Merge pull request #11 from software-artificer/stable-cookie-key

software-artificer · web-flow · commit 16cebe12f070 · 2025-10-16T19:58:36.000+11:00
Add support for stable cookie signing key
diff --git a/config.yml b/config.yml
@@ -7,3 +7,4 @@ users_file_path: /var/lib/minecraft/users.yml
 base_url: http://127.0.0.1:9753/
 min_password_length: 10
 max_password_length: 128
+cookie_key: NKZW9j1Q7ABNv01xF5NSI3gmyKDaTrVb
diff --git a/src/core/config.rs b/src/core/config.rs
@@ -1,4 +1,6 @@
 use super::properties;
+use actix_web::cookie;
+use secrecy::ExposeSecret;
 use std::{env, fs, io, net, num, path};
 
 #[derive(serde::Deserialize)]
@@ -15,6 +17,7 @@ struct ConfigFile {
     tls_key: Option<path::PathBuf>,
     tls_chain: Option<path::PathBuf>,
     worker_count: Option<num::NonZeroUsize>,
+    cookie_key: Option<secrecy::SecretString>,
 }
 
 fn default_min_password_len() -> u8 {
@@ -39,12 +42,12 @@ pub enum LoadConfigError {
         #[source]
         source: io::Error,
     },
-    #[error("Failed to canonicalize the path {}: {source}", .path.display())]
+    #[error("Failed to canonicalize the path {}", .path.display())]
     CanonicalizePath {
         path: path::PathBuf,
         source: io::Error,
     },
-    #[error("Failed to validate configuration file: {0}")]
+    #[error("Failed to validate configuration file")]
     Validate(#[from] ConfigValidationError),
 }
 
@@ -58,10 +61,12 @@ pub enum ConfigValidationError {
     InvalidBaseUrl(url::Url),
     #[error("Invalid server.properties path: {}", .0.display())]
     PropertiesPath(path::PathBuf),
-    #[error("Unable to load server.properties file: {0}")]
+    #[error("Unable to load server.properties file")]
     LoadProperties(#[source] properties::Error),
     #[error("Invalid TLS configuration: {0}")]
     Tls(String),
+    #[error("Cookie key must be at least 32 bytes long, got: {0}")]
+    CookieKey(usize),
 }
 
 pub struct AppConfig {
@@ -85,6 +90,17 @@ pub struct Config {
     pub app_config: AppConfig,
     pub tls: Option<TlsConfig>,
     pub worker_count: Option<num::NonZeroUsize>,
+    pub cookie_key: Option<secrecy::SecretBox<str>>,
+}
+
+impl Config {
+    pub fn cookie_key(&self) -> Option<cookie::Key> {
+        if let Some(key) = &self.cookie_key {
+            Some(cookie::Key::derive_from(key.expose_secret().as_bytes()))
+        } else {
+            cookie::Key::try_generate()
+        }
+    }
 }
 
 impl Config {
@@ -112,6 +128,7 @@ impl TryFrom<ConfigFile> for Config {
             resolve_server_properties_file_path(config.server_properties_path)?;
         let rcon_properties = load_server_properties(&server_properties_path)?;
         let tls = resolve_tls_config(config.tls_key, config.tls_chain)?;
+        let cookie_key = check_cookie_key(config.cookie_key)?;
 
         Ok(Self {
             listen_on: config.listen_on,
@@ -130,6 +147,7 @@ impl TryFrom<ConfigFile> for Config {
                 rcon_password: rcon_properties.password,
             },
             worker_count: config.worker_count,
+            cookie_key,
         })
     }
 }
@@ -228,3 +246,19 @@ fn relative_path_to_absolute<P: AsRef<path::Path>>(
     };
     Ok(path)
 }
+
+fn check_cookie_key(
+    key: Option<secrecy::SecretString>,
+) -> Result<Option<secrecy::SecretString>, ConfigValidationError> {
+    if let Some(key) = key {
+        let key_len = key.expose_secret().len();
+
+        if key_len < 32 {
+            Err(ConfigValidationError::CookieKey(key_len))
+        } else {
+            Ok(Some(key))
+        }
+    } else {
+        Ok(None)
+    }
+}
diff --git a/src/main.rs b/src/main.rs
@@ -11,10 +11,11 @@ use std::path;
 struct Args {
     #[command(subcommand)]
     cmd: Commands,
-    #[arg(short, long, default_value = "mctrlrs.toml")]
+    #[arg(short, long, default_value = "mctrlrs.yaml")]
     /// Path to the YAML configuration file. If absolute path is provided it will be used as is.
     /// The relative path starting from "./" or "../" will be resolved using current working
-    /// directory as a base path. The relative path that starts from something other than "./" or "../" will be resolved against the binary location.
+    /// directory as a base path. The relative path that starts from something other than
+    /// "./" or "../" will be resolved against the binary location.
     config: path::PathBuf,
 }
 
diff --git a/src/web/mod.rs b/src/web/mod.rs
@@ -24,6 +24,8 @@ pub enum Error {
     Actix(#[from] std::io::Error),
     #[error("Failed to configure TLS: {0}")]
     Tls(String),
+    #[error("Failed to generate the cookie signing key")]
+    CookieKey,
 }
 
 pub fn start_server(config: core::Config) -> Result<(), Error> {
@@ -50,7 +52,7 @@ async fn run_server(config: core::Config) -> Result<(), Error> {
         handlebars::DirectorySourceOptions::default(),
     )?;
     let templates = web::Data::new(templates);
-    let secret_key = cookie::Key::generate();
+    let secret_key = config.cookie_key().ok_or(Error::CookieKey)?;
     let session_store = session::SessionStore::default();
     let app_config = web::Data::new(config.app_config);
     let client = web::Data::new(server::Client::new(
