about summary refs log tree commit diff stats
path: root/crates/rocie-server/src/main.rs
diff options
context:
space:
mode:
Diffstat (limited to 'crates/rocie-server/src/main.rs')
-rw-r--r--crates/rocie-server/src/main.rs40
1 files changed, 38 insertions, 2 deletions
diff --git a/crates/rocie-server/src/main.rs b/crates/rocie-server/src/main.rs
index 2329b0b..dc5be0b 100644
--- a/crates/rocie-server/src/main.rs
+++ b/crates/rocie-server/src/main.rs
@@ -1,5 +1,10 @@
 use actix_cors::Cors;
-use actix_web::{App, HttpServer, middleware::Logger, web::Data};
+use actix_web::{
+    App, HttpServer,
+    cookie::{Key, SameSite},
+    middleware::Logger,
+    web::Data,
+};
 use clap::Parser;
 use utoipa::OpenApi;
 
@@ -10,6 +15,9 @@ mod app;
 mod cli;
 mod storage;
 
+use actix_identity::IdentityMiddleware;
+use actix_session::{SessionMiddleware, storage::CookieSessionStore};
+
 #[actix_web::main]
 #[expect(
     clippy::needless_for_each,
@@ -22,14 +30,25 @@ async fn main() -> Result<(), std::io::Error> {
             api::get::product::product_by_id,
             api::get::product::product_by_name,
             api::get::product::product_suggestion_by_name,
-            api::get::product::products,
+            api::get::product::products_registered,
+            api::get::product::products_in_storage,
+            api::get::product::products_by_product_parent_id_indirect,
+            api::get::product::products_by_product_parent_id_direct,
+            api::get::product_parent::product_parents,
+            api::get::product_parent::product_parents_toplevel,
+            api::get::product_parent::product_parents_under,
+            api::get::recipe::recipe_by_id,
+            api::get::recipe::recipes,
             api::get::unit::units,
+            api::get::unit::units_by_property_id,
             api::get::unit::unit_by_id,
             api::get::unit_property::unit_property_by_id,
             api::get::unit_property::unit_properties,
             api::get::inventory::amount_by_id,
             api::set::product::register_product,
             api::set::product::associate_barcode,
+            api::set::product_parent::register_product_parent,
+            api::set::recipe::add_recipe,
             api::set::unit::register_unit,
             api::set::unit_property::register_unit_property,
             api::set::barcode::buy_barcode,
@@ -45,6 +64,11 @@ async fn main() -> Result<(), std::io::Error> {
 
     env_logger::init_from_env(env_logger::Env::new().default_filter_or("info"));
 
+    // When using `Key::generate()` it is important to initialize outside of the
+    // `HttpServer::new` closure. When deployed the secret key should be read from a
+    // configuration file or environment variables.
+    let secret_key = Key::generate();
+
     let args = CliArgs::parse();
 
     match args.command {
@@ -67,6 +91,18 @@ async fn main() -> Result<(), std::io::Error> {
                     .wrap(Logger::new(
                         r#"%a "%r" -> %s %b ("%{Referer}i" "%{User-Agent}i" %T s)"#,
                     ))
+                    // Install the identity framework before middle-ware (as actix is filo).
+                    .wrap(IdentityMiddleware::default())
+                    .wrap(
+                        SessionMiddleware::builder(
+                            CookieSessionStore::default(),
+                            secret_key.clone(),
+                        )
+                        .cookie_secure(true)
+                        .cookie_http_only(true)
+                        .cookie_same_site(SameSite::Strict)
+                        .build(),
+                    )
                     .app_data(Data::clone(&data))
                     .configure(api::get::register_paths)
                     .configure(api::set::register_paths)
generated by cgit-pink 1.4.1 (git 2.36.1) at 2026-03-21 10:37:54 +0000