mirror of
https://github.com/scottlamb/moonfire-nvr.git
synced 2025-11-20 18:06:11 -05:00
422cd2a75e
Some caveats:
* it doesn't record the peer IP yet, which makes it harder to verify
sessions are valid. This is a little annoying to do in hyper now
(see hyperium/hyper#1410). The direct peer might not be what we want
right now anyway because there's no TLS support yet (see #27). In
the meantime, the sane way to expose Moonfire NVR to the Internet is
via a proxy server, and recording the proxy's IP is not useful.
Maybe better to interpret a RFC 7239 Forwarded header (and/or
the older X-Forwarded-{For,Proto} headers).
* it doesn't ever use Secure (https-only) cookies, for a similar reason.
It's not safe to use even with a tls proxy until this is fixed.
* there's no "moonfire-nvr config" support for inspecting/invalidating
sessions yet.
* in debug builds, logging in is crazy slow. See libpasta/libpasta#9.
Some notes:
* I removed the Javascript "no-use-before-defined" lint, as some of
the functions form a cycle.
* Fixed #20 along the way. I needed to add support for properly
returning non-OK HTTP statuses to signal unauthorized and such.
* I removed the Access-Control-Allow-Origin header support, which was
at odds with the "SameSite=lax" in the cookie header. The "yarn
start" method for running a local proxy server accomplishes the same
thing as the Access-Control-Allow-Origin support in a more secure
manner.
69 lines
2.3 KiB
Rust
69 lines
2.3 KiB
Rust
// This file is part of Moonfire NVR, a security camera digital video recorder.
|
|
// Copyright (C) 2018 Scott Lamb <slamb@slamb.org>
|
|
//
|
|
// This program is free software: you can redistribute it and/or modify
|
|
// it under the terms of the GNU General Public License as published by
|
|
// the Free Software Foundation, either version 3 of the License, or
|
|
// (at your option) any later version.
|
|
//
|
|
// In addition, as a special exception, the copyright holders give
|
|
// permission to link the code of portions of this program with the
|
|
// OpenSSL library under certain conditions as described in each
|
|
// individual source file, and distribute linked combinations including
|
|
// the two.
|
|
//
|
|
// You must obey the GNU General Public License in all respects for all
|
|
// of the code used other than OpenSSL. If you modify file(s) with this
|
|
// exception, you may extend this exception to your version of the
|
|
// file(s), but you are not obligated to do so. If you do not wish to do
|
|
// so, delete this exception statement from your version. If you delete
|
|
// this exception statement from all source files in the program, then
|
|
// also delete it here.
|
|
//
|
|
// This program is distributed in the hope that it will be useful,
|
|
// but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
// GNU General Public License for more details.
|
|
//
|
|
// You should have received a copy of the GNU General Public License
|
|
// along with this program. If not, see <http://www.gnu.org/licenses/>.
|
|
|
|
#![cfg_attr(all(feature="nightly", test), feature(test))]
|
|
|
|
extern crate base64;
|
|
extern crate blake2_rfc;
|
|
#[macro_use] extern crate failure;
|
|
extern crate fnv;
|
|
#[macro_use] extern crate lazy_static;
|
|
extern crate libc;
|
|
extern crate libpasta;
|
|
#[macro_use] extern crate log;
|
|
extern crate lru_cache;
|
|
extern crate moonfire_base as base;
|
|
extern crate mylog;
|
|
extern crate openssl;
|
|
extern crate parking_lot;
|
|
extern crate protobuf;
|
|
extern crate regex;
|
|
extern crate rusqlite;
|
|
extern crate tempdir;
|
|
extern crate time;
|
|
extern crate uuid;
|
|
|
|
pub mod auth;
|
|
pub mod check;
|
|
mod coding;
|
|
pub mod db;
|
|
pub mod dir;
|
|
mod raw;
|
|
pub mod recording;
|
|
mod schema;
|
|
pub mod upgrade;
|
|
pub mod writer;
|
|
|
|
// This is only for #[cfg(test)], but it's also used by the dependent crate, and it appears that
|
|
// #[cfg(test)] is not passed on to dependencies.
|
|
pub mod testutil;
|
|
|
|
pub use db::*;
|