34 Commits

Author SHA1 Message Date
Many the fish
37dc6537c3
Fix api keys bugs (#2734)
* Add some tests

* Disallow index creation when API key doesn't havec explicitelly the right on the creating index

* Fix lazy index creation with `indexes.*` action
2022-09-06 15:13:09 +02:00
pierre-l
36cb09eb25 Add a new meilisearch_types crate
Move `meilisearch_error` to `meilisearch_types::error`
Move `meilisearch_lib::index_resolver::IndexUid` to `meilisearch_types::index_uid`
Add a new `InvalidIndexUid` error in `meilisearch_types::index_uid`
2022-06-09 16:14:13 +02:00
ManyTheFish
4512eed8f5 Fix PR comments 2022-06-01 18:06:20 +02:00
ManyTheFish
b2e2dc8558 Re-authorize master_key to access to all routes 2022-06-01 16:17:47 +02:00
ManyTheFish
b3c8915702 Make small changes and renaming 2022-06-01 16:08:42 +02:00
ManyTheFish
b9a79eb858 Change apiKeyPrefix to apiKeyUid 2022-06-01 16:07:44 +02:00
ManyTheFish
a57b2d9538 Restrict master key access to /keys routes 2022-06-01 16:07:44 +02:00
ManyTheFish
96a5791e39 Add uid and name fields in keys 2022-06-01 16:07:44 +02:00
Tamo
69d312209e
feat(search): Implements the nested fields
See https://github.com/meilisearch/specifications/pull/121
2022-04-07 19:47:20 +02:00
ad hoc
6a82a055d3
chore(auth): refactor token validation 2022-03-21 11:18:51 +01:00
Kerollmops
5bffa4b7f9
Tenant token validation is now created by a function 2022-03-17 17:55:50 +01:00
ManyTheFish
4aef7c5ac5
Fix tenant token validation when exp is null 2022-03-17 11:05:03 +01:00
Kerollmops
968053649b
Change the jsonwebtoken crate usage 2022-03-17 11:03:32 +01:00
ad hoc
ddd25bfe01
remove token from InvalidToken error 2022-03-07 15:16:07 +01:00
ad hoc
19da45c53b
Update meilisearch-http/src/extractors/sequential_extractor.rs
Co-authored-by: Clément Renault <clement@meilisearch.com>
2022-03-07 15:02:07 +01:00
ad hoc
b57c59baa4
sequential extractor 2022-03-04 20:43:12 +01:00
ad hoc
af8a5f2c21
async auth 2022-03-02 19:25:51 +01:00
Irevoire
05c8d81e65
chore: get rid of chrono in favor of time
Chrono has been unmaintened for a few month now and there is a CVE on it.

make clippy happy

bump milli
2022-02-16 18:14:29 +01:00
ManyTheFish
7ca647f0d0 feat(auth): Implement Tenant token
Make meilisearch support JWT authentication signed with meilisearch API keys
using HS256, HS384 or HS512 algorithms.

Related spec: https://github.com/meilisearch/specifications/pull/89
Fix #1991
2022-01-27 08:25:39 +01:00
Rob Ede
9f5fee404b
chore(all): update actix-web dependency to 4.0.0-beta.21 2022-01-21 20:44:17 +00:00
many
ee7970f603 feat(auth): Extend API keys
- Add API keys in snapshots
- Add API keys in dumps
- Rename action indexes.add to indexes.create
- fix QA #1979

fix #1979
fix #1995
fix #2001
fix #2003
related to #1890
2021-12-14 17:33:39 +01:00
many
ffefd0caf2
feat(auth): API keys
implements:
https://github.com/meilisearch/specifications/blob/develop/text/0085-api-keys.md

- Add tests on API keys management route (meilisearch-http/tests/auth/api_keys.rs)
- Add tests checking authorizations on each meilisearch routes (meilisearch-http/tests/auth/authorization.rs)
- Implement API keys management routes (meilisearch-http/src/routes/api_key.rs)
- Create module to manage API keys and authorizations (meilisearch-auth)
- Reimplement GuardedData to extend authorizations (meilisearch-http/src/extractors/authentication/mod.rs)
- Change X-MEILI-API-KEY by Authorization Bearer (meilisearch-http/src/extractors/authentication/mod.rs)
- Change meilisearch routes to fit to the new authorization feature (meilisearch-http/src/routes/)

- close #1867
2021-12-06 09:52:41 +01:00
Marin Postma
a30e02c18c feat(all): Task store
implements:
https://github.com/meilisearch/specifications/blob/develop/text/0060-refashion-updates-apis.md

linked PR:

- #1889
- #1891
- #1892
- #1902
- #1906
- #1911
- #1914
- #1915
- #1916
- #1918
- #1924
- #1925
- #1926
- #1930
- #1936
- #1937
- #1942
- #1944
- #1945
- #1946
- #1947
- #1950
- #1951
- #1957
- #1959
- #1960
- #1961
- #1962
- #1964

- https://github.com/meilisearch/milli/pull/414
- https://github.com/meilisearch/milli/pull/409
- https://github.com/meilisearch/milli/pull/406
- https://github.com/meilisearch/milli/pull/418

- close #1687
- close #1786
- close #1940
- close #1948
- close #1949
- close #1932
- close #1956
2021-12-02 20:14:42 +01:00
many
30a094cbb2
Change lacking errors 2021-11-03 14:33:33 +01:00
mpostma
3b91764587 fix auth error 2021-10-05 09:09:40 +02:00
mpostma
0f7625e29a bump dependencies 2021-09-13 15:17:08 +02:00
Tamo
29bf6a8d42
run rustfmt one the whole project and add it to the CI 2021-06-29 15:25:18 +02:00
Tamo
c1c50f6714
unused borrow that must be used 2021-06-28 13:35:25 +02:00
marin postma
3b601f615a
declare new authentication related errors 2021-06-24 16:53:20 +02:00
marin postma
fbd58f2eec
clippy 2021-06-24 16:36:22 +02:00
marin postma
0c1c7a3dd9
implement authentication policies 2021-06-24 16:31:30 +02:00
marin postma
5b71751391
policies macros 2021-06-24 16:31:30 +02:00
marin postma
12f6709e1c
move authencation to extractor mod 2021-06-24 16:31:28 +02:00
marin postma
a838238a63
move payload to own module 2021-06-23 16:49:25 +02:00