Skip to content

Commit eb4def2

Browse files
committed
v0.5.0
1 parent c31b18b commit eb4def2

12 files changed

Lines changed: 142 additions & 51 deletions

File tree

CHANGELOG.md

Lines changed: 11 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1,3 +1,14 @@
1+
# 0.5.0
2+
## Breaking changes
3+
1. `set_default_hsts` is removed, now is default.
4+
5+
## New
6+
1. Add `default` for `LoggerBuilder` and `Middleware`.
7+
8+
## Changes
9+
1. Minor session change according to `actix-session`.
10+
2. Fix several unexpected unwrap.
11+
112
# 0.4.15
213
## New
314
1. `Response` allows for multiple `builder`.

README.md

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -107,6 +107,8 @@ Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
107107
### memorydb-default
108108
Actix Cloud has a default memory database backend used for sessions. You can also use your own backend if you implement `actix_cloud::memorydb::MemoryDB`.
109109

110+
**The default memorydb is only for demo purpose. The performance is not guaranteed.**
111+
110112
```
111113
DefaultBackend::new(None) // No resource limitation, DDoS is possible!
112114
DefaultBackend::new(Some(100000000)) // Maximum 100000000 entries.

actix-cloud/Cargo.toml

Lines changed: 8 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,6 @@
11
[package]
22
name = "actix-cloud"
3-
version = "0.4.15"
3+
version = "0.5.0"
44
edition = "2021"
55
authors = ["MXWXZ <matrixwxz@gmail.com>"]
66
description = "Actix Cloud is an all-in-one web framework based on Actix Web."
@@ -113,7 +113,7 @@ actix-web = ["dep:actix-web"]
113113

114114
[dependencies]
115115
# utils
116-
rand = { version = "0.9", optional = true }
116+
rand = { version = "0.10", optional = true }
117117
anyhow = { version = "1.0", optional = true }
118118
hex = { version = "0.4", optional = true }
119119

@@ -133,7 +133,7 @@ tracing-subscriber = { version = "0.3", features = [
133133
"json",
134134
"parking_lot",
135135
], optional = true }
136-
colored = { version = "3.0", optional = true }
136+
colored = { version = "3.1", optional = true }
137137
futures = { version = "0.3", optional = true }
138138

139139
# tokio
@@ -145,7 +145,7 @@ actix-web = { version = "4", features = ["secure-cookies"], optional = true }
145145
# memorydb
146146
glob = { version = "0.3", optional = true }
147147
parking_lot = { version = "0.12", optional = true }
148-
priority-queue = { version = "2.6", optional = true }
148+
priority-queue = { version = "2.7", optional = true }
149149

150150
# chrono
151151
chrono = { version = "0.4", features = ["serde"], optional = true }
@@ -156,10 +156,10 @@ async-trait = { version = "0.1", optional = true }
156156
# serde
157157
serde = { version = "1.0", features = ["derive"], optional = true }
158158
serde_json = { version = "1.0", optional = true }
159-
serde_with = { version = "3.14", optional = true }
159+
serde_with = { version = "3.18", optional = true }
160160

161161
# redis
162-
redis = { version = "0.32", features = [
162+
redis = { version = "1.1", features = [
163163
"tokio-rustls-comp",
164164
"connection-manager",
165165
], optional = true }
@@ -169,7 +169,7 @@ actix-utils = { version = "3.0", optional = true }
169169

170170
# build
171171
walkdir = { version = "2.5", optional = true }
172-
yaml-rust2 = { version = "0.10", optional = true }
172+
yaml-rust2 = { version = "0.11", optional = true }
173173
quote = { version = "1.0", optional = true }
174174
syn = { version = "2.0", optional = true }
175175
prettyplease = { version = "0.2", optional = true }
@@ -179,7 +179,7 @@ tracing-actix-web = { version = "0.7", optional = true }
179179

180180
# csrf
181181
qstring = { version = "0.7", optional = true }
182-
enum-as-inner = { version = "0.6", optional = true }
182+
enum-as-inner = { version = "0.7", optional = true }
183183

184184
# response-build
185185
thiserror = { version = "2.0", optional = true }

actix-cloud/src/csrf.rs

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -82,7 +82,8 @@ where
8282
let mut ret: Vec<&str> = req
8383
.headers()
8484
.get_all(name)
85-
.map(|x| x.to_str().unwrap())
85+
.map(|x| x.to_str().unwrap_or_default())
86+
.filter(|x| !x.is_empty())
8687
.collect();
8788
if ret.len() != 1 {
8889
return None;

actix-cloud/src/logger.rs

Lines changed: 8 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -154,9 +154,9 @@ pub struct LoggerGuard {
154154

155155
impl Drop for LoggerGuard {
156156
fn drop(&mut self) {
157-
self.stop_tx.send(()).unwrap();
157+
let _ = self.stop_tx.send(());
158158
if let Some(x) = self.join.take() {
159-
x.join().unwrap();
159+
let _ = x.join();
160160
}
161161
}
162162
}
@@ -173,6 +173,12 @@ pub struct LoggerBuilder {
173173
handler: Option<HandlerFn>,
174174
}
175175

176+
impl Default for LoggerBuilder {
177+
fn default() -> Self {
178+
Self::new()
179+
}
180+
}
181+
176182
impl LoggerBuilder {
177183
/// Return colored string of `level`.
178184
///

actix-cloud/src/request.rs

Lines changed: 6 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -34,6 +34,12 @@ pub struct Middleware {
3434
lang: LangFunc,
3535
}
3636

37+
impl Default for Middleware {
38+
fn default() -> Self {
39+
Self::new()
40+
}
41+
}
42+
3743
impl Middleware {
3844
fn default_real_ip(req: &ServiceRequest) -> SocketAddr {
3945
req.peer_addr().unwrap()

actix-cloud/src/security.rs

Lines changed: 1 addition & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -125,19 +125,12 @@ impl Default for SecurityHeader {
125125
x_xss_protection: XXSSProtection::EnableBlock,
126126
cross_origin_opener_policy: CrossOriginOpenerPolicy::SameOrigin,
127127
content_security_policy: String::from("default-src 'none'; script-src 'none'; object-src 'none'; base-uri 'none'; form-action 'none'; frame-ancestors 'none'"),
128-
strict_transport_security: None,
128+
strict_transport_security: Some(StrictTransportSecurity::Preload(31536000)),
129129
}
130130
}
131131
}
132132

133133
impl SecurityHeader {
134-
/// Set default HSTS to 1 year, includeSubDomains and preload.
135-
///
136-
/// `max-age=31536000; includeSubDomains; preload`
137-
pub fn set_default_hsts(&mut self) {
138-
self.strict_transport_security = Some(StrictTransportSecurity::Preload(31536000));
139-
}
140-
141134
pub fn build(self) -> middleware::DefaultHeaders {
142135
let mut ret = middleware::DefaultHeaders::new()
143136
.add(("X-Content-Type-Options", "nosniff"))

actix-cloud/src/session/config.rs

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -214,7 +214,7 @@ impl SessionMiddlewareBuilder {
214214
/// # Default
215215
/// By default, the cookie content is encrypted. Encrypted was chosen instead of signed as
216216
/// default because it reduces the chances of sensitive information being exposed in the session
217-
/// key by accident, regardless of SessionStore implementation you chose to use.
217+
/// key by accident, regardless of [`SessionStore`] implementation you chose to use.
218218
///
219219
/// For example, if you are using cookie-based storage, you definitely want the cookie content
220220
/// to be encrypted—the whole session state is embedded in the cookie! If you are using
@@ -236,7 +236,7 @@ impl SessionMiddlewareBuilder {
236236
self
237237
}
238238

239-
/// Finalise the builder and return a [`SessionMiddleware`] instance.
239+
/// Finalize the builder and return a [`SessionMiddleware`] instance.
240240
#[must_use]
241241
pub fn build(self) -> SessionMiddleware {
242242
SessionMiddleware::from_parts(self.storage_backend, self.configuration)

actix-cloud/src/session/middleware.rs

Lines changed: 13 additions & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -1,4 +1,4 @@
1-
use std::{borrow::Cow, collections::HashMap, fmt, future::Future, pin::Pin, rc::Rc, sync::Arc};
1+
use std::{borrow::Cow, fmt, future::Future, pin::Pin, rc::Rc, sync::Arc};
22

33
use actix_utils::future::{ready, Ready};
44
use actix_web::{
@@ -8,6 +8,7 @@ use actix_web::{
88
http::header::{HeaderValue, SET_COOKIE},
99
HttpResponse,
1010
};
11+
use serde_json::{Map, Value};
1112

1213
use super::{
1314
config::{
@@ -31,7 +32,8 @@ use crate::{memorydb::MemoryDB, Result};
3132
/// Use [`SessionMiddleware::new`] to initialize the session framework using the default parameters.
3233
/// To create a new instance of [`SessionMiddleware`] you need to provide:
3334
///
34-
/// - an instance of the session storage backend you wish to use (i.e. an implementation of SessionStore);
35+
/// - an instance of the session storage backend you wish to use (i.e. an implementation of
36+
/// [`SessionStore`]);
3537
/// - a secret key, to sign or encrypt the content of client-side session cookie.
3638
///
3739
/// # How did we choose defaults?
@@ -53,7 +55,8 @@ impl SessionMiddleware {
5355
/// parameters.
5456
///
5557
/// To create a new instance of [`SessionMiddleware`] you need to provide:
56-
/// - an instance of the session storage backend you wish to use (i.e. an implementation of SessionStore);
58+
/// - an instance of the session storage backend you wish to use (i.e. an implementation of
59+
/// [`SessionStore`]);
5760
/// - a secret key, to sign or encrypt the content of client-side session cookie.
5861
pub fn new(client: Arc<dyn MemoryDB>, key: Key) -> Self {
5962
Self::builder(client, key).build()
@@ -62,7 +65,8 @@ impl SessionMiddleware {
6265
/// A fluent API to configure [`SessionMiddleware`].
6366
///
6467
/// It takes as input the two required inputs to create a new instance of [`SessionMiddleware`]:
65-
/// - an instance of the session storage backend you wish to use (i.e. an implementation of SessionStore);
68+
/// - an instance of the session storage backend you wish to use (i.e. an implementation of
69+
/// [`SessionStore`]);
6670
/// - a secret key, to sign or encrypt the content of client-side session cookie.
6771
pub fn builder(client: Arc<dyn MemoryDB>, key: Key) -> SessionMiddlewareBuilder {
6872
SessionMiddlewareBuilder::new(client, config::default_configuration(key))
@@ -151,7 +155,7 @@ where
151155
let mut ttl = configuration.session.state_ttl;
152156
let mut cookie = Cow::Borrowed(&configuration.cookie);
153157
if let Some(x) = session_state.get("_ttl") {
154-
if let Ok(x) = x.parse() {
158+
if let Some(x) = x.as_i64() {
155159
ttl = Duration::seconds(x);
156160
let mut tmp = cookie.into_owned();
157161
tmp.max_age = Some(ttl);
@@ -160,7 +164,7 @@ where
160164
}
161165
let id = session_state
162166
.get("_id")
163-
.map(|x| x.trim_matches('"').to_owned());
167+
.map(|x| x.to_string().trim_matches('"').to_owned());
164168

165169
match session_key {
166170
None => {
@@ -268,7 +272,7 @@ fn extract_session_key(req: &ServiceRequest, config: &CookieConfiguration) -> Op
268272
async fn load_session_state(
269273
session_key: Option<SessionKey>,
270274
storage_backend: &SessionStore,
271-
) -> Result<(Option<SessionKey>, HashMap<String, String>), actix_web::Error> {
275+
) -> Result<(Option<SessionKey>, Map<String, Value>), actix_web::Error> {
272276
if let Some(session_key) = session_key {
273277
match storage_backend.load(&session_key).await {
274278
Ok(state) => {
@@ -281,14 +285,14 @@ async fn load_session_state(
281285
// instead of the `update` workflow if the session state is modified during the
282286
// lifecycle of the current request.
283287

284-
Ok((None, HashMap::new()))
288+
Ok((None, Map::new()))
285289
}
286290
}
287291

288292
Err(err) => Err(e500(err)),
289293
}
290294
} else {
291-
Ok((None, HashMap::new()))
295+
Ok((None, Map::new()))
292296
}
293297
}
294298

0 commit comments

Comments
 (0)