commit · quire · cfef7f48

Scope auth middleware to CI routes only

Previously, require_auth was layered on the entire web router, which
blocked unauthenticated access to repo home, tree view, and config
pages. Split the router into public_router (no auth) and ci_router
(auth-gated), so only CI views require Remote-User authentication.

Assisted-by: Owl Alpha via pi

change umxosotootspnklwkzuoqslvrlskopnk

commit cfef7f48b9b57280e06540c446663bc34d63a384

author Alpha Chen <alpha@kejadlen.dev>

date 3w ago

parent ktoppmwl

diff --git a/quire-server/src/bin/quire/main.rs b/quire-server/src/bin/quire/main.rs
index 73e973d..5b23c14 100644
--- a/quire-server/src/bin/quire/main.rs
+++ b/quire-server/src/bin/quire/main.rs
@@ -145,14 +145,16 @@ async fn main() -> Result<()> {
             let quire = if seed { commands::dev::seed()? } else { quire };
 
             let web_routes = {
-                let r = quire::quire::web::router(quire.clone());
-                if seed {
-                    r
+                let public = quire::quire::web::public_router(quire.clone());
+                let ci = quire::quire::web::ci_router(quire.clone());
+                let ci = if seed {
+                    ci
                 } else {
-                    r.layer(axum::middleware::from_fn(
+                    ci.layer(axum::middleware::from_fn(
                         quire::quire::web::auth::require_auth,
                     ))
-                }
+                };
+                public.merge(ci)
             };
             let api_routes = quire::quire::web::api::router(quire.clone());
             commands::serve::run(&quire, web_routes, api_routes).await?
diff --git a/quire-server/src/quire/web/handlers/mod.rs b/quire-server/src/quire/web/handlers/mod.rs
index 5a9c12e..05e7cf8 100644
--- a/quire-server/src/quire/web/handlers/mod.rs
+++ b/quire-server/src/quire/web/handlers/mod.rs
@@ -142,7 +142,8 @@ mod tests {
         }
 
         fn app(&self) -> axum::Router {
-            super::super::router(self.quire.clone())
+            super::super::public_router(self.quire.clone())
+                .merge(super::super::ci_router(self.quire.clone()))
         }
     }
 
diff --git a/quire-server/src/quire/web/mod.rs b/quire-server/src/quire/web/mod.rs
index ba8f560..2467138 100644
--- a/quire-server/src/quire/web/mod.rs
+++ b/quire-server/src/quire/web/mod.rs
@@ -22,16 +22,21 @@ use crate::{
     },
 };
 
-/// Bare CI routes without any auth middleware.
+/// Routes that require authentication.
 ///
-/// The caller decides whether to layer auth on top (e.g.
-/// `.layer(middleware::from_fn(auth::require_auth))`).
-pub fn router(quire: Quire) -> Router {
+/// Currently only the CI views: run list and run detail pages.
+pub fn ci_router(quire: Quire) -> Router {
     Router::new()
-        .route("/style.css", get(stylesheet))
-        .route("/{repo}", get(repo_home))
         .route("/{repo}/ci", get(run_list))
         .route("/{repo}/ci/{run_id}", get(run_detail))
+        .with_state(quire)
+}
+
+/// Public routes with no auth required.
+pub fn public_router(quire: Quire) -> Router {
+    Router::new()
+        .route("/style.css", get(stylesheet))
+        .route("/{repo}", get(repo_home))
         .route("/{repo}/tree", get(tree_view))
         .route("/{repo}/tree/{*path}", get(tree_view_path))
         .route("/config", get(config))