From bbd29ec77c0bee5ad69b3bb4263dae82144f855f Mon Sep 17 00:00:00 2001
From: Pijar <pierre.jarriges@tutanota.com>
Date: Fri, 20 May 2022 10:37:34 +0200
Subject: [PATCH] dockerfile up to bulleye-slim tag && fix secure cookie

---
 Cargo.lock           |  1 +
 Cargo.toml           | 29 +++++++++++++++--------------
 Dockerfile           |  4 ++--
 dev.Dockerfile       |  2 +-
 src/middleware.rs    |  7 ++++---
 src/view_resource.rs |  1 -
 6 files changed, 23 insertions(+), 21 deletions(-)

diff --git a/Cargo.lock b/Cargo.lock
index 8211a67..873731d 100644
--- a/Cargo.lock
+++ b/Cargo.lock
@@ -1283,6 +1283,7 @@ dependencies = [
  "rustls 0.18.1",
  "serde",
  "serde_json",
+ "time 0.2.27",
  "tokio",
  "wither",
 ]
diff --git a/Cargo.toml b/Cargo.toml
index bd2a48e..263edf0 100644
--- a/Cargo.toml
+++ b/Cargo.toml
@@ -2,23 +2,24 @@
 name = "kuadrado_server"
 version = "2.0.2"
 authors = ["Pierre Jarriges <pierre.jarriges@tutanota.com>"]
-edition = "2018"
+edition = "2021"
 license-file = "LICENSE"
 
 # See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html
 
 [dependencies]
-actix-web = { version = "3", features=["rustls"] }
+actix-web = { version = "3", features = ["rustls"] }
 actix-web-middleware-redirect-https = "3.0.1"
-rustls="0.18.1"
-actix-files="0.5"
-futures="0.3.17"
-serde="1"
-serde_json="1"
-wither="0.9"
-magic-crypt="3.1.9"
-env_logger="0.9"
-chrono="0.4"
-rand="0.8"
-dotenv="0.15"
-tokio = { version = "0.2", features = ["full"] }
\ No newline at end of file
+rustls = "0.18.1"
+actix-files = "0.5"
+futures = "0.3.17"
+serde = "1"
+serde_json = "1"
+wither = "0.9"
+magic-crypt = "3.1.9"
+env_logger = "0.9"
+chrono = "0.4"
+rand = "0.8"
+dotenv = "0.15"
+time = "0.2.7"
+tokio = { version = "0.2", features = ["full"] }
diff --git a/Dockerfile b/Dockerfile
index 0fd99f7..b79ad1c 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,4 +1,4 @@
-FROM kuadsoft/rust-openssl:latest as builder
+FROM kuadsoft/rust-openssl:bullseye-slim as builder
 
 WORKDIR /usr/src/kuadrado_server
 COPY ./Cargo.toml ./Cargo.toml
@@ -6,6 +6,6 @@ COPY ./Cargo.lock ./Cargo.lock
 COPY ./src ./src
 RUN cargo install --locked --path .
  
-FROM kuadsoft/debian-openssl:buster-slim
+FROM kuadsoft/debian-openssl:bullseye-slim
 COPY --from=builder /usr/local/cargo/bin/kuadrado_server /usr/local/bin/kuadrado_server
 CMD ["kuadrado_server"]
\ No newline at end of file
diff --git a/dev.Dockerfile b/dev.Dockerfile
index ceb3f31..1adaa0f 100644
--- a/dev.Dockerfile
+++ b/dev.Dockerfile
@@ -1,4 +1,4 @@
-FROM kuadsoft/rust-openssl:latest
+FROM kuadsoft/rust-openssl:bullseye-slim
 WORKDIR /usr/src/kuadrado_server
 COPY ./Cargo.toml ./Cargo.toml
 COPY ./Cargo.lock ./Cargo.lock
diff --git a/src/middleware.rs b/src/middleware.rs
index 1dde054..ebd8b87 100644
--- a/src/middleware.rs
+++ b/src/middleware.rs
@@ -8,14 +8,15 @@ use wither::{bson::doc, prelude::Model};
 /// Returns a Secure actix_web::http::Cookie.
 pub fn get_auth_cookie(name: &'static str, value: String) -> Cookie<'static> {
     Cookie::build(name, value)
-        .secure(true)
+        .path("/")
         .http_only(true)
+        .max_age(time::Duration::days(7))
         .same_site(SameSite::Strict)
-        .path("/")
+        .secure(true)
         .finish()
 }
 
-/// This is not a real middleware as it is meant to be executed only after having processed the request and not before.
+/// This is not an actual middleware as it is meant to be executed in the endpoint service to perform a simple verification.
 /// It must be registered in the actix App instance with app_data.
 /// ```
 /// App::new()
diff --git a/src/view_resource.rs b/src/view_resource.rs
index 8b53b49..0678220 100644
--- a/src/view_resource.rs
+++ b/src/view_resource.rs
@@ -133,7 +133,6 @@ impl ViewResourceManager {
                     } else {
                         return HttpResponse::Ok()
                             .content_type("text/html")
-                            .cookie(auth_cookie.unwrap())
                             .body(&res.string_contents);
                     }
                 }
-- 
GitLab