What
--
Define a new `route` attribute macro that supports defining multiple
HTTP methods to routed to (handled by) a single handler.
The attribute macro syntax looks like this
```rust
use actix_web::route;
async fn multi_methods() -> &'static str {
"Hello world!\r\n"
}
```
How
--
This implementation extends the [`GuardType`][1] enum in actix-web-codegen to have a
new `GuardType::Multi` variant that denotes when multiple method guards
are used.
A new `methods` attribute in the `route` attribute macro provides a
comma-separated list of HTTP methods to provide guard for.
The code parses the methods list, matches them to the respective
`GuardType` and uses the `AnyGuard` struct to combine them together.
A constructor method for [`AnyGuard`][2] is added to support this.
The generated code looks like this:
```rust
pub struct multi_methods;
impl actix_web::dev::HttpServiceFactory for multi_methods {
fn register(self, __config: &mut actix_web::dev::AppService) {
¦ async fn multi_methods() -> &'static str {
¦ ¦ "Hello world!\r\n"
¦ }
¦ let __resource = actix_web::Resource::new("/multi")
¦ ¦ .name("multi_methods")
¦ ¦ .guard(actix_web:💂:AnyGuard::new(<[_]>::into_vec(box [
¦ ¦ ¦ Box::new(actix_web:💂:Get()),
¦ ¦ ¦ Box::new(actix_web:💂:Post()),
¦ ¦ ])))
¦ ¦ .to(multi_methods);
¦ actix_web::dev::HttpServiceFactory::register(__resource, __config)
}
}
```
**NOTE: This is my first attempt that implementing this feature.
Feedback and mentorship is highly welcome to improve it :-)**
Why
--
This fixes https://github.com/actix/actix-web/issues/1360
[1]: https://github.com/actix/actix-web/blob/master/actix-web-codegen/src/route.rs#L21
[2]: https://github.com/actix/actix-web/blob/master/src/guard.rs#L104s
* Fix audit issue logging by default peer address
By default log format include remote address that is taken from headers.
This is very easy to replace making log untrusted.
Changing default log format value `%a` to peer address we are getting
this trusted data always. Also, remote address option is maintianed and
relegated to `%{r}a` value.
Related kanidm/kanidm#191.
* Rename peer/remote to remote_addr/realip_remote_addr
Change names to avoid naming confusions. I choose this accord to Nginx
variables and
[ngx_http_realip_module](https://nginx.org/en/docs/http/ngx_http_realip_module.html).
Add more specific documentation about security concerns of using Real IP
in logger.
* Rename security advertise header in doc
* Add fix audit issue logging by default peer adress to changelog
Co-authored-by: Rob Ede <robjtede@icloud.com>
For allowing a more ergonomic use and better integration on the
ecosystem, this adds the `std::error::Error` `impl` for our custom
errors.
We intent to drop this hand made code once `derive_more` finishes the
addition of the Error derive support[1]. Until that is available, we
need to live with that.
1. https://github.com/JelteF/derive_more/issues/92
Signed-off-by: Otavio Salvador <otavio@ossystems.com.br>
Matt Gathu
Rob Ede
Damian Lesiuk
Igor Aleksanov
Robert Gabriel Jakabosky
Matt Kantor
LJ
William Myers
Yuki Okushi
Jonas Platte
Takashi Idobe
Fabianstelmach
Taiki Endo
Sven Allers
pando85
Mikail Bagishov
Tore Pettersen
Stephen Eckels
Otavio Salvador
Stig Johan Berggren
Maksym Vorobiov