Hemera/nixie-ci
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Add first version of server

Browse source 
Signed-off-by: Marcel Müller <neikos@neikos.email>
This commit is contained in:
Marcel Müller 2026-01-12 08:39:31 +01:00
parent 373541c5ef
commit b17f9fa545
7 changed files with 2160 additions and 14 deletions
Download patch file Download diff file Expand all files Collapse all files

1893
Cargo.lock generated
View file

File diff suppressed because it is too large Load diff

2
flake.nix
View file

@ -92,6 +92,8 @@
rustTarget
pkgs.cargo-nextest
pkgs.sqlite
pkgs.sqlx-cli
];
};
}

1
nixie-server/.env Normal file
View file

@ -0,0 +1 @@
DATABASE_URL=sqlite://database.db

1
nixie-server/.gitignore vendored Normal file
View file

@ -0,0 +1 @@
database.db*

13
nixie-server/Cargo.toml
View file

@ -7,3 +7,16 @@ authors.workspace = true
readme.workspace = true
[dependencies]
axum = { version = "0.8.8", features = ["macros"] }
tokio = { workspace = true, features = ["full"] }
axum-login = "0.18"
sqlx = { version = "0.8.6", features = ["runtime-tokio", "sqlite"] }
anyhow.workspace = true
tower-sessions = { version = "0.14" }
serde = { workspace = true, features = ["derive"] }
tower-sessions-sqlx-store = { version = "0.15.0", features = ["sqlite"] }
thiserror.workspace = true
displaydoc.workspace = true
password-auth = "1.0.0"
tracing = "0.1.44"
tracing-subscriber = { version = "0.3.22", features = ["env-filter"] }

8
nixie-server/migrations/20260112065245_create_users.sql Normal file
View file

@ -0,0 +1,8 @@
-- Add migration script here
CREATE TABLE IF NOT EXISTS users
(
id INTEGER PRIMARY KEY NOT NULL,
username TEXT NOT NULL UNIQUE,
password TEXT NOT NULL
);

256
nixie-server/src/main.rs
View file

@ -1,3 +1,255 @@
fn main() {
println!("Hello, world!");
use axum::Form;
use axum::Router;
use axum::extract::State;
use axum::http::StatusCode;
use axum::response::Html;
use axum::response::IntoResponse;
use axum::response::Redirect;
use axum::routing::get;
use axum::routing::post;
use axum_login::AuthManagerLayerBuilder;
use axum_login::AuthUser;
use axum_login::AuthnBackend;
use axum_login::login_required;
use displaydoc::Display;
use password_auth::generate_hash;
use password_auth::verify_password;
use serde::Deserialize;
use serde::Serialize;
use sqlx::SqlitePool;
use sqlx::prelude::FromRow;
use thiserror::Error;
use tokio::task;
use tokio::task::AbortHandle;
use tower_sessions::ExpiredDeletion;
use tower_sessions::SessionManagerLayer;
use tower_sessions_sqlx_store::SqliteStore;
use tracing_subscriber::EnvFilter;
#[tokio::main]
async fn main() -> anyhow::Result<()> {
run().await
}
#[derive(Debug, Clone, Serialize, Deserialize, FromRow)]
struct User {
id: i64,
username: String,
password: String,
}
impl AuthUser for User {
type Id = i64;
fn id(&self) -> Self::Id {
self.id
}
fn session_auth_hash(&self) -> &[u8] {
self.password.as_bytes()
}
}
#[derive(Clone)]
struct Backend {
db: SqlitePool,
}
#[derive(Debug, Clone, Deserialize)]
struct Credentials {
username: String,
password: String,
}
#[derive(Debug, Error, Display)]
pub enum AuthBackendError {
/// An error occurred while interacting with the database
Sqlx(#[from] sqlx::Error),
/// A tokio task could not be joined
TaskJoin(#[from] task::JoinError),
}
impl AuthnBackend for Backend {
type User = User;
type Credentials = Credentials;
type Error = AuthBackendError;
async fn authenticate(
&self,
creds: Self::Credentials,
) -> Result<Option<Self::User>, Self::Error> {
let user: Option<Self::User> = sqlx::query_as("SELECT * FROM users WHERE username = ?")
.bind(creds.username)
.fetch_optional(&self.db)
.await?;
task::spawn_blocking(move || {
Ok(user.filter(|user| verify_password(&creds.password, &user.password).is_ok()))
})
.await?
}
async fn get_user(
&self,
user_id: &axum_login::UserId<Self>,
) -> Result<Option<Self::User>, Self::Error> {
let user = sqlx::query_as("SELECT * FROM users WHERE id = ?")
.bind(user_id)
.fetch_optional(&self.db)
.await?;
Ok(user)
}
}
#[derive(Debug, Clone)]
pub(crate) struct AppState {
pub db: SqlitePool,
}
async fn run() -> anyhow::Result<()> {
tracing_subscriber::fmt()
.with_env_filter(EnvFilter::from_default_env())
.init();
let db = SqlitePool::connect("sqlite://database.db").await?;
sqlx::migrate!().run(&db).await?;
let session_store = SqliteStore::new(db.clone());
session_store.migrate().await?;
let deletion_task = task::spawn(
session_store
.clone()
.continuously_delete_expired(tokio::time::Duration::from_secs(60)),
);
let session_layer = SessionManagerLayer::new(session_store).with_expiry(
tower_sessions::Expiry::OnInactivity(tower_sessions::cookie::time::Duration::days(7)),
);
let backend = Backend { db: db.clone() };
let auth_layer = AuthManagerLayerBuilder::new(backend, session_layer).build();
let app = Router::new()
.route("/protected", get(show_protected))
.route_layer(login_required!(Backend, login_url = "/login"))
.route("/login", get(show_login))
.route("/login", post(do_login))
.route("/register", get(show_register))
.route("/register", post(do_register))
.layer(auth_layer)
.with_state(AppState { db });
let listener = tokio::net::TcpListener::bind("0.0.0.0:3000").await.unwrap();
axum::serve(listener, app.into_make_service())
.with_graceful_shutdown(shutdown_signal(deletion_task.abort_handle()))
.await?;
Ok(())
}
async fn shutdown_signal(handle: AbortHandle) {
let ctrl_c = async {
tokio::signal::ctrl_c()
.await
.expect("Failed to install Ctrl+C handler");
};
let terminate = async {
tokio::signal::unix::signal(tokio::signal::unix::SignalKind::terminate())
.expect("Failed to install terminate signal handler")
.recv()
.await;
};
tokio::select! {
_ = ctrl_c => {}
_ = terminate => {}
};
handle.abort();
}
async fn show_protected() -> Html<String> {
format!(
r##"
<!DOCTYPE html>
<html>
<body>
Yay, you did it!
</body>
</html>
"##
)
.into()
}
async fn show_login() -> Html<String> {
format!(
r##"
<!DOCTYPE html>
<html>
<body>
<form action="/login" method="POST">
<input type="text" name="username"/>
<input type="password" name="password"/>
<input type="submit" />
</form>
</body>
</html>
"##
)
.into()
}
async fn show_register() -> Html<String> {
format!(
r##"
<!DOCTYPE html>
<html>
<body>
<form action="/register" method="POST">
<input type="text" name="username"/>
<input type="password" name="password"/>
<input type="submit" />
</form>
</body>
</html>
"##
)
.into()
}
type AuthSession = axum_login::AuthSession<Backend>;
async fn do_register(
app_state: State<AppState>,
Form(creds): Form<Credentials>,
) -> Result<impl IntoResponse, Html<String>> {
sqlx::query("INSERT INTO users (username, password) VALUES (?, ?)")
.bind(creds.username)
.bind(generate_hash(creds.password))
.execute(&app_state.db)
.await
.map_err(|err| Html(err.to_string()))?;
Ok(Redirect::to("/login").into_response())
}
async fn do_login(
mut auth_session: AuthSession,
Form(creds): Form<Credentials>,
) -> impl IntoResponse {
let user = match auth_session.authenticate(creds.clone()).await {
Ok(Some(user)) => user,
Ok(None) => return StatusCode::UNAUTHORIZED.into_response(),
Err(_) => return StatusCode::INTERNAL_SERVER_ERROR.into_response(),
};
if auth_session.login(&user).await.is_err() {
return StatusCode::INTERNAL_SERVER_ERROR.into_response();
}
Redirect::to("/protected").into_response()
}