From 36409b3dca6c79b49ebb77dce87a0d60f7bd93a8 Mon Sep 17 00:00:00 2001
From: core <core@coredoes.dev>
Date: Mon, 20 Feb 2023 13:42:15 -0500
Subject: [PATCH] CORS fixup

---
 trifid-api/Cargo.toml                         |  2 +-
 trifid-api/src/main.rs                        | 32 +++++++++++++++++--
 trifid-api/src/routes/v1/auth/magic_link.rs   |  7 ++++
 trifid-api/src/routes/v1/auth/totp.rs         |  7 ++++
 .../src/routes/v1/auth/verify_magic_link.rs   |  7 ++++
 trifid-api/src/routes/v1/signup.rs            |  6 ++++
 .../src/routes/v1/totp_authenticators.rs      |  7 ++++
 .../routes/v1/verify_totp_authenticator.rs    |  7 ++++
 8 files changed, 72 insertions(+), 3 deletions(-)

diff --git a/trifid-api/Cargo.toml b/trifid-api/Cargo.toml
index 385f5a1..9cc94d0 100644
--- a/trifid-api/Cargo.toml
+++ b/trifid-api/Cargo.toml
@@ -18,4 +18,4 @@ paste = "1.0.11"
 totp-rs = { version = "4.2.0", features = ["qr", "otpauth", "gen_secret"]}
 uuid = { version = "1.3.0", features = ["v4", "fast-rng", "macro-diagnostics"]}
 url = { version = "2.3.1", features = ["serde"] }
-urlencoding = "2.1.2"
\ No newline at end of file
+urlencoding = "2.1.2"
diff --git a/trifid-api/src/main.rs b/trifid-api/src/main.rs
index 8d0d2cf..49bf9d0 100644
--- a/trifid-api/src/main.rs
+++ b/trifid-api/src/main.rs
@@ -5,7 +5,9 @@ use std::fs;
 use std::path::Path;
 use dotenvy::dotenv;
 use log::{error, info};
-use rocket::{catchers, routes};
+use rocket::{catchers, Request, Response, routes};
+use rocket::fairing::{Fairing, Info, Kind};
+use rocket::http::Header;
 use sqlx::migrate::Migrator;
 use sqlx::postgres::PgPoolOptions;
 use crate::config::TFConfig;
@@ -20,6 +22,25 @@ pub mod auth;
 
 static MIGRATOR: Migrator = sqlx::migrate!();
 
+pub struct CORS;
+
+#[rocket::async_trait]
+impl Fairing for CORS {
+    fn info(&self) -> Info {
+        Info {
+            name: "Add CORS headers to responses",
+            kind: Kind::Response
+        }
+    }
+
+    async fn on_response<'r>(&self, _request: &'r Request<'_>, response: &mut Response<'r>) {
+        response.set_header(Header::new("Access-Control-Allow-Origin", "*"));
+        response.set_header(Header::new("Access-Control-Allow-Methods", "POST, GET, PATCH, OPTIONS"));
+        response.set_header(Header::new("Access-Control-Allow-Headers", "*"));
+        response.set_header(Header::new("Access-Control-Allow-Credentials", "true"));
+    }
+}
+
 #[rocket::main]
 async fn main() -> Result<(), Box<dyn Error>> {
     let _ = rocket::build();
@@ -81,11 +102,17 @@ async fn main() -> Result<(), Box<dyn Error>> {
     let _ = rocket::custom(figment)
         .mount("/", routes![
             crate::routes::v1::auth::magic_link::magiclink_request,
+            crate::routes::v1::auth::magic_link::options,
             crate::routes::v1::signup::signup_request,
+            crate::routes::v1::signup::options,
             crate::routes::v1::auth::verify_magic_link::verify_magic_link,
+            crate::routes::v1::auth::verify_magic_link::options,
             crate::routes::v1::totp_authenticators::totp_authenticators_request,
+            crate::routes::v1::totp_authenticators::options,
             crate::routes::v1::verify_totp_authenticator::verify_totp_authenticator_request,
-            crate::routes::v1::auth::totp::totp_request
+            crate::routes::v1::verify_totp_authenticator::options,
+            crate::routes::v1::auth::totp::totp_request,
+            crate::routes::v1::auth::totp::options
         ])
         .register("/", catchers![
             crate::routes::handler_400,
@@ -101,6 +128,7 @@ async fn main() -> Result<(), Box<dyn Error>> {
             crate::routes::handler_504,
             crate::routes::handler_505,
         ])
+        .attach(CORS)
         .manage(pool)
         .manage(config)
         .launch().await?;
diff --git a/trifid-api/src/routes/v1/auth/magic_link.rs b/trifid-api/src/routes/v1/auth/magic_link.rs
index aacc56e..8f679de 100644
--- a/trifid-api/src/routes/v1/auth/magic_link.rs
+++ b/trifid-api/src/routes/v1/auth/magic_link.rs
@@ -5,6 +5,7 @@ use rocket::http::{ContentType, Status};
 use sqlx::PgPool;
 use crate::config::TFConfig;
 use crate::tokens::send_magic_link;
+use rocket::options;
 
 #[derive(Serialize, Deserialize)]
 #[serde(crate = "rocket::serde")]
@@ -23,6 +24,12 @@ pub struct MagicLinkResponse {
     pub metadata: MagicLinkResponseMetadata,
 }
 
+
+#[options("/v1/auth/magic-link")]
+pub async fn options() -> &'static str {
+    ""
+}
+
 #[post("/v1/auth/magic-link", data = "<req>")]
 pub async fn magiclink_request(req: Json<MagicLinkRequest>, pool: &State<PgPool>, config: &State<TFConfig>) -> Result<(ContentType, Json<MagicLinkResponse>), (Status, String)> {
     // figure out if the user already exists
diff --git a/trifid-api/src/routes/v1/auth/totp.rs b/trifid-api/src/routes/v1/auth/totp.rs
index 068ae79..ababb7a 100644
--- a/trifid-api/src/routes/v1/auth/totp.rs
+++ b/trifid-api/src/routes/v1/auth/totp.rs
@@ -4,6 +4,7 @@ use crate::auth::PartialUserInfo;
 use serde::{Serialize, Deserialize};
 use rocket::{post, State};
 use sqlx::PgPool;
+use rocket::options;
 use crate::tokens::{generate_auth_token, get_totpmachine, user_has_totp};
 
 pub const TOTP_GENERIC_UNAUTHORIZED_ERROR: &str = "{\"errors\":[{\"code\":\"ERR_INVALID_TOTP_CODE\",\"message\":\"invalid TOTP code (maybe it expired?)\",\"path\":\"code\"}]}";
@@ -32,6 +33,12 @@ pub struct TotpResponse {
     metadata: TotpResponseMetadata
 }
 
+#[options("/v1/auth/totp")]
+pub async fn options() -> &'static str {
+    ""
+}
+
+
 #[post("/v1/auth/totp", data = "<req>")]
 pub async fn totp_request(req: Json<TotpRequest>, user: PartialUserInfo, db: &State<PgPool>) -> Result<(ContentType, Json<TotpResponse>), (Status, String)> {
     if !match user_has_totp(user.user_id, db.inner()).await {
diff --git a/trifid-api/src/routes/v1/auth/verify_magic_link.rs b/trifid-api/src/routes/v1/auth/verify_magic_link.rs
index 82cb0f8..8ec682c 100644
--- a/trifid-api/src/routes/v1/auth/verify_magic_link.rs
+++ b/trifid-api/src/routes/v1/auth/verify_magic_link.rs
@@ -6,6 +6,7 @@ use rocket::{post, State};
 use sqlx::PgPool;
 use crate::config::TFConfig;
 use crate::tokens::generate_session_token;
+use rocket::options;
 
 #[derive(Serialize, Deserialize)]
 #[serde(crate = "rocket::serde")]
@@ -30,6 +31,12 @@ pub struct VerifyMagicLinkResponse {
     pub metadata: VerifyMagicLinkResponseMetadata,
 }
 
+#[options("/v1/auth/verify-magic-link")]
+pub async fn options() -> &'static str {
+    ""
+}
+
+
 #[post("/v1/auth/verify-magic-link", data = "<req>")]
 pub async fn verify_magic_link(req: Json<VerifyMagicLinkRequest>, db: &State<PgPool>, config: &State<TFConfig>) -> Result<(ContentType, Json<VerifyMagicLinkResponse>), (Status, String)> {
     // get the current time to check if the token is expired
diff --git a/trifid-api/src/routes/v1/signup.rs b/trifid-api/src/routes/v1/signup.rs
index a12fccc..a1dcd01 100644
--- a/trifid-api/src/routes/v1/signup.rs
+++ b/trifid-api/src/routes/v1/signup.rs
@@ -6,6 +6,7 @@ use rocket::http::{ContentType, Status};
 use sqlx::PgPool;
 use crate::config::TFConfig;
 use crate::tokens::send_magic_link;
+use rocket::options;
 
 #[derive(Serialize, Deserialize)]
 #[serde(crate = "rocket::serde")]
@@ -29,6 +30,11 @@ created_on TIMESTAMP NOT NULL,
     banned INTEGER NOT NULL,
     ban_reason VARCHAR(1024) NOT NULL
  */
+#[options("/v1/signup")]
+pub async fn options() -> &'static str {
+    ""
+}
+
 #[post("/v1/signup", data = "<req>")]
 pub async fn signup_request(req: Json<SignupRequest>, pool: &State<PgPool>, config: &State<TFConfig>) -> Result<(ContentType, Json<SignupResponse>), (Status, String)> {
     // figure out if the user already exists
diff --git a/trifid-api/src/routes/v1/totp_authenticators.rs b/trifid-api/src/routes/v1/totp_authenticators.rs
index e803e25..088d631 100644
--- a/trifid-api/src/routes/v1/totp_authenticators.rs
+++ b/trifid-api/src/routes/v1/totp_authenticators.rs
@@ -6,6 +6,7 @@ use serde::{Serialize, Deserialize};
 use crate::auth::PartialUserInfo;
 use crate::config::TFConfig;
 use crate::tokens::{create_totp_token, user_has_totp};
+use rocket::options;
 
 #[derive(Deserialize)]
 pub struct TotpAuthenticatorsRequest {}
@@ -27,6 +28,12 @@ pub struct TotpAuthenticatorsResponse {
     pub metadata: TotpAuthenticatorsResponseMetadata,
 }
 
+#[options("/v1/totp-authenticators")]
+pub async fn options() -> &'static str {
+    ""
+}
+
+
 #[post("/v1/totp-authenticators", data = "<_req>")]
 pub async fn totp_authenticators_request(_req: Json<TotpAuthenticatorsRequest>, user: PartialUserInfo, db: &State<PgPool>, config: &State<TFConfig>) -> Result<(ContentType, Json<TotpAuthenticatorsResponse>), (Status, String)> {
     if match user_has_totp(user.user_id, db.inner()).await {
diff --git a/trifid-api/src/routes/v1/verify_totp_authenticator.rs b/trifid-api/src/routes/v1/verify_totp_authenticator.rs
index b6c3bf2..bdc0564 100644
--- a/trifid-api/src/routes/v1/verify_totp_authenticator.rs
+++ b/trifid-api/src/routes/v1/verify_totp_authenticator.rs
@@ -15,6 +15,7 @@ use rocket::State;
 use serde::{Serialize, Deserialize};
 use sqlx::PgPool;
 use crate::tokens::{generate_auth_token, use_totp_token, verify_totp_token};
+use rocket::options;
 
 #[derive(Serialize, Deserialize)]
 pub struct VerifyTotpAuthenticatorRequest {
@@ -38,6 +39,12 @@ pub struct VerifyTotpAuthenticatorResponse {
     pub metadata: VerifyTotpAuthenticatorResponseMetadata,
 }
 
+#[options("/v1/auth/verify-totp-authenticator")]
+pub async fn options() -> &'static str {
+    ""
+}
+
+
 #[post("/v1/verify-totp-authenticator", data = "<req>")]
 pub async fn verify_totp_authenticator_request(req: Json<VerifyTotpAuthenticatorRequest>, db: &State<PgPool>, user: PartialUserInfo) -> Result<(ContentType, Json<VerifyTotpAuthenticatorResponse>), (Status, String)> {
     let totpmachine = match verify_totp_token(req.0.totp_token.clone(), user.email.clone(), db.inner()).await {