add sensitive-headers
This commit is contained in:
parent
7ed7f96a2f
commit
28dcfca47b
@ -67,7 +67,7 @@ toml = "0.5.9"
|
|||||||
tower = "0.4.13"
|
tower = "0.4.13"
|
||||||
# TODO: i don't think we need this. we can use it from tower-http instead. though this seems to use ulid and not uuid?
|
# TODO: i don't think we need this. we can use it from tower-http instead. though this seems to use ulid and not uuid?
|
||||||
tower-request-id = "0.2.0"
|
tower-request-id = "0.2.0"
|
||||||
tower-http = { version = "0.3.4", features = ["cors", "trace"] }
|
tower-http = { version = "0.3.4", features = ["cors", "sensitive-headers", "trace"] }
|
||||||
tracing = "0.1.36"
|
tracing = "0.1.36"
|
||||||
# TODO: tracing-subscriber has serde and serde_json features that we might want to use
|
# TODO: tracing-subscriber has serde and serde_json features that we might want to use
|
||||||
tracing-subscriber = { version = "0.3.15", features = ["env-filter", "parking_lot"] }
|
tracing-subscriber = { version = "0.3.15", features = ["env-filter", "parking_lot"] }
|
||||||
|
@ -1,21 +1,24 @@
|
|||||||
pub mod authorization;
|
pub mod authorization;
|
||||||
mod errors;
|
mod errors;
|
||||||
mod http;
|
|
||||||
mod rpc_proxy_http;
|
mod rpc_proxy_http;
|
||||||
mod rpc_proxy_ws;
|
mod rpc_proxy_ws;
|
||||||
|
mod status;
|
||||||
mod users;
|
mod users;
|
||||||
|
|
||||||
use crate::app::Web3ProxyApp;
|
use crate::app::Web3ProxyApp;
|
||||||
use ::http::Request;
|
|
||||||
use axum::{
|
use axum::{
|
||||||
body::Body,
|
body::Body,
|
||||||
handler::Handler,
|
handler::Handler,
|
||||||
routing::{get, post},
|
routing::{get, post},
|
||||||
Extension, Router,
|
Extension, Router,
|
||||||
};
|
};
|
||||||
|
use http::header::AUTHORIZATION;
|
||||||
|
use http::Request;
|
||||||
|
use std::iter::once;
|
||||||
use std::net::SocketAddr;
|
use std::net::SocketAddr;
|
||||||
use std::sync::Arc;
|
use std::sync::Arc;
|
||||||
use tower_http::cors::CorsLayer;
|
use tower_http::cors::CorsLayer;
|
||||||
|
use tower_http::sensitive_headers::SetSensitiveRequestHeadersLayer;
|
||||||
use tower_http::trace::TraceLayer;
|
use tower_http::trace::TraceLayer;
|
||||||
use tower_request_id::{RequestId, RequestIdLayer};
|
use tower_request_id::{RequestId, RequestIdLayer};
|
||||||
use tracing::{error_span, info};
|
use tracing::{error_span, info};
|
||||||
@ -57,10 +60,10 @@ pub async fn serve(port: u16, proxy_app: Arc<Web3ProxyApp>) -> anyhow::Result<()
|
|||||||
"/rpc/:user_key",
|
"/rpc/:user_key",
|
||||||
get(rpc_proxy_ws::websocket_handler_with_key),
|
get(rpc_proxy_ws::websocket_handler_with_key),
|
||||||
)
|
)
|
||||||
.route("/rpc/health", get(http::health))
|
.route("/rpc/health", get(status::health))
|
||||||
.route("/rpc/status", get(http::status))
|
.route("/rpc/status", get(status::status))
|
||||||
// TODO: make this optional or remove it since it is available on another port
|
// TODO: make this optional or remove it since it is available on another port
|
||||||
.route("/rpc/prometheus", get(http::prometheus))
|
.route("/rpc/prometheus", get(status::prometheus))
|
||||||
.route("/rpc/user/login/:user_address", get(users::get_login))
|
.route("/rpc/user/login/:user_address", get(users::get_login))
|
||||||
.route(
|
.route(
|
||||||
"/rpc/user/login/:user_address/:message_eip",
|
"/rpc/user/login/:user_address/:message_eip",
|
||||||
@ -71,13 +74,16 @@ pub async fn serve(port: u16, proxy_app: Arc<Web3ProxyApp>) -> anyhow::Result<()
|
|||||||
.route("/rpc/user/logout", get(users::get_logout))
|
.route("/rpc/user/logout", get(users::get_logout))
|
||||||
// layers are ordered bottom up
|
// layers are ordered bottom up
|
||||||
// the last layer is first for requests and last for responses
|
// the last layer is first for requests and last for responses
|
||||||
.layer(Extension(proxy_app))
|
// Mark the `Authorization` request header as sensitive so it doesn't show in logs
|
||||||
|
.layer(SetSensitiveRequestHeadersLayer::new(once(AUTHORIZATION)))
|
||||||
// add the request id to our tracing logs
|
// add the request id to our tracing logs
|
||||||
.layer(request_tracing_layer)
|
.layer(request_tracing_layer)
|
||||||
// handle cors
|
// handle cors
|
||||||
.layer(CorsLayer::very_permissive())
|
.layer(CorsLayer::very_permissive())
|
||||||
// create a unique id for each request
|
// create a unique id for each request
|
||||||
.layer(RequestIdLayer)
|
.layer(RequestIdLayer)
|
||||||
|
// application state
|
||||||
|
.layer(Extension(proxy_app))
|
||||||
// 404 for any unknown routes
|
// 404 for any unknown routes
|
||||||
.fallback(errors::handler_404.into_service());
|
.fallback(errors::handler_404.into_service());
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user