1
  2
  3
  4
  5
  6
  7
  8
  9
 10
 11
 12
 13
 14
 15
 16
 17
 18
 19
 20
 21
 22
 23
 24
 25
 26
 27
 28
 29
 30
 31
 32
 33
 34
 35
 36
 37
 38
 39
 40
 41
 42
 43
 44
 45
 46
 47
 48
 49
 50
 51
 52
 53
 54
 55
 56
 57
 58
 59
 60
 61
 62
 63
 64
 65
 66
 67
 68
 69
 70
 71
 72
 73
 74
 75
 76
 77
 78
 79
 80
 81
 82
 83
 84
 85
 86
 87
 88
 89
 90
 91
 92
 93
 94
 95
 96
 97
 98
 99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213

/*
* Copyright (C) 2021  Aravinth Manivannan <realaravinth@batsense.net>
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as
* published by the Free Software Foundation, either version 3 of the
* License, or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program.  If not, see <https://www.gnu.org/licenses/>.
*/
//! App data: redis cache, database connections, etc.
use std::sync::Arc;
use std::thread;

use actix::prelude::*;
use argon2_creds::{Config, ConfigBuilder, PasswordPolicy};
use lettre::transport::smtp::authentication::Mechanism;
use lettre::{
    transport::smtp::authentication::Credentials, AsyncSmtpTransport, Tokio1Executor,
};
use libmcaptcha::cache::hashcache::HashCache;
use libmcaptcha::cache::redis::RedisCache;
use libmcaptcha::master::redis::master::Master as RedisMaster;
use libmcaptcha::redis::RedisConfig;
use libmcaptcha::{
    cache::messages::VerifyCaptchaResult,
    cache::Save,
    errors::CaptchaResult,
    master::{embedded::master::Master as EmbeddedMaster, Master as MasterTrait},
    pow::ConfigBuilder as PoWConfigBuilder,
    pow::PoWConfig,
    pow::Work,
    system::{System, SystemBuilder},
    //    master::messages::AddSite,
};

use sqlx::postgres::PgPoolOptions;
use sqlx::PgPool;

use crate::SETTINGS;

/// Represents mCaptcha cache and master system.
/// When Redis is configured, [SystemGroup::Redis] is used and
/// in its absense, [SystemGroup::Embedded] is used
pub enum SystemGroup {
    Embedded(System<HashCache, EmbeddedMaster>),
    Redis(System<RedisCache, RedisMaster>),
}

impl SystemGroup {
    /// utility function to get difficulty factor of site `id` and cache it
    pub async fn get_pow(&self, id: String) -> Option<PoWConfig> {
        match self {
            Self::Embedded(val) => val.get_pow(id).await,
            Self::Redis(val) => val.get_pow(id).await,
        }
    }

    /// utility function to verify [Work]
    pub async fn verify_pow(&self, work: Work) -> CaptchaResult<String> {
        match self {
            Self::Embedded(val) => val.verify_pow(work).await,
            Self::Redis(val) => val.verify_pow(work).await,
        }
    }

    /// utility function to validate verification tokens
    pub async fn validate_verification_tokens(
        &self,
        msg: VerifyCaptchaResult,
    ) -> CaptchaResult<bool> {
        match self {
            Self::Embedded(val) => val.validate_verification_tokens(msg).await,
            Self::Redis(val) => val.validate_verification_tokens(msg).await,
        }
    }

    //        /// utility function to AddSite
    //        pub async fn add_site(
    //            &self,
    //            msg: AddSite,
    //        ) -> CaptchaResult<()> {
    //            match self {
    //                Self::Embedded(val) => val.master.send(msg).await?,
    //                Self::Redis(val) => val.master.send(msg).await?,
    //            };
    //            Ok(())
    //        }

    fn new_system<A: Save, B: MasterTrait>(m: Addr<B>, c: Addr<A>) -> System<A, B> {
        let pow = PoWConfigBuilder::default()
            .salt(SETTINGS.pow.salt.clone())
            .build()
            .unwrap();

        SystemBuilder::default().pow(pow).cache(c).master(m).build()
    }

    // read settings, if Redis is configured then produce a Redis mCaptcha cache
    // based SystemGroup
    async fn new() -> Self {
        match &SETTINGS.redis {
            Some(val) => {
                let master = RedisMaster::new(RedisConfig::Single(val.url.clone()))
                    .await
                    .unwrap()
                    .start();
                let cache = RedisCache::new(RedisConfig::Single(val.url.clone()))
                    .await
                    .unwrap()
                    .start();
                let captcha = Self::new_system(master, cache);

                SystemGroup::Redis(captcha)
            }
            None => {
                let master = EmbeddedMaster::new(SETTINGS.pow.gc).start();
                let cache = HashCache::default().start();
                let captcha = Self::new_system(master, cache);

                SystemGroup::Embedded(captcha)
            }
        }
    }
}

/// App data
pub struct Data {
    /// databse pool
    pub db: PgPool,
    /// credential management configuration
    pub creds: Config,
    /// mCaptcha system: Redis cache, etc.
    pub captcha: SystemGroup,
    /// email client
    pub mailer: Option<Mailer>,
}

impl Data {
    pub fn get_creds() -> Config {
        ConfigBuilder::default()
            .username_case_mapped(true)
            .profanity(true)
            .blacklist(true)
            .password_policy(PasswordPolicy::default())
            .build()
            .unwrap()
    }
    #[cfg(not(tarpaulin_include))]
    /// create new instance of app data
    pub async fn new() -> Arc<Self> {
        let creds = Self::get_creds();
        let c = creds.clone();

        let init = thread::spawn(move || {
            log::info!("Initializing credential manager");
            c.init();
            log::info!("Initialized credential manager");
        });

        let db = PgPoolOptions::new()
            .max_connections(SETTINGS.database.pool)
            .connect(&SETTINGS.database.url)
            .await
            .expect("Unable to form database pool");

        let data = Data {
            creds,
            db,
            captcha: SystemGroup::new().await,
            mailer: Self::get_mailer(),
        };

        init.join().unwrap();

        Arc::new(data)
    }

    fn get_mailer() -> Option<Mailer> {
        if let Some(smtp) = SETTINGS.smtp.as_ref() {
            let creds =
                Credentials::new(smtp.username.to_string(), smtp.password.to_string()); // "smtp_username".to_string(), "smtp_password".to_string());

            let mailer: Mailer =
                AsyncSmtpTransport::<Tokio1Executor>::builder_dangerous(&smtp.url)
                    .port(smtp.port)
                    .credentials(creds)
                    .authentication(vec![
                        Mechanism::Login,
                        Mechanism::Xoauth2,
                        Mechanism::Plain,
                    ])
                    .build();

            //            let mailer: Mailer = AsyncSmtpTransport::<Tokio1Executor>::relay(&smtp.url) //"smtp.gmail.com")
            //                .unwrap()
            //                .credentials(creds)
            //                .build();
            Some(mailer)
        } else {
            None
        }
    }
}

/// Mailer data type AsyncSmtpTransport<Tokio1Executor>
pub type Mailer = AsyncSmtpTransport<Tokio1Executor>;