2026-04-27 16:47:08 -04:00
|
|
|
use std::{any::Any, sync::Once, time::Duration};
|
2026-03-18 13:43:34 -04:00
|
|
|
|
2025-04-25 02:47:48 +01:00
|
|
|
use askama::Template;
|
|
|
|
|
use axum::{
|
|
|
|
|
Router,
|
2026-04-30 11:32:30 -04:00
|
|
|
extract::rejection::{FormRejection, PathRejection, QueryRejection},
|
2026-02-28 20:32:46 -05:00
|
|
|
http::{HeaderValue, StatusCode, header},
|
2026-04-27 16:47:08 -04:00
|
|
|
response::{Html, IntoResponse, Redirect, Response},
|
2025-04-25 02:47:48 +01:00
|
|
|
};
|
2026-04-27 16:47:08 -04:00
|
|
|
use conduwuit_service::{Services, state};
|
2026-03-18 13:43:34 -04:00
|
|
|
use tower_http::{catch_panic::CatchPanicLayer, set_header::SetResponseHeaderLayer};
|
2026-03-03 14:30:16 -05:00
|
|
|
use tower_sec_fetch::SecFetchLayer;
|
2026-04-27 16:47:08 -04:00
|
|
|
use tower_sessions::{ExpiredDeletion, SessionManagerLayer};
|
2025-04-25 02:47:48 +01:00
|
|
|
|
2026-04-27 16:47:08 -04:00
|
|
|
use crate::{
|
|
|
|
|
pages::TemplateContext,
|
|
|
|
|
session::{LoginQuery, store::RocksDbSessionStore},
|
|
|
|
|
};
|
2026-03-18 10:26:43 -04:00
|
|
|
|
2026-04-27 16:47:08 -04:00
|
|
|
mod extract;
|
2026-02-28 20:32:46 -05:00
|
|
|
mod pages;
|
2026-04-27 16:47:08 -04:00
|
|
|
mod session;
|
2025-04-25 02:47:48 +01:00
|
|
|
|
2026-02-28 20:32:46 -05:00
|
|
|
type State = state::State;
|
2026-02-13 09:58:35 -05:00
|
|
|
|
2026-03-18 13:18:53 -04:00
|
|
|
const CATASTROPHIC_FAILURE: &str = "cat-astrophic failure! we couldn't even render the error template. \
|
|
|
|
|
please contact the team @ https://continuwuity.org";
|
|
|
|
|
|
2026-04-27 16:47:08 -04:00
|
|
|
const ROUTE_PREFIX: &str = conduwuit_core::ROUTE_PREFIX;
|
|
|
|
|
|
2025-04-25 02:47:48 +01:00
|
|
|
#[derive(Debug, thiserror::Error)]
|
|
|
|
|
enum WebError {
|
2026-03-03 13:20:16 -05:00
|
|
|
#[error("Failed to validate form body: {0}")]
|
|
|
|
|
ValidationError(#[from] validator::ValidationErrors),
|
2026-03-04 14:28:32 -05:00
|
|
|
#[error("{0}")]
|
|
|
|
|
QueryRejection(#[from] QueryRejection),
|
|
|
|
|
#[error("{0}")]
|
|
|
|
|
FormRejection(#[from] FormRejection),
|
2026-03-18 13:43:34 -04:00
|
|
|
#[error("{0}")]
|
2026-04-30 11:32:30 -04:00
|
|
|
PathRejection(#[from] PathRejection),
|
|
|
|
|
#[error("{0}")]
|
2026-03-03 13:20:16 -05:00
|
|
|
BadRequest(String),
|
2026-03-18 13:18:53 -04:00
|
|
|
|
2026-03-04 11:18:07 -05:00
|
|
|
#[error("This page does not exist.")]
|
|
|
|
|
NotFound,
|
2026-04-27 16:47:08 -04:00
|
|
|
#[error("You are not allowed to request this page: {0}")]
|
|
|
|
|
Forbidden(String),
|
|
|
|
|
#[error("You must log in to access this page")]
|
|
|
|
|
LoginRequired(LoginQuery),
|
2026-03-18 13:18:53 -04:00
|
|
|
|
|
|
|
|
#[error("Failed to render template: {0}")]
|
|
|
|
|
Render(#[from] askama::Error),
|
2026-03-18 13:43:34 -04:00
|
|
|
#[error("{0}")]
|
2026-03-03 13:20:16 -05:00
|
|
|
InternalError(#[from] conduwuit_core::Error),
|
2026-03-18 13:43:34 -04:00
|
|
|
#[error("Request handler panicked! {0}")]
|
|
|
|
|
Panic(String),
|
2025-04-25 02:47:48 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
impl IntoResponse for WebError {
|
|
|
|
|
fn into_response(self) -> Response {
|
|
|
|
|
#[derive(Debug, Template)]
|
|
|
|
|
#[template(path = "error.html.j2")]
|
2026-02-28 20:32:46 -05:00
|
|
|
struct Error {
|
2026-03-03 13:20:16 -05:00
|
|
|
error: WebError,
|
|
|
|
|
status: StatusCode,
|
2026-03-18 10:26:43 -04:00
|
|
|
context: TemplateContext,
|
2025-04-25 02:47:48 +01:00
|
|
|
}
|
2026-03-18 10:26:43 -04:00
|
|
|
|
2026-04-27 16:47:08 -04:00
|
|
|
if let Self::LoginRequired(query) = self {
|
|
|
|
|
return Redirect::to(&format!(
|
|
|
|
|
"{}/account/login?{}",
|
|
|
|
|
ROUTE_PREFIX,
|
|
|
|
|
serde_urlencoded::to_string(query).unwrap()
|
|
|
|
|
))
|
|
|
|
|
.into_response();
|
|
|
|
|
}
|
|
|
|
|
|
2025-04-25 02:47:48 +01:00
|
|
|
let status = match &self {
|
2026-03-04 14:28:32 -05:00
|
|
|
| Self::ValidationError(_)
|
|
|
|
|
| Self::BadRequest(_)
|
|
|
|
|
| Self::QueryRejection(_)
|
2026-04-27 16:47:08 -04:00
|
|
|
| Self::FormRejection(_)
|
|
|
|
|
| Self::InternalError(_) => StatusCode::BAD_REQUEST,
|
2026-03-04 11:18:07 -05:00
|
|
|
| Self::NotFound => StatusCode::NOT_FOUND,
|
2026-04-27 16:47:08 -04:00
|
|
|
| Self::Forbidden(_) => StatusCode::FORBIDDEN,
|
|
|
|
|
| Self::LoginRequired(_) => {
|
|
|
|
|
unreachable!("LoginRequired is handled earlier")
|
|
|
|
|
},
|
2026-03-03 13:20:16 -05:00
|
|
|
| _ => StatusCode::INTERNAL_SERVER_ERROR,
|
2025-04-25 02:47:48 +01:00
|
|
|
};
|
2026-02-28 20:32:46 -05:00
|
|
|
|
2026-03-11 16:47:47 +01:00
|
|
|
let template = Error {
|
|
|
|
|
error: self,
|
|
|
|
|
status,
|
2026-03-18 10:26:43 -04:00
|
|
|
context: TemplateContext {
|
2026-03-18 13:18:53 -04:00
|
|
|
// Statically set false to prevent error pages from being indexed.
|
2026-03-18 10:26:43 -04:00
|
|
|
allow_indexing: false,
|
|
|
|
|
},
|
2026-03-11 16:47:47 +01:00
|
|
|
};
|
2026-02-28 20:32:46 -05:00
|
|
|
|
2026-03-03 13:20:16 -05:00
|
|
|
if let Ok(body) = template.render() {
|
2026-02-28 20:32:46 -05:00
|
|
|
(status, Html(body)).into_response()
|
2025-04-25 02:47:48 +01:00
|
|
|
} else {
|
2026-03-18 13:18:53 -04:00
|
|
|
(status, CATASTROPHIC_FAILURE).into_response()
|
2025-04-25 02:47:48 +01:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
2026-02-28 20:32:46 -05:00
|
|
|
|
2026-04-27 16:47:08 -04:00
|
|
|
static STORE_CLEANUP_TASK: Once = Once::new();
|
|
|
|
|
|
|
|
|
|
pub fn build(services: &Services) -> Router<state::State> {
|
2026-02-28 20:32:46 -05:00
|
|
|
#[allow(clippy::wildcard_imports)]
|
|
|
|
|
use pages::*;
|
|
|
|
|
|
2026-04-27 16:47:08 -04:00
|
|
|
let store = RocksDbSessionStore::new(&services.db);
|
|
|
|
|
|
|
|
|
|
STORE_CLEANUP_TASK.call_once(|| {
|
|
|
|
|
services.server.runtime().spawn(
|
|
|
|
|
store
|
|
|
|
|
.clone()
|
|
|
|
|
.continuously_delete_expired(Duration::from_hours(1)),
|
|
|
|
|
);
|
|
|
|
|
});
|
|
|
|
|
|
2026-03-18 12:31:27 -04:00
|
|
|
Router::new()
|
|
|
|
|
.merge(index::build())
|
2026-03-18 13:18:53 -04:00
|
|
|
.nest(
|
|
|
|
|
"/_continuwuity/",
|
|
|
|
|
Router::new()
|
2026-04-27 16:47:08 -04:00
|
|
|
.nest("/account/", account::build())
|
2026-03-18 13:43:34 -04:00
|
|
|
.merge(debug::build())
|
2026-04-30 08:54:55 -04:00
|
|
|
.nest("/oauth2/", oauth::build())
|
2026-04-27 16:47:08 -04:00
|
|
|
.merge(resources::build())
|
2026-03-22 19:34:13 -04:00
|
|
|
.merge(threepid::build())
|
2026-03-18 13:18:53 -04:00
|
|
|
.fallback(async || WebError::NotFound),
|
|
|
|
|
)
|
2026-04-27 16:47:08 -04:00
|
|
|
.layer(SessionManagerLayer::new(store).with_name("_c10y_session"))
|
2026-03-18 13:43:34 -04:00
|
|
|
.layer(CatchPanicLayer::custom(|panic: Box<dyn Any + Send + 'static>| {
|
|
|
|
|
let details = if let Some(s) = panic.downcast_ref::<String>() {
|
|
|
|
|
s.clone()
|
|
|
|
|
} else if let Some(s) = panic.downcast_ref::<&str>() {
|
|
|
|
|
(*s).to_owned()
|
|
|
|
|
} else {
|
|
|
|
|
"(opaque panic payload)".to_owned()
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
WebError::Panic(details).into_response()
|
|
|
|
|
}))
|
2026-02-28 20:32:46 -05:00
|
|
|
.layer(SetResponseHeaderLayer::if_not_present(
|
|
|
|
|
header::CONTENT_SECURITY_POLICY,
|
2026-04-30 08:54:55 -04:00
|
|
|
HeaderValue::from_static("default-src 'self'; img-src 'self' https: data:;"),
|
2026-02-28 20:32:46 -05:00
|
|
|
))
|
2026-03-03 14:30:16 -05:00
|
|
|
.layer(SecFetchLayer::new(|policy| {
|
|
|
|
|
policy.allow_safe_methods().reject_missing_metadata();
|
|
|
|
|
}))
|
2026-02-28 20:32:46 -05:00
|
|
|
}
|
