Commit Graph

24 Commits

Author SHA1 Message Date
Scott Lamb
028243532a upgrade to Rust 1.70, use std::sync::OnceLock
The most notable part of this is that `db::auth` no longer holds a lock
during password hashing operations. That was probably never a great
idea...
2023-07-04 20:44:21 -07:00
Scott Lamb
ebcdd76084 switch from log to tracing
I think this is a big improvement in readability.

I removed the `lnav` config, which is a little sad, but I don't think it
supports this structured logging format well. Still seems worthwhile on
balance.
2023-07-04 16:51:22 -07:00
Scott Lamb
2b27797f42
tweak bpaf usage message
As discussed here: https://github.com/pacak/bpaf/discussions/165#discussioncomment-4967176

I also snuck in a conversion from `lazy_static` to `once_cell`, rather
than adding another usage of the former.
2023-02-13 22:55:22 -08:00
Scott Lamb
a9430464b6
cargo clippy --fix
This switches to inlining variable names into format args. clippy
now suggests this syntax, and I like it.
2023-01-29 15:01:19 -08:00
Scott Lamb
284a59b05e
clean up some clippy warnings 2023-01-28 11:59:21 -08:00
Scott Lamb
3965cbc547
rm unused var 2023-01-28 11:32:56 -08:00
Scott Lamb
8c4e69f772
user admin api improvements 2023-01-08 03:21:42 -06:00
Scott Lamb
c02fc6f439 more user admin actions 2022-12-25 23:01:17 -05:00
Scott Lamb
be4e11c506 extend POST /users/:id
Now you can set a password for a user while the server is running,
e.g. via the following command:

```shell
curl \
    -H 'Content-Type: application/json' \
    -d '{"update": {"password": "asdf"}}' \
    --unix-socket /var/lib/moonfire-nvr/sock \
    http://nvr/api/users/1
```
2022-12-23 13:14:24 -08:00
Scott Lamb
ae502200c0 upgrade various Rust dependencies
This stops using parking_lot entirely. Since Rust 1.62, the std
implementations on Linux are direct futexes, not the boxed pthread
mutexes they used to be. No real reason to use parking_lot anymore, so
shed this dependency.
2022-09-28 22:20:48 -07:00
Scott Lamb
0866b23991 clean up the easy clippy errors
I'm still not running clippy on CI and probably should.
There are a few left that were a little more involved to address.
2022-09-28 09:29:16 -07:00
Scott Lamb
78cdd82f36 fix warnings 2022-03-11 12:01:35 -08:00
Scott Lamb
504f1a36ab switch from libpasta to just scrypt
This drops several older dependencies and reduces final binary size
(text section by ~200KiB, unstripped binary by ~12MiB)

I'll have to manually add new hash formats, and I won't ever be able
to take advantage of libpasta's (currently unused) facility to wrap
hashes, but I think it's worth it. libpasta isn't well-maintained.
2021-10-27 11:50:55 -07:00
Scott Lamb
24a0b2a9f1 add config json to user table 2021-10-26 13:16:08 -07:00
Scott Lamb
070400095d simplify UI preferences change logic
I copied the example of the password field by introducing a setter.
But I forgot: it was only that way because the password field has
the complexity of hashing/salting. For fields where setting is
idempotent, it can be directly exposed.
2021-09-01 21:17:44 -07:00
Scott Lamb
c42314edb5 UI preferences: #153 #155 2021-09-01 15:08:09 -07:00
Scott Lamb
54bd068706 address some no-op clippy warnings 2021-05-17 15:00:51 -07:00
Scott Lamb
f922afaa26 update rusqlite
The big difference here is query_named and execute_named have gone
away. Fair number of lines changes but straightforward.
2021-05-17 10:50:48 -07:00
Scott Lamb
2936c138c5 various doc improvements
I bumped the minimum Rust version because I'm taking advantage of
the rustdoc linking added in Rust 1.48:
https://blog.rust-lang.org/2020/11/19/Rust-1.48.html#easier-linking-in-rustdoc
2021-04-10 17:34:52 -07:00
Scott Lamb
560fe804d6 use SameSite=Lax instead of SameSite=Strict
To improve reliability of live streams (#59) on Safari.

Safari was dropping the cookie from websocket update requests.
(But it worked sometimes. I don't get why.) I saw folks on the Internet
thinking this related to HttpOnly:

*   https://developer.apple.com/forums/thread/104488
*   https://stackoverflow.com/q/47742807/23584

but I still see this behavior without HttpOnly. SameSite=Strict vs
SameSite=Lax appears to make a difference. Try that instead.
SameSite=Strict is pointless for us anyway as noted in a new comment.
Turning off HttpOnly would be more unfortunate security-wise.
2021-03-31 13:08:03 -07:00
Scott Lamb
2d45799b7d better error handling for authentication 2021-03-06 05:49:49 -08:00
Scott Lamb
c547a49ac8 shorten per-file copyright headers
I'm tired of all the boilerplate, so use the new
GPL-3.0-linking-exception license identifier instead in all the server
components.

I left the ui stuff alone because I'm just going to replace it (#111).

Add a checker for the header because it's easy to forget.
2021-02-17 15:39:17 -08:00
Scott Lamb
97678f42e4 rustfmt everything
I want to make the project more accessible by not expecting folks to
match my idiosyncratic style. Now almost [1] everything is written
in the "standard" style. CI enforces this.

[1] "Almost": I used #[rustfmt::skip] in a few sections where I felt
aligning things in columns significantly improves readability.
2021-02-17 09:17:24 -08:00
Scott Lamb
dd66c7b0dd restructure into "server" and "ui" subdirs
Besides being more clear about what belongs to which, this helps with
docker caching. The server and ui parts are only rebuilt when their
respective subdirectories change.

Extend this a bit further by making the webpack build not depend on
the target architecture. And adding cache dirs so parts of the server
and ui build process can be reused when layer-wide caching fails.
2021-01-22 22:01:17 -08:00