From 917e7d824d786616b5fbbac3b965eb2221ad5753 Mon Sep 17 00:00:00 2001
From: mtrx <me@mtrx.tech>
Date: Sat, 28 Dec 2024 02:12:46 +0100
Subject: [PATCH] submit token should be enough. no full user authentication
 needed

---
 README.md          | 1 +
 site/src/config.rs | 2 ++
 site/src/main.rs   | 2 ++
 3 files changed, 5 insertions(+)

diff --git a/README.md b/README.md
index 5c11596..9434e95 100644
--- a/README.md
+++ b/README.md
@@ -39,6 +39,7 @@ where crablog is run. An example configuration is provided:
 CL_USERNAME=yourusername
 CL_EMAIL=me@mydomain.tld # optional
 CL_BIND_PORT=8000 # optional
+CL_SUBMIT_TOKEN=Submit!123 # required, token needed for submitting / "login password"
 CL_SESSION_SECRET=<some long generated secret> # required, session key encryption secret
 CL_GITHUB_ACCOUNT=yourusername # optional
 CL_TWITTER_ACCOUNT=yourusername # optional
diff --git a/site/src/config.rs b/site/src/config.rs
index 04b2c8e..2defd0c 100644
--- a/site/src/config.rs
+++ b/site/src/config.rs
@@ -4,6 +4,7 @@ use once_cell::sync::Lazy;
 pub const ENV_PREFIX: &str = "CL_";
 
 pub struct Config {
+    pub submit_token: String,
     pub session_secret: String,
     pub root_path: String,
     pub username: String,
@@ -65,6 +66,7 @@ fn load_config() -> Config {
     }
 
     Config {
+        submit_token: eval_conf_var("SUBMIT_TOKEN", true, None).unwrap(),
         session_secret: eval_conf_var("SESSION_SECRET", true, None).unwrap(),
         root_path: eval_conf_var("ROOT_PATH", false, Some("./content")).unwrap(),
         username: eval_conf_var("USERNAME", true, None).unwrap(),
diff --git a/site/src/main.rs b/site/src/main.rs
index 84e12a7..1e04360 100644
--- a/site/src/main.rs
+++ b/site/src/main.rs
@@ -10,6 +10,7 @@ extern crate serde_derive;
 extern crate tera;
 
 use actix_files as fs;
+use actix_identity::IdentityMiddleware;
 use actix_session::{storage::CookieSessionStore, SessionMiddleware};
 use actix_web::cookie::Key;
 use actix_web::{middleware::Logger, web::Data, App, HttpServer};
@@ -30,6 +31,7 @@ async fn main() -> std::io::Result<()> {
         env_logger::Builder::from_env(Env::default().default_filter_or("debug"));
 
         App::new()
+            .wrap(IdentityMiddleware::default())
             .wrap(SessionMiddleware::new(
                 CookieSessionStore::default(),
                 SESSION_COOKIE_SECRET_KEY.clone(),