fixed #1366 - API crash

2025-09-05 06:04:23 +08:00 · 2025-06-05 10:16:34 +02:00 · 2025-06-05 10:16:34 +02:00 · c0de2f02b6
commit c0de2f02b6
parent 3c6407efb8
11 changed files with 64 additions and 23 deletions
--- a/Cargo.lock
+++ b/Cargo.lock
@ -2462,6 +2462,16 @@ version = "2.0.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "5e0826a989adedc2a244799e823aece04662b66609d96af8dff7ac6df9a8925d"

+[[package]]
+name = "nu-ansi-term"
+version = "0.46.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "77a8165726e8236064dbb45459242600304b42a5ea24ee2948e18e023bf7ba84"
+dependencies = [
+ "overload",
+ "winapi",
+]
+
 [[package]]
 name = "num-bigint"
 version = "0.4.6"
@ -2661,6 +2671,12 @@ dependencies = [
 "syn 2.0.101",
 ]

+[[package]]
+name = "overload"
+version = "0.1.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "b15813163c1d831bf4a13c3610c05c0d03b39feb07f7e09fa234dac9b15aaf39"
+
 [[package]]
 name = "p256"
 version = "0.13.2"
@ -5090,6 +5106,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "e8189decb5ac0fa7bc8b96b7cb9b2701d60d48805aca84a238004d665fcc4008"
 dependencies = [
 "matchers",
+ "nu-ansi-term",
 "once_cell",
 "regex",
 "sharded-slab",
--- a/Cargo.toml
+++ b/Cargo.toml
@ -42,6 +42,14 @@ poem = { version = "3.1", features = [
    "websocket",
    "rustls",
    "embed",
+    "server",
+], default-features = false }
+poem-openapi = { version = "5.1", features = [
+    "swagger-ui",
+    "chrono",
+    "uuid",
+    "static-files",
+    "cookie",
 ], default-features = false }
 password-hash = { version = "0.5", features = ["std"], default-features = false }
 delegate = { version = "0.13", default-features = false }
--- a/tests/test_api_auth.py
+++ b/tests/test_api_auth.py
@ -1,5 +1,7 @@
 import contextlib
-from .api_client import sdk
+from uuid import uuid4
+import requests
+from .api_client import admin_client, sdk
 from .conftest import WarpgateProcess
 from .test_http_common import *  # noqa

@ -43,3 +45,31 @@ class TestAPIAuth:
                api.get_session("1")
            with assert_401():
                api.get_sessions()
+
+    def test_cookie_auth(
+        self,
+        shared_wg: WarpgateProcess,
+    ):
+        url = f"https://localhost:{shared_wg.http_port}"
+
+        with admin_client(url) as api:
+            user = api.create_user(sdk.CreateUserRequest(username=f"user-{uuid4()}"))
+            api.create_password_credential(
+                user.id, sdk.NewPasswordCredential(password="123")
+            )
+            admin_role = api.get_roles('warpgate:admin')[0]
+            api.add_user_role(user.id, admin_role.id)
+
+        session = requests.Session()
+        session.verify = False
+        r = session.post(
+            f"{url}/@warpgate/api/auth/login",
+            json={
+                'username': user.username,
+                'password': '123',
+            },
+        )
+        assert r.status_code == 201, r.text
+
+        r = session.get(f"{url}/@warpgate/admin/api/sessions")
+        assert r.status_code == 200, r.text
--- a/tests/test_http_basic.py
+++ b/tests/test_http_basic.py
@ -18,7 +18,7 @@ class Test:

        with admin_client(url) as api:
            role = api.create_role(sdk.RoleDataRequest(name=f"role-{uuid4()}"))
-            user = api.create_user(sdk.CreateUserRequest(username="user"))
+            user = api.create_user(sdk.CreateUserRequest(username=f"user-{uuid4()}"))
            api.create_password_credential(
                user.id, sdk.NewPasswordCredential(password="123")
            )
--- a/warpgate-admin/Cargo.toml
+++ b/warpgate-admin/Cargo.toml
@ -13,12 +13,7 @@ futures.workspace = true
 hex = { version = "0.4", default-features = false }
 mime_guess = { version = "2.0", default-features = false }
 poem.workspace = true
-poem-openapi = { version = "5.1", features = [
-    "swagger-ui",
-    "chrono",
-    "uuid",
-    "static-files",
-], default-features = false }
+poem-openapi.workspace = true
 russh.workspace = true
 rust-embed = { version = "8.3", default-features = false }
 sea-orm.workspace = true
--- a/warpgate-common/Cargo.toml
+++ b/warpgate-common/Cargo.toml
@ -21,12 +21,7 @@ futures.workspace = true
 once_cell = { version = "1.17", default-features = false }
 password-hash.workspace = true
 poem = { version = "3.1", features = ["rustls"], default-features = false }
-poem-openapi = { version = "5.1", features = [
-    "swagger-ui",
-    "chrono",
-    "uuid",
-    "static-files",
-], default-features = false }
+poem-openapi.workspace = true
 rand.workspace = true
 rand_chacha.workspace = true
 rand_core.workspace = true
--- a/warpgate-core/Cargo.toml
+++ b/warpgate-core/Cargo.toml
@ -23,12 +23,7 @@ once_cell = "1.17"
 packet = "0.1"
 password-hash.workspace = true
 poem.workspace = true
-poem-openapi = { version = "5.1", features = [
-    "swagger-ui",
-    "chrono",
-    "uuid",
-    "static-files",
-], default-features = false }
+poem-openapi.workspace = true
 rand.workspace = true
 rand_chacha.workspace = true
 rand_core.workspace = true
--- a/warpgate-db-entities/Cargo.toml
+++ b/warpgate-db-entities/Cargo.toml
@ -7,7 +7,7 @@ version = "0.14.0"
 [dependencies]
 bytes = { version = "1.4", default-features = false }
 chrono = { version = "0.4", default-features = false, features = ["serde"] }
-poem-openapi = { version = "5.1", features = ["chrono", "uuid"], default-features = false }
+poem-openapi.workspace = true
 sqlx.workspace = true
 sea-orm = { workspace = true, features = [
    "macros",
--- a/warpgate-protocol-http/Cargo.toml
+++ b/warpgate-protocol-http/Cargo.toml
@ -15,7 +15,7 @@ futures.workspace = true
 http = { version = "1.0", default-features = false }
 once_cell = { version = "1.17", default-features = false }
 poem.workspace = true
-poem-openapi = { version = "5.1", features = ["swagger-ui"], default-features = false }
+poem-openapi.workspace = true
 reqwest = { version = "0.12", features = [
    "http2",                               # required for connecting to targets behind AWS ELB
    "rustls-tls-native-roots-no-provider",
--- a/warpgate-web/src/gateway/Login.svelte
+++ b/warpgate-web/src/gateway/Login.svelte
@ -213,7 +213,7 @@
        <Loadable promise={ssoProvidersPromise}>
            {#snippet children(ssoProviders)}
                <div class="mt-3 sso-buttons">
-                    {#each ssoProviders as ssoProvider}
+                    {#each ssoProviders as ssoProvider (ssoProvider.name)}
                        <button
                            class="btn btn-secondary"
                            disabled={busy}
--- a/warpgate/Cargo.toml
+++ b/warpgate/Cargo.toml
@ -27,6 +27,7 @@ time = { version = "0.3", default-features = false }
 tokio.workspace = true
 tracing.workspace = true
 tracing-subscriber = { version = "0.3", features = [
+    "ansi",
    "env-filter",
    "local-time",
 ], default-features = false }