squid/blog - blog - Gitea: Git with a cup of tea

squid/blog

Fork 0

Commit Graph

Author	SHA1	Message	Date
SquidSpirit	197d7773ef	BLOG-86 Checking authentication before uploading image (#101 ) All checks were successful Frontend CI / build (push) Successful in 1m8s Details ### Description This PR introduces a generic authentication middleware to protect application routes. The primary goal is to prevent unauthenticated users from uploading images. #### Changes Implemented * Authentication Middleware: * Created a new `auth_middleware` that checks the user's session for a valid `user_id`. * If a `user_id` exists, it's added to the request extensions, making it available to downstream handlers. * `UserId` Extractor: * A `UserId` type that implements `FromRequest` has been added. * This allows route handlers to declaratively require authentication by simply adding `user_id: UserId` as a parameter. If the user is not logged in, the extractor automatically returns an `ErrorUnauthorized` response. * Route Protection: * The `upload_image_handler` now includes the `UserId` extractor, securing the endpoint. * A new `/auth/me` route has been added for easily verifying the logged-in user's ID during development and testing. * Minor Refinements: * The `logout_handler` now uses `session.clear()` for more robust session termination. * Corrected the default Redis URL from `redis://127.0.1:6379` to `redis://127.0.0.1:6379`. ### Package Changes _No response_ ### Screenshots _No response_ ### Reference Resolves #86 ### Checklist - [x] A milestone is set - [x] The related issuse has been linked to this branch Reviewed-on: #101 Co-authored-by: SquidSpirit <squid@squidspirit.com> Co-committed-by: SquidSpirit <squid@squidspirit.com>	2025-08-01 18:26:39 +08:00
SquidSpirit	dd0567c937	BLOG-85 Implement OIDC authentication (#93 ) All checks were successful Frontend CI / build (push) Successful in 1m7s Details ### Description - Login with configured OIDC issuer, and then save the logged in information in server session. - Endpoints: - GET `/auth/login` - GET `/auth/callback` - GET `/auth/logout` ### Package Changes ```toml actix-session = { version = "0.10.1", features = ["redis-session"] } hex = "0.4.3" openidconnect = { version = "4.0.1", features = [ "reqwest", "reqwest-blocking", ] } ``` ### Screenshots <video src="attachments/8b15b576-61db-41b9-8587-b4b885018c93" title="Screencast From 2025-07-30 03-34-26.mp4" controls></video> ### Reference Resolves #85 ### Checklist - [x] A milestone is set - [x] The related issuse has been linked to this branch Reviewed-on: #93 Co-authored-by: SquidSpirit <squid@squidspirit.com> Co-committed-by: SquidSpirit <squid@squidspirit.com>	2025-07-30 03:46:49 +08:00

Author

SHA1

Message

Date

SquidSpirit

197d7773ef

BLOG-86 Checking authentication before uploading image (#101 )

Frontend CI / build (push) Successful in 1m8s

Details

### Description

This PR introduces a generic authentication middleware to protect application routes. The primary goal is to prevent unauthenticated users from uploading images.

#### Changes Implemented

* **Authentication Middleware**:
    * Created a new `auth_middleware` that checks the user's session for a valid `user_id`.
    * If a `user_id` exists, it's added to the request extensions, making it available to downstream handlers.

* **`UserId` Extractor**:
    * A `UserId` type that implements `FromRequest` has been added.
    * This allows route handlers to declaratively require authentication by simply adding `user_id: UserId` as a parameter. If the user is not logged in, the extractor automatically returns an `ErrorUnauthorized` response.

* **Route Protection**:
    * The `upload_image_handler` now includes the `UserId` extractor, securing the endpoint.
    * A new `/auth/me` route has been added for easily verifying the logged-in user's ID during development and testing.

* **Minor Refinements**:
    * The `logout_handler` now uses `session.clear()` for more robust session termination.
    * Corrected the default Redis URL from `redis://127.0.1:6379` to `redis://127.0.0.1:6379`.

### Package Changes

_No response_

### Screenshots

_No response_

### Reference

Resolves #86

### Checklist

- [x] A milestone is set
- [x] The related issuse has been linked to this branch

Reviewed-on: #101
Co-authored-by: SquidSpirit <squid@squidspirit.com>
Co-committed-by: SquidSpirit <squid@squidspirit.com>

2025-08-01 18:26:39 +08:00

SquidSpirit

dd0567c937

BLOG-85 Implement OIDC authentication (#93 )

Frontend CI / build (push) Successful in 1m7s

Details

### Description

- Login with configured OIDC issuer, and then save the logged in information in server session.
- Endpoints:
  - GET `/auth/login`
  - GET `/auth/callback`
  - GET `/auth/logout`

### Package Changes

```toml
actix-session = { version = "0.10.1", features = ["redis-session"] }
hex = "0.4.3"
openidconnect = { version = "4.0.1", features = [
    "reqwest",
    "reqwest-blocking",
] }
```

### Screenshots

<video src="attachments/8b15b576-61db-41b9-8587-b4b885018c93" title="Screencast From 2025-07-30 03-34-26.mp4" controls></video>

### Reference

Resolves #85

### Checklist

- [x] A milestone is set
- [x] The related issuse has been linked to this branch

Reviewed-on: #93
Co-authored-by: SquidSpirit <squid@squidspirit.com>
Co-committed-by: SquidSpirit <squid@squidspirit.com>

2025-07-30 03:46:49 +08:00

2 Commits