mirror of https://github.com/meilisearch/MeiliSearch synced 2024-06-10 14:49:51 +02:00

Go to file

bors[bot] d7ca68d8e9 Merge #228 228: Authentication rework r=curquiza a=MarinPostma In an attempt to fix #201, I ended up rewriting completely the authentication system we use. This is because actix doesn't allow to wrap a single route into a middleware, so we initially put each route into it's own service to use the authentication middleware. Routes are now grouped in resources, fixing #201. As for the authentication, I decided to take a very different approach, and ditch middleware altogether. Instead, I decided to use actix's [extractor](https://actix.rs/docs/extractors/). `Data` is now wrapped in a `GuardedData<P: Policy, T>` (where `T` is `Data`) in each route. The `Policy` trait, thanks to the `authenticate` method tell if a request is authorized to access the resources in the route. Concretely, before the server starts, it is configured with a `AuthConfig` instance that can either be `AuthConfig::NoAuth` when no auth is required at runtime, or `AuthConfig::Auth(Policies)`, where `Policies` maps the `Policy` type to it singleton instance. In the current implementation, and this to match the legacy meilisearch behaviour, each policy implementation contains a `HashSet` of token (`Vec<u8>` for now), that represents the user it can authenticate. When starting the program, each key (identified as a user) is given a set of `Policy`, representing its roles. The later is facilitated by the `create_users` macro, like so: ```rust create_users!( policies, master_key.as_bytes() => { Admin, Private, Public }, private_key.as_bytes() => { Private, Public }, public_key.as_bytes() => { Public } ); ``` This is some groundwork for later development on a full fledged authentication system for meilisearch. fix #201 Co-authored-by: marin postma <postma.marin@protonmail.com>		2021-06-28 08:38:59 +00:00
.github	run cargo flaky only 100 times	2021-06-21 17:36:54 +02:00
meilisearch-error	serve static site	2021-04-22 10:26:54 +02:00
meilisearch-http	change route to service<resource>	2021-06-24 19:02:28 +02:00
.dockerignore	add docker recipe	2021-03-01 14:41:57 +01:00
.gitignore	put mini-dashboard in out-dir	2021-04-27 09:32:17 +02:00
bors.toml	Update CI	2021-04-27 12:43:00 +02:00
Cargo.lock	bump milli to 0.6.0	2021-06-23 18:40:19 +02:00
Cargo.toml	create workspace with meilisearch-error	2021-03-01 14:41:55 +01:00
Dockerfile	Fix docker build	2021-06-24 16:45:51 +02:00
LICENSE	add license	2021-02-28 10:08:36 +01:00
README.md	Update README.md	2021-04-27 16:33:22 +02:00

README.md

Transplant

Transplant makes communication between the users and Milli using HTTP. The final purpose of Transplant is to be merged into the current MeiliSearch repository so that users will enjoy the new search engine performance provided by Milli.

Run the alpha releases

Currently only alpha versions are available.

You can:

Run it with Docker, for instance:

docker run -p 7700:7700 getmeili/meilisearch:v0.21.0-alpha.4 ./meilisearch

With the available release assets.
Compile from the source code:

cargo run --release

Run the tests

cargo test

If you encounter any Too many open files error when running the tests, please upgrade the maximum number of open file descriptors with this command:

ulimit -Sn 3000