
});
crypto::digest(secret.as_bytes())
});
let secret_key = crypto::derive_key("ZINO:JWT", &checksum);
JwtHmacKey::from_bytes(&secret_key)
Expand Down
16 changes: 16 additions & 0 deletions zino-core/src/model/column.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -219,6 +219,22 @@ impl<'a> Column<'a> {
)
}

/// Returns `true` if the column has a type of `DateTime`, `Date`, `Time`,
/// or `String` with a format `date-time`, `date`, `time`.
pub fn is_datetime_type(&self) -> bool {
match self.type_name() {
"DateTime" | "Date" | "Time" | "NaiveDateTime" | "NaiveDate" | "NaiveTime" => true,
"String" => {
if let Some(format) = self.extra.get_str("format") {
matches!(format, "date-time" | "date" | "time")
} else {
false
}
}
_ => false,
}
}

/// Returns the Avro schema.
pub fn schema(&self) -> Schema {
let type_name = self.type_name();
Expand Down
17 changes: 10 additions & 7 deletions zino-core/src/orm/helper.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -68,17 +68,20 @@ where

/// Secret key.
static SECRET_KEY: LazyLock<[u8; 64]> = LazyLock::new(|| {
let config = State::shared()
.get_config("database")
.expect("the `database` field should be a table");
let app_config = State::shared().config();
let config = app_config.get_table("database").unwrap_or(app_config);
let checksum: [u8; 32] = config
.get_str("checksum")
.and_then(|checksum| checksum.as_bytes().first_chunk().copied())
.unwrap_or_else(|| {
tracing::warn!("the `checksum` is not set properly for deriving a secret key");

let driver_name = format!("{}{}", *super::TABLE_PREFIX, super::DRIVER_NAME);
crypto::digest(driver_name.as_bytes())
let secret = config
.get_str("secret")
.map(|s| s.to_owned())
.unwrap_or_else(|| {
tracing::warn!("an auto-generated `secret` is used for deriving a secret key");
format!("{}{}", *super::TABLE_PREFIX, super::DRIVER_NAME)
});
crypto::digest(secret.as_bytes())
});
crypto::derive_key("ZINO:ORM", &checksum)
});
59 changes: 27 additions & 32 deletions zino-core/src/orm/mysql.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -237,6 +237,13 @@ impl<'c> EncodeColumn<DatabaseDriver> for Column<'c> {
let min_value = self.encode_value(range.first());
let max_value = self.encode_value(range.last());
return format!(r#"{field} >= {min_value} AND {field} < {max_value}"#);
} else if let Some(value) = value.as_str()
&& let Some((min_value, max_value)) = value.split_once(',')
&& self.is_datetime_type()
{
let min_value = self.format_value(min_value);
let max_value = self.format_value(max_value);
return format!(r#"{field} >= {min_value} AND {field} < {max_value}"#);
} else if value.is_null() {
return format!(r#"{field} IS NULL"#);
}
Expand Down Expand Up @@ -310,19 +317,13 @@ impl<'c> EncodeColumn<DatabaseDriver> for Column<'c> {
}
"DateTime" | "NaiveDateTime" => {
if let Some(value) = value.as_str() {
if let Some((min_value, max_value)) = value.split_once(',') {
let min_value = self.format_value(min_value);
let max_value = self.format_value(max_value);
format!(r#"{field} >= {min_value} AND {field} < {max_value}"#)
} else {
let length = value.len();
let value = self.format_value(value);
match length {
4 => format!(r#"date_format({field}, '%Y') = {value}"#),
7 => format!(r#"date_format({field}, '%Y-%m') = {value}"#),
10 => format!(r#"date_format({field}, '%Y-%m-%d') = {value}"#),
_ => format!(r#"{field} = {value}"#),
}
let length = value.len();
let value = self.format_value(value);
match length {
4 => format!(r#"date_format({field}, '%Y') = {value}"#),
7 => format!(r#"date_format({field}, '%Y-%m') = {value}"#),
10 => format!(r#"date_format({field}, '%Y-%m-%d') = {value}"#),
_ => format!(r#"{field} = {value}"#),
}
} else {
let value = self.encode_value(Some(value));
Expand All @@ -331,18 +332,12 @@ impl<'c> EncodeColumn<DatabaseDriver> for Column<'c> {
}
"Date" | "NaiveDate" => {
if let Some(value) = value.as_str() {
if let Some((min_value, max_value)) = value.split_once(',') {
let min_value = self.format_value(min_value);
let max_value = self.format_value(max_value);
format!(r#"{field} >= {min_value} AND {field} < {max_value}"#)
} else {
let length = value.len();
let value = self.format_value(value);
match length {
4 => format!(r#"date_format({field}, '%Y') = {value}"#),
7 => format!(r#"date_format({field}, '%Y-%m') = {value}"#),
_ => format!(r#"{field} = {value}"#),
}
let length = value.len();
let value = self.format_value(value);
match length {
4 => format!(r#"date_format({field}, '%Y') = {value}"#),
7 => format!(r#"date_format({field}, '%Y-%m') = {value}"#),
_ => format!(r#"{field} = {value}"#),
}
} else {
let value = self.encode_value(Some(value));
Expand All @@ -351,13 +346,13 @@ impl<'c> EncodeColumn<DatabaseDriver> for Column<'c> {
}
"Time" | "NaiveTime" => {
if let Some(value) = value.as_str() {
if let Some((min_value, max_value)) = value.split_once(',') {
let min_value = self.format_value(min_value);
let max_value = self.format_value(max_value);
format!(r#"{field} >= {min_value} AND {field} < {max_value}"#)
} else {
let value = self.format_value(value);
format!(r#"{field} = {value}"#)
let length = value.len();
let value = self.format_value(value);
match length {
2 => format!(r#"date_format({field}, '%H') = {value}"#),
5 => format!(r#"date_format({field}, '%H:%i') = {value}"#),
8 => format!(r#"date_format({field}, '%H:%i:%s') = {value}"#),
_ => format!(r#"{field} = {value}"#),
}
} else {
let value = self.encode_value(Some(value));
Expand Down
59 changes: 27 additions & 32 deletions zino-core/src/orm/postgres.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -254,6 +254,13 @@ impl<'c> EncodeColumn<DatabaseDriver> for Column<'c> {
let min_value = self.encode_value(range.first());
let max_value = self.encode_value(range.last());
return format!(r#"{field} >= {min_value} AND {field} < {max_value}"#);
} else if let Some(value) = value.as_str()
&& let Some((min_value, max_value)) = value.split_once(',')
&& self.is_datetime_type()
{
let min_value = self.format_value(min_value);
let max_value = self.format_value(max_value);
return format!(r#"{field} >= {min_value} AND {field} < {max_value}"#);
} else if value.is_null() {
return format!(r#"{field} IS NULL"#);
}
Expand Down Expand Up @@ -334,19 +341,13 @@ impl<'c> EncodeColumn<DatabaseDriver> for Column<'c> {
}
"DateTime" | "NaiveDateTime" => {
if let Some(value) = value.as_str() {
if let Some((min_value, max_value)) = value.split_once(',') {
let min_value = self.format_value(min_value);
let max_value = self.format_value(max_value);
format!(r#"{field} >= {min_value} AND {field} < {max_value}"#)
} else {
let length = value.len();
let value = self.format_value(value);
match length {
4 => format!(r#"to_char({field}, 'YYYY') = {value}"#),
7 => format!(r#"to_char({field}, 'YYYY-MM') = {value}"#),
10 => format!(r#"to_char({field}, 'YYYY-MM-DD') = {value}"#),
_ => format!(r#"{field} = {value}"#),
}
let length = value.len();
let value = self.format_value(value);
match length {
4 => format!(r#"to_char({field}, 'YYYY') = {value}"#),
7 => format!(r#"to_char({field}, 'YYYY-MM') = {value}"#),
10 => format!(r#"to_char({field}, 'YYYY-MM-DD') = {value}"#),
_ => format!(r#"{field} = {value}"#),
}
} else {
let value = self.encode_value(Some(value));
Expand All @@ -355,18 +356,12 @@ impl<'c> EncodeColumn<DatabaseDriver> for Column<'c> {
}
"Date" | "NaiveDate" => {
if let Some(value) = value.as_str() {
if let Some((min_value, max_value)) = value.split_once(',') {
let min_value = self.format_value(min_value);
let max_value = self.format_value(max_value);
format!(r#"{field} >= {min_value} AND {field} < {max_value}"#)
} else {
let length = value.len();
let value = self.format_value(value);
match length {
4 => format!(r#"to_char({field}, 'YYYY') = {value}"#),
7 => format!(r#"to_char({field}, 'YYYY-MM') = {value}"#),
_ => format!(r#"{field} = {value}"#),
}
let length = value.len();
let value = self.format_value(value);
match length {
4 => format!(r#"to_char({field}, 'YYYY') = {value}"#),
7 => format!(r#"to_char({field}, 'YYYY-MM') = {value}"#),
_ => format!(r#"{field} = {value}"#),
}
} else {
let value = self.encode_value(Some(value));
Expand All @@ -375,13 +370,13 @@ impl<'c> EncodeColumn<DatabaseDriver> for Column<'c> {
}
"Time" | "NaiveTime" => {
if let Some(value) = value.as_str() {
if let Some((min_value, max_value)) = value.split_once(',') {
let min_value = self.format_value(min_value);
let max_value = self.format_value(max_value);
format!(r#"{field} >= {min_value} AND {field} < {max_value}"#)
} else {
let value = self.format_value(value);
format!(r#"{field} = {value}"#)
let length = value.len();
let value = self.format_value(value);
match length {
2 => format!(r#"to_char({field}, 'HH24') = {value}"#),
5 => format!(r#"to_char({field}, 'HH24:MI') = {value}"#),
8 => format!(r#"to_char({field}, 'HH24:MI:SS') = {value}"#),
_ => format!(r#"{field} = {value}"#),
}
} else {
let value = self.encode_value(Some(value));
Expand Down
Loading

0 comments on commit 018d153

Please sign in to comment.