add authentication/authorization enforcement to all procedural endpoints

Author: tayloraswift

Assets/css/Admin.css

@@ -22,6 +22,14 @@ struct ServerResource:Equatable, Sendable
         self.hash = hash
     }
 }
+extension ServerResource:ExpressibleByStringLiteral
+{
+    @inlinable public
+    init(stringLiteral:String)
+    {
+        self.init(content: .string(stringLiteral), type: .text(.plain, charset: .utf8))
+    }
+}
 extension ServerResource
 {
     /// Computes and populates the resource ``hash`` if it has not already been computed, and

Assets/css/Admin.css.map

@@ -3,13 +3,24 @@ import Media
 @frozen public
 enum ServerResponse:Equatable, Sendable
 {
-    case error      (ServerResource)
-    case forbidden  (ServerResource)
-    case ok         (ServerResource)
-    case multiple   (ServerResource)
-    case notFound   (ServerResource)
+    /// 200 OK.
+    case ok             (ServerResource)
+    /// 300 Multiple Choices.
+    case multiple       (ServerResource)
+    /// 400 Bad Request.
+    case badRequest     (ServerResource)
+    /// 401 Unauthorized.
+    case unauthorized   (ServerResource)
+    /// 403 Forbidden.
+    case forbidden      (ServerResource)
+    /// 404 Not Found.
+    case notFound       (ServerResource)
+    /// 409 Conflict.
+    case conflict       (ServerResource)
+    /// 500 Internal Server Error.
+    case error          (ServerResource)
 
-    case redirect   (ServerRedirect, cookies:[Cookie] = [])
+    case redirect       (ServerRedirect, cookies:[Cookie] = [])
 }
 extension ServerResponse
 {
@@ -26,12 +37,15 @@ extension ServerResponse
     {
         switch self
         {
-        case .redirect:                 return 0
-        case .error     (let resource): return resource.content.size
-        case .forbidden (let resource): return resource.content.size
-        case .ok        (let resource): return resource.content.size
-        case .multiple  (let resource): return resource.content.size
-        case .notFound  (let resource): return resource.content.size
+        case .redirect:                     return 0
+        case .ok            (let resource): return resource.content.size
+        case .multiple      (let resource): return resource.content.size
+        case .badRequest    (let resource): return resource.content.size
+        case .unauthorized  (let resource): return resource.content.size
+        case .forbidden     (let resource): return resource.content.size
+        case .notFound      (let resource): return resource.content.size
+        case .conflict      (let resource): return resource.content.size
+        case .error         (let resource): return resource.content.size
         }
     }
 }

Sources/HTTP/ServerResource.swift

@@ -24,23 +24,32 @@ extension ServerMessage
     {
         switch response
         {
+        case .ok(let resource):
+            self.init(resource: resource, using: allocator, as: .ok)
+
+        case .multiple(let resource):
+            self.init(resource: resource, using: allocator, as: .multipleChoices)
+
         case .redirect(let redirect, cookies: let cookies):
             self.init(redirect: redirect, cookies: cookies)
 
-        case .error(let resource):
-            self.init(resource: resource, using: allocator, as: .internalServerError)
+        case .badRequest(let resource):
+            self.init(resource: resource, using: allocator, as: .badRequest)
+
+        case .unauthorized(let resource):
+            self.init(resource: resource, using: allocator, as: .unauthorized)
 
         case .forbidden(let resource):
             self.init(resource: resource, using: allocator, as: .forbidden)
 
-        case .ok(let resource):
-            self.init(resource: resource, using: allocator, as: .ok)
-
-        case .multiple(let resource):
-            self.init(resource: resource, using: allocator, as: .multipleChoices)
-
         case .notFound(let resource):
             self.init(resource: resource, using: allocator, as: .notFound)
+
+        case .conflict(let resource):
+            self.init(resource: resource, using: allocator, as: .conflict)
+
+        case .error(let resource):
+            self.init(resource: resource, using: allocator, as: .internalServerError)
         }
     }
 

Sources/HTTP/ServerResponse.swift

@@ -0,0 +1,54 @@
+import BSONDecoding
+import MongoQL
+
+extension Account
+{
+    @frozen public
+    struct Cookie:Equatable, Hashable, Sendable
+    {
+        @usableFromInline internal
+        let id:Account.ID
+        @usableFromInline internal
+        let cookie:Int64
+
+        @inlinable internal
+        init(id:Account.ID, cookie:Int64)
+        {
+            self.id = id
+            self.cookie = cookie
+        }
+    }
+}
+extension Account.Cookie:CustomStringConvertible
+{
+    @inlinable public
+    var description:String { "\(self.id):\(UInt64.init(bitPattern: self.cookie))" }
+}
+extension Account.Cookie:LosslessStringConvertible
+{
+    @inlinable public
+    init?(_ description:some StringProtocol)
+    {
+        if  let colon:String.Index = description.firstIndex(of: ":"),
+            let id:Account.ID = .init(description[..<colon]),
+            let cookie:UInt64 = .init(description[description.index(after: colon)...])
+        {
+            self.init(id: id, cookie: .init(bitPattern: cookie))
+        }
+        else
+        {
+            return nil
+        }
+    }
+}
+extension Account.Cookie:BSONDocumentDecodable
+{
+    public
+    typealias CodingKey = Account.CodingKey
+
+    @inlinable public
+    init(bson:BSON.DocumentDecoder<CodingKey, some RandomAccessCollection<UInt8>>) throws
+    {
+        self.init(id: try bson[.id].decode(), cookie: try bson[.cookie].decode())
+    }
+}

Sources/HTTPServer/Channels/ServerMessage.swift

@@ -25,6 +25,12 @@ struct Account:Identifiable, Sendable
 }
 extension Account
 {
+    @inlinable public static
+    func machine(_ number:Int32 = 0) -> Self
+    {
+        .init(id: .machine(number), role: .machine)
+    }
+
     @inlinable public static
     func github(user:GitHub.User, role:Role) -> Self
     {
@@ -39,7 +45,7 @@ extension Account:MongoMasterCodingModel
         case id = "_id"
 
         /// The session cookie associated with this account, if logged in. This is generated
-        /// randomly in ``AccountDatabase.update(account:with:)``.
+        /// randomly in ``AccountDatabase.Users.update(account:with:)``.
         case cookie
 
         case role

Sources/UnidocDB/Accounts/Account.Cookie.swift

@@ -29,23 +29,7 @@ extension AccountDatabase.Users:DatabaseCollection
 extension AccountDatabase.Users
 {
     public
-    func validate(cookie:String, with session:Mongo.Session) async throws -> Account.Role?
-    {
-        if  let separator:String.Index = cookie.firstIndex(of: ":"),
-            let account:Account.ID = .init(cookie[..<separator]),
-            let cookie:UInt64 = .init(cookie[cookie.index(after: separator)...])
-        {
-            let cookie:Int64 = .init(bitPattern: cookie)
-            return try await self.validate(cookie: cookie, from: account, with: session)
-        }
-        else
-        {
-            return nil
-        }
-    }
-    private
-    func validate(cookie:Int64,
-        from account:Account.ID,
+    func validate(cookie credential:Account.Cookie,
         with session:Mongo.Session) async throws -> Account.Role?
     {
         let matches:[RoleView] = try await session.run(
@@ -57,8 +41,8 @@ extension AccountDatabase.Users
                 }
                 $0[.filter] = .init
                 {
-                    $0[Account[.id]] = account
-                    $0[Account[.cookie]] = cookie
+                    $0[Account[.id]] = credential.id
+                    $0[Account[.cookie]] = credential.cookie
                 }
                 $0[.projection] = .init
                 {
@@ -78,17 +62,11 @@ extension AccountDatabase.Users
     /// thread while it waits for the system to generate a random number. This cookie is only
     /// secure if the system's random number generator is secure.
     public
-    func update(account:__owned Account, with session:Mongo.Session) async throws -> String
+    func update(account:__owned Account,
+        with session:Mongo.Session) async throws -> Account.Cookie
     {
-        let cookie:Int64 = try await self.update(account: account, with: session)
-        return "\(account.id):\(UInt64.init(bitPattern: cookie))"
-    }
-
-    private
-    func update(account:__owned Account, with session:Mongo.Session) async throws -> Int64
-    {
-        let (upserted, _):(CookieView, Account.ID?) = try await session.run(
-            command: Mongo.FindAndModify<Mongo.Upserting<CookieView, Account.ID>>.init(
+        let (upserted, _):(Account.Cookie, Account.ID?) = try await session.run(
+            command: Mongo.FindAndModify<Mongo.Upserting<Account.Cookie, Account.ID>>.init(
                 Self.name,
                 returning: .new)
             {
@@ -113,9 +91,53 @@ extension AccountDatabase.Users
                         $0[Account[.cookie]] = Int64.random(in: .min ... .max)
                     }
                 }
+                $0[.fields] = .init
+                {
+                    $0[Account[.id]] = true
+                    $0[Account[.cookie]] = true
+                }
+            },
+            against: self.database)
+
+        return upserted
+    }
+}
+extension AccountDatabase.Users
+{
+    /// Scrambles the cookie for the given account, returning the new cookie. Returns nil if
+    /// the account does not exist.
+    public
+    func scramble(account:Account.ID,
+        with session:Mongo.Session) async throws -> Account.Cookie?
+    {
+        let (updated, _):(Account.Cookie?, Never?) = try await session.run(
+            command: Mongo.FindAndModify<Mongo.Existing<Account.Cookie>>.init(
+                Self.name,
+                returning: .new)
+            {
+                $0[.hint] = .init
+                {
+                    $0[Account[.id]] = (+)
+                }
+                $0[.query] = .init
+                {
+                    $0[Account[.id]] = account
+                }
+                $0[.update] = .init
+                {
+                    $0[.set] = .init
+                    {
+                        $0[Account[.cookie]] = Int64.random(in: .min ... .max)
+                    }
+                }
+                $0[.fields] = .init
+                {
+                    $0[Account[.id]] = true
+                    $0[Account[.cookie]] = true
+                }
             },
             against: self.database)
 
-        return upserted.cookie
+        return updated
     }
 }

Sources/UnidocDB/Accounts/Account.swift

@@ -8,6 +8,16 @@ protocol AdministrativePage:StaticPage
 }
 extension AdministrativePage
 {
+    public
+    func head(augmenting head:inout HTML.ContentEncoder)
+    {
+        head[.link]
+        {
+            $0.href = "\(Site.Asset[.admin_css])"
+            $0.rel = .stylesheet
+        }
+    }
+
     public
     func body(_ body:inout HTML.ContentEncoder)
     {