chore: progress

Signed-off-by: Henry Gressmann <mail@henrygressmann.de>

Author: explodingcamera

Cargo.lock

@@ -48,6 +48,7 @@ ahash="0.8"
 # web
 axum="0.8"
 axum-extra={version="0.12", default-features=false, features=["cookie"]}
+http="1.4"
 tower={version="0.5", default-features=false, features=["limit"]}
 tower-http={version="0.6", default-features=false, features=[
     "cors",
@@ -74,7 +75,6 @@ tikv-jemallocator="0.6"
 
 [dev-dependencies]
 figment={version="*", features=["test"]}
-poem={version="*", features=["test"]}
 cookie={version="*", default-features=false}
 
 [features]

Cargo.toml

@@ -38,7 +38,7 @@ impl Display for DateRange {
 }
 
 #[derive(Debug, Enum, Clone, Copy, PartialEq, Eq, Hash)]
-#[oai(rename_all = "snake_case")]
+#[serde(rename_all = "snake_case")]
 pub enum Metric {
     Views,
     UniqueVisitors,
@@ -47,7 +47,7 @@ pub enum Metric {
 }
 
 #[derive(Debug, Enum, Clone, Copy, Hash, Eq, PartialEq, PartialOrd, Ord)]
-#[oai(rename_all = "snake_case")]
+#[serde(rename_all = "snake_case")]
 pub enum Dimension {
     Url,
     Fqdn,
@@ -66,7 +66,7 @@ pub enum Dimension {
 }
 
 #[derive(Enum, Debug, Clone, Copy, Hash, Eq, PartialEq, PartialOrd, Ord)]
-#[oai(rename_all = "snake_case")]
+#[serde(rename_all = "snake_case")]
 pub enum FilterType {
     // Generic filters
     IsNull,
@@ -86,7 +86,7 @@ pub type ReportGraph = Vec<f64>;
 pub type ReportTable = BTreeMap<String, f64>;
 
 #[derive(Object, Clone, Debug, Default)]
-#[oai(rename_all = "camelCase")]
+#[serde(rename_all = "camelCase")]
 pub struct ReportStats {
     pub total_views: u64,
     pub unique_visitors: u64,
@@ -95,7 +95,7 @@ pub struct ReportStats {
 }
 
 #[derive(Object, Debug, Clone, Hash, Eq, PartialEq, PartialOrd, Ord)]
-#[oai(rename_all = "camelCase")]
+#[serde(rename_all = "camelCase")]
 pub struct DimensionFilter {
     /// The dimension to filter by
     dimension: Dimension,

src/app/core/reports.rs

@@ -1,7 +1,7 @@
 use anyhow::{Context, Result, bail};
 use figment::Figment;
 use figment::providers::{Env, Format, Toml};
-use poem::http::Uri;
+use http::Uri;
 use serde::{Deserialize, Serialize};
 use std::num::NonZeroU16;
 use std::str::FromStr;

src/config.rs

@@ -3,4 +3,3 @@ pub mod cli;
 pub mod config;
 pub mod utils;
 pub mod web;
-pub mod web_axum;

src/lib.rs

@@ -4,11 +4,12 @@ use argon2::password_hash::{PasswordHasher, SaltString, rand_core};
 
 use anyhow::Result;
 use rand::RngCore;
+use rand::rngs::OsRng;
 use sha3::Digest;
 use std::net::IpAddr;
 
 pub fn hash_password(password: &str) -> Result<String> {
-    let salt = SaltString::generate(&mut rand_core::OsRng);
+    let salt = SaltString::generate(&mut OsRng);
     let hash = Argon2::default()
         .hash_password(password.as_bytes(), &salt)
         .map_err(|_| anyhow::anyhow!("Failed to hash password"))?;
@@ -22,7 +23,7 @@ pub fn verify_password(password: &str, hash: &str) -> Result<()> {
 }
 
 pub fn generate_salt() -> String {
-    SaltString::generate(&mut rand_core::OsRng).to_string()
+    SaltString::generate(&mut OsRng).to_string()
 }
 
 pub fn hash_ip(ip: &IpAddr, user_agent: &str, daily_salt: &str, entity_id: &str) -> String {

src/utils/hash.rs

@@ -50,7 +50,7 @@ pub enum Referrer {
 }
 
 pub fn process_referer(referer: Option<&str>) -> Referrer {
-    match referer.map(poem::http::Uri::from_str) {
+    match referer.map(http::Uri::from_str) {
         // valid referer are stripped to the FQDN
         Some(Ok(referer_uri)) => {
             // ignore localhost / IP addresses

src/utils/referrer.rs

@@ -2,24 +2,25 @@ pub mod routes;
 pub mod session;
 pub mod webext;
 
-use std::sync::Arc;
-
-use crate::app::Liwan;
-use crate::app::models::Event;
-use routes::{dashboard_service, event_service};
-use std::sync::mpsc::Sender;
-use webext::{EmbeddedFilesEndpoint, PoemErrExt, catch_error};
-
-pub use session::SessionUser;
+use std::net::SocketAddr;
+use std::ops::Deref;
+use std::sync::{Arc, mpsc::Sender};
 
 use anyhow::{Context, Result};
 use rust_embed::RustEmbed;
 
-use poem::endpoint::EmbeddedFileEndpoint;
-use poem::listener::TcpListener;
-use poem::middleware::{AddData, Compression, CookieJarManager, Cors, SetHeader};
-use poem::web::CompressionAlgo;
-use poem::{EndpointExt, IntoEndpoint, Route, Server};
+use aide::{axum::ApiRouter, openapi};
+use http::{Method, header};
+use tower_http::{
+    compression::CompressionLayer,
+    cors::{Any, CorsLayer},
+    set_header::SetResponseHeaderLayer,
+};
+
+use crate::app::{Liwan, models::Event};
+
+pub use session::SessionUser;
+use webext::StaticFile;
 
 #[derive(RustEmbed, Clone)]
 #[folder = "./web/dist"]
@@ -29,69 +30,46 @@ struct Files;
 #[folder = "./tracker"]
 struct Script;
 
-#[cfg(debug_assertions)]
-fn save_spec() -> Result<()> {
-    use std::path::Path;
-
-    let path = Path::new("./web/src/api/dashboard.ts");
-    if path.exists() {
-        let spec = serde_json::to_string(&serde_json::from_str::<serde_json::Value>(&dashboard_service().spec())?)?
-            .replace(r#""servers":[],"#, "") // fets doesn't work with an empty servers array
-            .replace("; charset=utf-8", "") // fets doesn't detect the json content type correctly
-            .replace(r#""format":"int64","#, ""); // fets uses bigint for int64
-
-        // check if the spec has changed
-        let old_spec = std::fs::read_to_string(path)?;
-        if old_spec == format!("export default {spec} as const;\n") {
-            return Ok(());
-        }
-
-        tracing::info!("API has changed, updating the openapi spec...");
-        std::fs::write(path, format!("export default {spec} as const;\n"))?;
-    }
-    Ok(())
+#[derive(Clone)]
+pub struct RouterState {
+    pub app: Arc<Liwan>,
+    pub events: Sender<Event>,
 }
 
-pub fn create_router(app: Arc<Liwan>, events: Sender<Event>) -> impl IntoEndpoint {
-    let handle_events = event_service().with(Cors::new().allow_method("POST").allow_credentials(false));
-
-    let serve_script = EmbeddedFileEndpoint::<Script>::new("script.min.js")
-        .with(Cors::new().allow_method("GET").allow_credentials(false))
-        .with(SetHeader::new().appending("Content-Type", "application/javascript"));
+impl Deref for RouterState {
+    type Target = Arc<Liwan>;
 
-    let headers = SetHeader::new()
-        .appending("X-Frame-Options", "DENY")
-        .appending("X-Content-Type-Options", "nosniff")
-        .appending("X-XSS-Protection", "1; mode=block")
-        .appending(
-            "Content-Security-Policy",
-            "default-src 'self' data: 'unsafe-inline'; img-src 'self' data: https://*",
-        )
-        .appending("Referrer-Policy", "same-origin")
-        .appending("Permissions-Policy", "geolocation=(), microphone=(), camera=()");
-
-    let api_router = Route::new()
-        .nest_no_strip("/event", handle_events)
-        .nest("/dashboard", dashboard_service().with(CookieJarManager::new()))
-        .catch_all_error(catch_error);
-
-    Route::new()
-        .nest("/api", api_router)
-        .at("/script.js", serve_script)
-        .nest("/", EmbeddedFilesEndpoint::<Files>::new())
-        .with(AddData::new(app))
-        .with(AddData::new(events))
-        .with(CookieJarManager::new())
-        .with(Compression::new().algorithms([CompressionAlgo::BR, CompressionAlgo::GZIP]))
-        .with(headers)
+    fn deref(&self) -> &Self::Target {
+        &self.app
+    }
 }
 
 pub async fn start_webserver(app: Arc<Liwan>, events: Sender<Event>) -> Result<()> {
-    #[cfg(debug_assertions)]
-    save_spec()?;
-
-    let router = create_router(app.clone(), events.clone());
-    let listener = TcpListener::bind(("0.0.0.0", app.config.port));
+    let event_cors = CorsLayer::new().allow_methods([Method::POST]).allow_origin(Any).allow_credentials(false);
+    let script_cors = CorsLayer::new().allow_methods([Method::GET]).allow_origin(Any).allow_credentials(false);
+
+    let set_headers = tower::ServiceBuilder::new()
+        .layer(SetResponseHeaderLayer::if_not_present(header::X_FRAME_OPTIONS, "DENY"))
+        .layer(SetResponseHeaderLayer::if_not_present(header::X_CONTENT_TYPE_OPTIONS, "nosniff"))
+        .layer(SetResponseHeaderLayer::if_not_present(header::X_XSS_PROTECTION, "1; mode=block"))
+        .layer(SetResponseHeaderLayer::if_not_present(
+            header::CONTENT_SECURITY_POLICY,
+            "default-src 'self' data: 'unsafe-inline'; img-src 'self' data: https://*",
+        ))
+        .layer(SetResponseHeaderLayer::if_not_present(header::REFERRER_POLICY, "same-origin"));
+
+    let dashboard = ApiRouter::new()
+        .merge(routes::admin::router())
+        .merge(routes::auth::router())
+        .merge(routes::dashboard::router());
+
+    let router = ApiRouter::new()
+        .nest("/api", routes::event::router().layer(event_cors))
+        .nest("/api/dashboard", dashboard)
+        .route_service("/script.js", StaticFile::<Script>::new("script.min.js").layer(script_cors))
+        .layer(CompressionLayer::new())
+        .layer(set_headers)
+        .with_state(RouterState { app: app.clone(), events });
 
     match app.onboarding.token()? {
         Some(onboarding) => {
@@ -105,5 +83,10 @@ pub async fn start_webserver(app: Arc<Liwan>, events: Sender<Event>) -> Result<(
         }
     }
 
-    Server::new(listener).run(router).await.context("server exited unexpectedly")
+    let mut api = openapi::OpenApi::default();
+    api.info = openapi::Info { description: Some("an example API".to_string()), ..openapi::Info::default() };
+
+    let listener = tokio::net::TcpListener::bind(("0.0.0.0", app.config.port)).await.unwrap();
+    let server = router.finish_api(&mut api).into_make_service_with_connect_info::<SocketAddr>();
+    axum::serve(listener, server).await.context("server exited unexpectedly")
 }