From a790a24c4d0680ca9aaef087a9b9da7ea316472c Mon Sep 17 00:00:00 2001
From: Nutomic <me@nutomic.com>
Date: Tue, 5 Dec 2023 17:22:08 +0100
Subject: [PATCH] Revert debug auth (#4232)

* Revert "Some changes to help debug auth problems on lemmy.ml (#4220)"

This reverts commit 16ac893e1578ec1fa7601a30f6b86357eb6a7c56.

* Rename auth cookie back to jwt
---
 config/defaults.hjson                |  2 --
 crates/api/src/lib.rs                |  6 ------
 crates/api_common/src/utils.rs       |  2 +-
 crates/utils/src/settings/structs.rs |  3 ---
 scripts/lint.sh                      |  2 +-
 src/session_middleware.rs            | 13 +++----------
 6 files changed, 5 insertions(+), 23 deletions(-)

diff --git a/config/defaults.hjson b/config/defaults.hjson
index 47d3ed24f..880af802c 100644
--- a/config/defaults.hjson
+++ b/config/defaults.hjson
@@ -98,6 +98,4 @@
   # Sets a response Access-Control-Allow-Origin CORS header
   # https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Origin
   cors_origin: "*"
-  # Always send cache-control: private header for api responses, avoid problems with wrong caching.
-  disable_cache_control: true
 }
diff --git a/crates/api/src/lib.rs b/crates/api/src/lib.rs
index c41b2315a..faa74824e 100644
--- a/crates/api/src/lib.rs
+++ b/crates/api/src/lib.rs
@@ -15,7 +15,6 @@ use lemmy_utils::{
 };
 use std::io::Cursor;
 use totp_rs::{Secret, TOTP};
-use tracing::log::warn;
 
 pub mod comment;
 pub mod comment_report;
@@ -85,11 +84,6 @@ pub fn read_auth_token(req: &HttpRequest) -> Result<Option<String>, LemmyError>
   else if let Some(cookie) = &req.cookie(AUTH_COOKIE_NAME) {
     Ok(Some(cookie.value().to_string()))
   }
-  // Read old auth cookie
-  else if let Some(cookie) = &req.cookie("jwt") {
-    warn!("Falling back to jwt cookie");
-    Ok(Some(cookie.value().to_string()))
-  }
   // Otherwise, there's no auth
   else {
     Ok(None)
diff --git a/crates/api_common/src/utils.rs b/crates/api_common/src/utils.rs
index 3c57a36cd..0ea27f794 100644
--- a/crates/api_common/src/utils.rs
+++ b/crates/api_common/src/utils.rs
@@ -43,7 +43,7 @@ use std::collections::HashSet;
 use tracing::warn;
 use url::{ParseError, Url};
 
-pub static AUTH_COOKIE_NAME: &str = "auth";
+pub static AUTH_COOKIE_NAME: &str = "jwt";
 
 #[tracing::instrument(skip_all)]
 pub async fn is_mod_or_admin(
diff --git a/crates/utils/src/settings/structs.rs b/crates/utils/src/settings/structs.rs
index ba247d7db..886cd71b6 100644
--- a/crates/utils/src/settings/structs.rs
+++ b/crates/utils/src/settings/structs.rs
@@ -57,9 +57,6 @@ pub struct Settings {
   #[default(None)]
   #[doku(example = "*")]
   cors_origin: Option<String>,
-  /// Always send cache-control: private header for api responses, avoid problems with wrong caching.
-  #[default(None)]
-  pub disable_cache_control: Option<bool>,
 }
 
 impl Settings {
diff --git a/scripts/lint.sh b/scripts/lint.sh
index 6a9526dfc..924fba390 100755
--- a/scripts/lint.sh
+++ b/scripts/lint.sh
@@ -5,7 +5,7 @@ CWD="$(cd -P -- "$(dirname -- "${BASH_SOURCE[0]}")" && pwd -P)"
 
 cd $CWD/../
 
-cargo clippy --workspace --fix --allow-staged --allow-dirty --tests --all-targets -- -D warnings
+cargo clippy --workspace --fix --allow-staged --allow-dirty --tests --all-targets --all-features -- -D warnings
 
 # Format rust files
 cargo +nightly fmt
diff --git a/src/session_middleware.rs b/src/session_middleware.rs
index bdecb9818..f50e0eccd 100644
--- a/src/session_middleware.rs
+++ b/src/session_middleware.rs
@@ -11,7 +11,6 @@ use lemmy_api::{local_user_view_from_jwt, read_auth_token};
 use lemmy_api_common::context::LemmyContext;
 use reqwest::header::HeaderValue;
 use std::{future::ready, rc::Rc};
-use tracing::log::warn;
 
 #[derive(Clone)]
 pub struct SessionMiddleware {
@@ -72,11 +71,8 @@ where
         // TODO: this means it will be impossible to get any error message for invalid jwt. Need
         //       to add a separate endpoint for that.
         //       https://github.com/LemmyNet/lemmy/issues/3702
-        let local_user_view = local_user_view_from_jwt(jwt, &context).await;
-        if let Err(e) = &local_user_view {
-          warn!("Failed to handle user login: {e}");
-        }
-        if let Ok(local_user_view) = local_user_view {
+        let local_user_view = local_user_view_from_jwt(jwt, &context).await.ok();
+        if let Some(local_user_view) = local_user_view {
           req.extensions_mut().insert(local_user_view);
         }
       }
@@ -85,14 +81,11 @@ where
 
       // Add cache-control header. If user is authenticated, mark as private. Otherwise cache
       // up to one minute.
-
-      let disable_cache = context.settings().disable_cache_control.unwrap_or(false);
-      let cache_value = if jwt.is_some() || disable_cache {
+      let cache_value = if jwt.is_some() {
         "private"
       } else {
         "public, max-age=60"
       };
-
       res
         .headers_mut()
         .insert(CACHE_CONTROL, HeaderValue::from_static(cache_value));
-- 
GitLab