submit token should be enough. no full user authentication needed

README.md

@@ -39,6 +39,7 @@ where crablog is run. An example configuration is provided:
 CL_USERNAME=yourusername
 CL_EMAIL=me@mydomain.tld # optional
 CL_BIND_PORT=8000 # optional
+CL_SUBMIT_TOKEN=Submit!123 # required, token needed for submitting / "login password"
 CL_SESSION_SECRET=<some long generated secret> # required, session key encryption secret
 CL_GITHUB_ACCOUNT=yourusername # optional
 CL_TWITTER_ACCOUNT=yourusername # optional

site/src/config.rs

@@ -4,6 +4,7 @@ use once_cell::sync::Lazy;
 pub const ENV_PREFIX: &str = "CL_";
 
 pub struct Config {
+    pub submit_token: String,
     pub session_secret: String,
     pub root_path: String,
     pub username: String,
@@ -65,6 +66,7 @@ fn load_config() -> Config {
     }
 
     Config {
+        submit_token: eval_conf_var("SUBMIT_TOKEN", true, None).unwrap(),
         session_secret: eval_conf_var("SESSION_SECRET", true, None).unwrap(),
         root_path: eval_conf_var("ROOT_PATH", false, Some("./content")).unwrap(),
         username: eval_conf_var("USERNAME", true, None).unwrap(),

site/src/main.rs

@@ -10,6 +10,7 @@ extern crate serde_derive;
 extern crate tera;
 
 use actix_files as fs;
+use actix_identity::IdentityMiddleware;
 use actix_session::{storage::CookieSessionStore, SessionMiddleware};
 use actix_web::cookie::Key;
 use actix_web::{middleware::Logger, web::Data, App, HttpServer};
@@ -30,6 +31,7 @@ async fn main() -> std::io::Result<()> {
         env_logger::Builder::from_env(Env::default().default_filter_or("debug"));
 
         App::new()
+            .wrap(IdentityMiddleware::default())
             .wrap(SessionMiddleware::new(
                 CookieSessionStore::default(),
                 SESSION_COOKIE_SECRET_KEY.clone(),