From 13ab260088db1335e8775f08c0a3c672c9111426 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Simon=20H=C3=B8jberg?= Date: Wed, 20 Nov 2024 12:21:24 -0500 Subject: [PATCH] Codebase Server: remove the generated port and token Run the CodebaseServer with a default port and token as well as allowing UCM Desktop domains to perform CORS requests. Keep the command line options to set a specific port, token, and add allow CORS domains.T --- unison-share-api/package.yaml | 1 - .../src/Unison/Server/CodebaseServer.hs | 62 +++++++++---------- unison-share-api/unison-share-api.cabal | 1 - 3 files changed, 30 insertions(+), 34 deletions(-) diff --git a/unison-share-api/package.yaml b/unison-share-api/package.yaml index 2df959ab4e..8ed217cf4d 100644 --- a/unison-share-api/package.yaml +++ b/unison-share-api/package.yaml @@ -16,7 +16,6 @@ dependencies: - bytes - bytestring - containers - - cryptonite - Diff - directory - errors diff --git a/unison-share-api/src/Unison/Server/CodebaseServer.hs b/unison-share-api/src/Unison/Server/CodebaseServer.hs index 1bbdfa5e24..b354fd3c75 100644 --- a/unison-share-api/src/Unison/Server/CodebaseServer.hs +++ b/unison-share-api/src/Unison/Server/CodebaseServer.hs @@ -10,9 +10,7 @@ import Control.Concurrent.Async (race) import Control.Exception (ErrorCall (..), throwIO) import Control.Monad.Reader import Control.Monad.Trans.Except -import Crypto.Random qualified as Crypto import Data.Aeson () -import Data.ByteArray.Encoding qualified as BE import Data.ByteString qualified as Strict import Data.ByteString.Char8 (unpack) import Data.ByteString.Char8 qualified as C8 @@ -37,7 +35,6 @@ import Network.Wai.Handler.Warp setBeforeMainLoop, setHost, setPort, - withApplicationSettings, ) import Network.Wai.Middleware.Cors (cors, corsMethods, corsOrigins, simpleCorsResourcePolicy) import Servant @@ -398,21 +395,6 @@ app :: app env rt codebase uiPath expectedToken allowCorsHost = corsPolicy allowCorsHost $ serve appAPI $ server env rt codebase uiPath expectedToken --- | The Token is used to help prevent multiple users on a machine gain access to --- each others codebases. --- --- Generate a cryptographically secure random token. --- https://neilmadden.blog/2018/08/30/moving-away-from-uuids/ --- --- E.g. --- >>> genToken --- "uxf85C7Y0B6om47" -genToken :: IO Strict.ByteString -genToken = do - BE.convertToBase @ByteString BE.Base64URLUnpadded <$> Crypto.getRandomBytes numRandomBytes - where - numRandomBytes = 10 - data Waiter a = Waiter { notify :: a -> IO (), waitFor :: IO a @@ -475,21 +457,23 @@ startServer env opts rt codebase onStart = do envUI <- canonicalizePath $ fromMaybe (FilePath.takeDirectory exePath "ui") (codebaseUIPath opts) token <- case token opts of Just t -> return $ C8.pack t - _ -> genToken + Nothing -> return $ C8.pack "codebase" let baseUrl = BaseUrl (fromMaybe "http://127.0.0.1" (host opts)) token let settings = defaultSettings & maybe id setPort (port opts) & maybe id (setHost . fromString) (host opts) - let a = app env rt codebase envUI token (allowCorsHost opts) + let app' = app env rt codebase envUI token (allowCorsHost opts) case port opts of - Nothing -> withApplicationSettings settings (pure a) (onStart . baseUrl) - Just p -> do + Nothing -> withPort settings baseUrl app' 5858 + Just p -> withPort settings baseUrl app' p + where + withPort settings baseUrl app' p = do started <- mkWaiter let settings' = setBeforeMainLoop (notify started ()) settings result <- race - (runSettings settings' a) + (runSettings settings' app') (waitFor started *> onStart (baseUrl p)) case result of Left () -> throwIO $ ErrorCall "Server exited unexpectedly!" @@ -518,16 +502,30 @@ serveIndex path = do serveUI :: FilePath -> Server WebUI serveUI path _ = serveIndex path --- Apply cors if there is allow-cors-host defined +{- + Allows CORS requests from UCM Desktop: + * Mac/Linux: tauri://localhost + * Windows: https://tauri.localhost, http://tauri.localhost +-} corsPolicy :: Maybe String -> Middleware -corsPolicy = maybe id \allowCorsHost -> - cors $ - const $ - Just - simpleCorsResourcePolicy - { corsMethods = ["GET", "OPTIONS"], - corsOrigins = Just ([C8.pack allowCorsHost], True) - } +corsPolicy allowCorsHost = + case allowCorsHost of + Just host -> + corsPolicy_ (host : tauriHosts) + Nothing -> + corsPolicy_ tauriHosts + where + tauriHosts = + ["tauri://localhost", "https://tauri.localhost", "http://tauri.localhost"] + + corsPolicy_ hosts = + cors $ + const $ + Just + simpleCorsResourcePolicy + { corsMethods = ["GET", "OPTIONS"], + corsOrigins = Just (fmap C8.pack hosts, True) + } server :: BackendEnv -> diff --git a/unison-share-api/unison-share-api.cabal b/unison-share-api/unison-share-api.cabal index 2e42b8ac70..52cb824d14 100644 --- a/unison-share-api/unison-share-api.cabal +++ b/unison-share-api/unison-share-api.cabal @@ -91,7 +91,6 @@ library , bytes , bytestring , containers - , cryptonite , directory , errors , extra