tideway 0.1.0

A batteries-included Rust web framework built on Axum for building SaaS applications quickly
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153

use serde::{Deserialize, Serialize};
use std::time::Duration;
use crate::utils::get_env_with_prefix;

/// Session backend type
#[derive(Debug, Clone, Copy, PartialEq, Eq, Deserialize, Serialize)]
#[serde(rename_all = "lowercase")]
pub enum SessionBackend {
    /// In-memory session store (default, for dev/testing)
    InMemory,
    /// Cookie-based session store (encrypted cookies)
    #[cfg(feature = "sessions")]
    Cookie,
}

impl Default for SessionBackend {
    fn default() -> Self {
        Self::InMemory
    }
}

/// Session configuration
#[derive(Debug, Clone, Deserialize, Serialize)]
pub struct SessionConfig {
    /// Session backend type
    #[serde(default)]
    pub backend: SessionBackend,

    /// Default session TTL (in seconds)
    #[serde(default = "default_ttl_seconds")]
    pub default_ttl_seconds: u64,

    /// Cookie name (for cookie backend)
    #[serde(default = "default_cookie_name")]
    pub cookie_name: String,

    /// Cookie domain (optional, for cookie backend)
    #[serde(default)]
    pub cookie_domain: Option<String>,

    /// Cookie path (for cookie backend)
    #[serde(default = "default_cookie_path")]
    pub cookie_path: String,

    /// Cookie secure flag (HTTPS only, for cookie backend)
    #[serde(default = "default_secure")]
    pub cookie_secure: bool,

    /// Cookie http_only flag (for cookie backend)
    #[serde(default = "default_http_only")]
    pub cookie_http_only: bool,

    /// Encryption key for cookie sessions (32 bytes hex-encoded)
    /// If not provided, a default key is used (NOT SECURE FOR PRODUCTION)
    #[serde(default)]
    pub encryption_key: Option<String>,
}

impl Default for SessionConfig {
    fn default() -> Self {
        Self {
            backend: SessionBackend::default(),
            default_ttl_seconds: default_ttl_seconds(),
            cookie_name: default_cookie_name(),
            cookie_domain: None,
            cookie_path: default_cookie_path(),
            cookie_secure: default_secure(),
            cookie_http_only: default_http_only(),
            encryption_key: None,
        }
    }
}

impl SessionConfig {
    /// Load session configuration from environment variables
    pub fn from_env() -> Self {
        let mut config = Self::default();

        if let Some(backend) = get_env_with_prefix("SESSION_BACKEND") {
            config.backend = match backend.to_lowercase().as_str() {
                "cookie" => {
                    #[cfg(feature = "sessions")]
                    {
                        SessionBackend::Cookie
                    }
                    #[cfg(not(feature = "sessions"))]
                    {
                        tracing::warn!("Cookie sessions requested but sessions feature not enabled, using in-memory");
                        SessionBackend::InMemory
                    }
                }
                _ => SessionBackend::InMemory,
            };
        }

        if let Some(ttl) = get_env_with_prefix("SESSION_TTL_SECONDS") {
            if let Ok(seconds) = ttl.parse() {
                config.default_ttl_seconds = seconds;
            }
        }

        if let Some(name) = get_env_with_prefix("SESSION_COOKIE_NAME") {
            config.cookie_name = name;
        }

        if let Some(domain) = get_env_with_prefix("SESSION_COOKIE_DOMAIN") {
            config.cookie_domain = Some(domain);
        }

        if let Some(path) = get_env_with_prefix("SESSION_COOKIE_PATH") {
            config.cookie_path = path;
        }

        if let Some(secure) = get_env_with_prefix("SESSION_COOKIE_SECURE") {
            config.cookie_secure = secure.parse().unwrap_or(true);
        }

        if let Some(http_only) = get_env_with_prefix("SESSION_COOKIE_HTTP_ONLY") {
            config.cookie_http_only = http_only.parse().unwrap_or(true);
        }

        if let Some(key) = get_env_with_prefix("SESSION_ENCRYPTION_KEY") {
            config.encryption_key = Some(key);
        }

        config
    }

    /// Get default TTL as Duration
    pub fn default_ttl(&self) -> Duration {
        Duration::from_secs(self.default_ttl_seconds)
    }
}

fn default_ttl_seconds() -> u64 {
    3600 * 24 // 24 hours
}

fn default_cookie_name() -> String {
    "tideway_session".to_string()
}

fn default_cookie_path() -> String {
    "/".to_string()
}

fn default_secure() -> bool {
    true
}

fn default_http_only() -> bool {
    true
}