From b2c59409b8cd6a5e13105f104c9dbb2307691c51 Mon Sep 17 00:00:00 2001
From: nathan <nathan@appflowy.io>
Date: Wed, 15 Mar 2023 10:02:28 +0800
Subject: [PATCH] feat: config network

---
 configuration/base.yaml |  2 +-
 crates/token/Cargo.toml | 11 +++++++++++
 crates/token/src/lib.rs | 14 ++++++++++++++
 src/application.rs      |  6 ++++--
 src/config/config.rs    |  5 ++++-
 src/self_signed.rs      |  7 ++++---
 6 files changed, 38 insertions(+), 7 deletions(-)
 create mode 100644 crates/token/Cargo.toml
 create mode 100644 crates/token/src/lib.rs

diff --git a/configuration/base.yaml b/configuration/base.yaml
index ff4a9b33..1ddca8e4 100644
--- a/configuration/base.yaml
+++ b/configuration/base.yaml
@@ -1,7 +1,7 @@
 application:
   port: 8000
   host: 0.0.0.0
-  secret_key: "d8b242c8a47de60e1ebf4e6bb7d3315cdd4b4071919fe1065566f23a354753ae"
+  server_key: ""
 database:
   host: "localhost"
   port: 5432
diff --git a/crates/token/Cargo.toml b/crates/token/Cargo.toml
new file mode 100644
index 00000000..7a6958bc
--- /dev/null
+++ b/crates/token/Cargo.toml
@@ -0,0 +1,11 @@
+[package]
+name = "token"
+version = "0.1.0"
+edition = "2021"
+
+# See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html
+
+[dependencies]
+jsonwebtoken = "8.2.0"
+jwt = "0.16.0"
+serde = { version = "1.0", features = ["derive"] }
diff --git a/crates/token/src/lib.rs b/crates/token/src/lib.rs
new file mode 100644
index 00000000..7d12d9af
--- /dev/null
+++ b/crates/token/src/lib.rs
@@ -0,0 +1,14 @@
+pub fn add(left: usize, right: usize) -> usize {
+    left + right
+}
+
+#[cfg(test)]
+mod tests {
+    use super::*;
+
+    #[test]
+    fn it_works() {
+        let result = add(2, 2);
+        assert_eq!(result, 4);
+    }
+}
diff --git a/src/application.rs b/src/application.rs
index eac95db8..e2126638 100644
--- a/src/application.rs
+++ b/src/application.rs
@@ -31,7 +31,9 @@ impl Application {
         let server = run(
             listener,
             state,
-            config.application.secret_key.clone(),
+            certificate,
+            server_key,
+            // config.application.server_key.clone(),
             config.redis_uri.clone(),
         )
         .await?;
@@ -51,10 +53,10 @@ impl Application {
 pub async fn run(
     listener: TcpListener,
     state: State,
+    certificate: Secret<String>,
     secret_key: Secret<String>,
     redis_uri: Secret<String>,
 ) -> Result<Server, anyhow::Error> {
-    let (cert, _server_key) = create_certificate()?;
     let redis_store = RedisSessionStore::new(redis_uri.expose_secret()).await?;
     let server = HttpServer::new(move || {
         let secret_key = Key::from(secret_key.expose_secret().as_bytes());
diff --git a/src/config/config.rs b/src/config/config.rs
index 4bb7edf8..e689d3ed 100644
--- a/src/config/config.rs
+++ b/src/config/config.rs
@@ -1,3 +1,4 @@
+use crate::self_signed::create_certificate;
 use config::{Config as InnerConfig, FileFormat};
 use secrecy::Secret;
 use serde_aux::field_attributes::deserialize_number_from_string;
@@ -24,7 +25,8 @@ pub struct ApplicationSettings {
     #[serde(deserialize_with = "deserialize_number_from_string")]
     pub port: u16,
     pub host: String,
-    pub secret_key: Secret<String>,
+    pub certificate: Secret<String>,
+    pub server_key: Secret<String>,
 }
 
 #[derive(serde::Deserialize, Clone, Debug)]
@@ -61,6 +63,7 @@ impl DatabaseSetting {
 pub fn get_configuration() -> Result<Config, config::ConfigError> {
     let base_path = std::env::current_dir().expect("Failed to determine the current directory");
     let configuration_dir = base_path.join("configuration");
+    let (certificate, server_key) = create_certificate()?;
 
     let environment: Environment = std::env::var("APP_ENVIRONMENT")
         .unwrap_or_else(|_| "local".into())
diff --git a/src/self_signed.rs b/src/self_signed.rs
index 396adecf..27d475c7 100644
--- a/src/self_signed.rs
+++ b/src/self_signed.rs
@@ -1,9 +1,10 @@
 use rcgen::{Certificate, CertificateParams, KeyPair, RcgenError, SanType};
+use secrecy::Secret;
 
 pub const CA_CRT: &str = include_str!("../cert/cert.pem");
 pub const CA_KEY: &str = include_str!("../cert/key.pem");
 
-pub fn create_certificate() -> Result<(String, String), RcgenError> {
+pub fn create_certificate() -> Result<(Secret<String>, Secret<String>), RcgenError> {
     let key = KeyPair::from_pem(CA_KEY)?;
     let params = CertificateParams::from_ca_cert_pem(CA_CRT, key)?;
     let ca_cert = Certificate::from_params(params)?;
@@ -23,7 +24,7 @@ pub fn create_certificate() -> Result<(String, String), RcgenError> {
     // 1. localhost
     // 2. 127.0.0.1
     let gen_cert = Certificate::from_params(params)?;
-    let server_crt = gen_cert.serialize_pem_with_signer(&ca_cert)?;
-    let server_key = gen_cert.serialize_private_key_pem();
+    let server_crt = Secret::new(gen_cert.serialize_pem_with_signer(&ca_cert)?);
+    let server_key = Secret::new(gen_cert.serialize_private_key_pem());
     Ok((server_crt, server_key))
 }