Closed Stridsvagn69420 closed 1 year ago
Only the Server Routes and Root Docs needed now!
...for the raw library of course, not the binaries. But still, pretty neat!
Use actix-web shared state for the routes. Probably use a trait for it if possible.
Basically what's missing:
The Password Authentication thingy will be done in the 3rd point on the checklist.
For file serving: remember to include the SHA-256 hash of the file in the headers. Maybe only on HEAD requests, I'll have to see.
Use this for .htpasswd auth https://crates.io/crates/htpasswd-verify and maybe also allow multiple Auth files The entries will be stored in a HashMap or BTreeMap. HashMap is the one I'm more familiar with and a BTreeMap might be slower with a lot of user accounts. I'll have to see.
Actually, use a HashSet for this.
Basically, load the htpasswd file line by line and use htpasswd_verify::load()
for every line, then add the result to a HashSet that will be stored in the CyrkensiaState.
And then for the look up: just iterate over it, probably linear.
Maybe a HashMap will be better, but I'll implement the HashSet variant first.
Actually, perhaps completely dismiss the Htpasswd thingy and just do a username-password store in JSON (the password being SHA-256 hashed of course) that will be used as a HashMap.
Here's the crate: https://crates.io/crates/sha256
Only the file index and then actual file serving is missing. Thankfully these will be just two route functions, one for index, one for files.
Plus there are the index response (basically just formatting) and a 401 error response, similar to the sever_500()
response.
Also, the file serving route should always include the size in the header, but also the SHA-256 and BLAKE3 hashes when there's a HEAD request (authentication has to be successful for this; if it isn't, always return the 401 response).
Using BLAKE3 is a good idea ...for checksums though. I'll switch the password hashing to argon2 asap. BLAKE3 will still be used to create the file checksums, and SHA-256 will be removed.
Apart from bundling everything together as an executable and testing everything, only the file serving with the HEAD meta and optional HTTP Basic Auth is missing!
Aw shit, I made an "it's 2 AM and I'm sick and tired"-oopsies
It's only the actual fileserving-basicauth-headmeta route thingy now.
I should probably also remake the wiki before this gets merged...
Header stuff for the file serving:
I have the feeling Actix-Web already does a lot of things for you, but I want to be sure and implement it my way, plus only something like the Actix-Web-Static-Fileserver thingy can really do things like hashing, ETag and Last-Modified, plus there's the user authentication (without auth, it won't send any information). I originally also wanted to cache all of these things, but BLAKE3 is blazingly fast and the other caching mechanics get near the level of what NGINX and Apache can kindly do for you.
Random stuff, but make the digest and partial content thing a middleware (has to be combined because digest depends on content).
Honestly, I might just make a new Rust rewrite. I wrote it down on the Nucleus server, so time to post it here too.
was messing around with GTA's Self Radio, FFmpeg, audio codecs and tags in audii files, and I might make a rust-new-version of my WIP rust-version of Cyrkensia
you see, aside from having to redo most things because mixing basic file serving, sending metadata and password protecting everything together being complicated, I might do the storing part different
I have a more elaborate version on this now. So, I'm gonna make it based on the current architecture, BUT the hostinfo won't be so fucking huge anymore. It merely lists the audio files, maybe even just the groups (what I called albums), and of course the server meta. And then there's another endpoint, the songinfo, that allows the client to read more data about a file. And this part just reads the available data from the database (probably SQL then). The database can be manually filled, but if you already have metadata on your file, another tool tries to write it to the database on command. Idk if I will include caching, probably yes if I figure out how.
So things will get debloated and the architecture will get better too. I just have to find time when I can actually do it, school and stuff you know.
Auth and Content hashing meta thingy will most likely be a middleware btw.
Gonna rewrite the entire thing again...
This will introduce the Rust re-write with v1.2.0, the managaement tools and obviously the hot new stuff as well as a re-write of the Wiki and better docs.
Checklist
And then obviously the server stuff:
<a href="filename.mp3">filename.mp3</a>
stacks)In the end, both
cyrkensia
andcyrkensia-cfg
binaries should be finished in order to merge this PR!cyrkensia
- the Cyrkensia servercyrkensia-cfg
- tool for managing Cyrkensia-related files and folders