Manage secure key for cookies

O01eg

Sep 16, 2022, 12:57 PM

BKHQHXZQDFC6SSIQ3XBNIBYQJBD3EN6VFKK7VBWY4BOT2H2ZRQAAC

Dependencies

[2] RAXDAROS Split base URL to protocol and domain
[3] 3GGMBQ2N Update dependencies and add list of slow games
[4] BCXEUKX6 Add config, static files and web server
[5] IM5ZPD4N Update dependencies
[6] QEK76JYT Process and log template render error
[7] 4MZ4VIR7 Initial commit
[8] K7FOI6UN Update dependencies and fix game link
[9] WXRGEQOE Add HTTP client dependency
[*] ZRU62WXD Send email with change game password link
[*] 7R6HAATP Optional publish static files if use reverse-proxy
[*] WVHXYKCV Add postgresql pools
[*] Z3SYSC25 Add SMTP configuration
[*] NLEIFOAG Add dependency to send mails

Change contents

edit in src/main.rs at line 54

[2.385]

[11.1084]

cookies_key_base64,
edit in src/main.rs at line 61

[12.71]

[13.929]

let _cookies_key = if let Some(c) = cookies_key_base64 {
match base64::decode_config(c, base64::URL_SAFE_NO_PAD) {
Ok(b) => {
if b.len() < 64 {
log::error!("Small key for cookies");
return Err(std::io::Error::new(std::io::ErrorKind::Other, "Small key"));
} else {
actix_web::cookie::Key::from(&b)
}
}
Err(e) => {
log::error!("Incorrect key for cookies {}", e);
return Err(std::io::Error::new(
std::io::ErrorKind::Other,
"Incorrect key",
));
}
}
} else {
log::error!("Missing key for cookies");
if let Some(nc) = actix_web::cookie::Key::try_generate() {
log::info!(
"Put line `cookies_key_base64 = \"{}\"` to config",
base64::encode_config(nc.master(), base64::URL_SAFE_NO_PAD)
);
return Err(std::io::Error::new(
std::io::ErrorKind::Other,
"Missing key",
));
} else {
log::error!("Cann't generate key for cookies");
return Err(std::io::Error::new(
std::io::ErrorKind::Other,
"Cann't generate key",
));
}
};
edit in src/config.rs at line 36

[2.485]

[14.460]

pub cookies_key_base64: Option<String>,
edit in Cargo.toml at line 16

[4.8423]→[4.0:20](∅→∅)

actix-web = "4.0.1"
edit in Cargo.toml at line 42

[15.135]

[dependencies.actix-web]
version = "4.2.1"
features = ["secure-cookies"]
edit in Cargo.lock at line 230

[4.3049]

[4.13154]

[[package]]
name = "aead"
version = "0.4.3"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "0b613b8e1e3cf911a086f53f03bf286f52fd7a7258e4fa606f0ef220d39d8877"
dependencies = [
"generic-array",
]

[[package]]
name = "aes"
version = "0.7.5"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "9e8b47f52ea9bae42228d07ec09eb676433d7c4ed1ebdf0f1d1c29ed446f1ab8"
dependencies = [
"cfg-if",
"cipher",
"cpufeatures",
"opaque-debug",
]

[[package]]
name = "aes-gcm"
version = "0.9.4"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "df5f85a83a7d8b0442b6aa7b504b8212c1733da07b98aae43d4bc21b2cb3cdf6"
dependencies = [
"aead",
"aes",
"cipher",
"ctr",
"ghash",
"subtle",
]
edit in Cargo.lock at line 478

[4.17186]

[4.17186]

name = "cipher"
version = "0.3.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "7ee52072ec15386f770805afd189a01c8841be8696bed250fa2f13c4c0d6dfb7"
dependencies = [
"generic-array",
]

[[package]]
edit in Cargo.lock at line 522

[4.17871]

[4.17871]

"aes-gcm",
"base64",
"hkdf",
"hmac",
edit in Cargo.lock at line 527

[4.17892]

[3.3475]

"rand",
"sha2",
"subtle",
edit in Cargo.lock at line 569

[4.4772]

[13.3017]

name = "ctr"
version = "0.8.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "049bb91fb4aaf0e3c7efa6cd5ef877dbbbd15b39dad06d9948de4ec8a75761ea"
dependencies = [
"cipher",
]

[[package]]
edit in Cargo.lock at line 829

[4.22186]

[4.22186]

name = "ghash"
version = "0.4.4"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "1583cc1656d7839fd3732b80cf4f38850336cdb9b8ded1cd399ca62958de3c99"
dependencies = [
"opaque-debug",
"polyval",
]

[[package]]
edit in Cargo.lock at line 887

[4.22964]

[13.5556]

name = "hkdf"
version = "0.12.3"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "791a029f6b9fc27657f6f188ec6e5e43f6911f6f878e0dc5501396e09809d437"
dependencies = [
"hmac",
]

[[package]]
edit in Cargo.lock at line 1236

[4.27687]

[4.9896]

name = "opaque-debug"
version = "0.3.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "624a8340c38c1b80fd549087862da4ba43e08858af025b236e509b6649fc13d5"

[[package]]
edit in Cargo.lock at line 1361

[4.29513]

[4.29513]

[[package]]
name = "polyval"
version = "0.5.3"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "8419d2b623c7c0896ff2d5d96e2cb4ede590fed28fcc34934f4c33c036e620a1"
dependencies = [
"cfg-if",
"cpufeatures",
"opaque-debug",
"universal-hash",
]
edit in Cargo.lock at line 1940

[4.41994]

[15.3377]

name = "universal-hash"
version = "0.4.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "9f214e8f697e925001e66ec2c6e37a4ef93f0f78c2eed7814394e10c62025b05"
dependencies = [
"generic-array",
"subtle",
]

[[package]]