Remove middlewares
Middlewares, while kinda cool from an academic standpoint, make our
build times even worse than they already are. Given that we only really
use 1 real middleware today (token auth) and it needs to move into the
parser mode anyway (for security limiting buffer sizes), we might as well
use this as an opportunity to delete some code.
Some other things that happen:
1. Persistent data now moves out of the crow namespace
2. App is no longer a template
3. All request_routes implementations no longer become templates. This
should be a decent (unmeasured) win on compile times.
This commit was part of a commit previously called "various cleanups".
This separates ONLY the middleware deletion part of that.
Note, this also deletes about 400 lines of hard to understand code.
Change-Id: I4c19e25491a153a2aa2e4ef46fc797bcb5b3581a
Signed-off-by: Ed Tanous <ed@tanous.net>
diff --git a/src/token_authorization_middleware_test.cpp b/src/token_authorization_middleware_test.cpp
index 3ac7947..fcb5b65 100644
--- a/src/token_authorization_middleware_test.cpp
+++ b/src/token_authorization_middleware_test.cpp
@@ -1,5 +1,4 @@
#include "token_authorization_middleware.hpp"
-#include "webserver_common.hpp"
#include <condition_variable>
#include <future>
@@ -27,7 +26,7 @@
TEST_F(TokenAuth, SpecialResourcesAreAcceptedWithoutAuth)
{
- CrowApp app(io);
+ App app(io);
crow::token_authorization::requestRoutes(app);
BMCWEB_ROUTE(app, "/redfish/v1")
([]() { return boost::beast::http::status::ok; });
@@ -72,9 +71,7 @@
// Tests that Base64 basic strings work
TEST(TokenAuthentication, TestRejectedResource)
{
- App<crow::persistent_data::Middleware,
- crow::token_authorization::Middleware>
- app;
+ App app;
app.bindaddr("127.0.0.1").port(45451);
BMCWEB_ROUTE(app, "/")([]() { return boost::beast::http::status::ok; });
auto _ = async(std::launch::async, [&] { app.run(); });
@@ -108,9 +105,7 @@
// Tests that Base64 basic strings work
TEST(TokenAuthentication, TestGetLoginUrl)
{
- App<crow::persistent_data::Middleware,
- crow::token_authorization::Middleware>
- app;
+ App app;
app.bindaddr("127.0.0.1").port(45451);
BMCWEB_ROUTE(app, "/")([]() { return boost::beast::http::status::ok; });
auto _ = async(std::launch::async, [&] { app.run(); });
@@ -144,9 +139,7 @@
// Tests boundary conditions on login
TEST(TokenAuthentication, TestPostBadLoginUrl)
{
- App<crow::persistent_data::Middleware,
- crow::token_authorization::Middleware>
- app;
+ App app;
app.bindaddr("127.0.0.1").port(45451);
BMCWEB_ROUTE(app, "/")([]() { return boost::beast::http::status::ok; });
auto _ = async(std::launch::async, [&] { app.run(); });
@@ -236,9 +229,7 @@
TEST(TokenAuthentication, TestSuccessfulLogin)
{
- App<crow::persistent_data::Middleware,
- crow::token_authorization::Middleware>
- app;
+ App app;
app.bindaddr("127.0.0.1").port(45451);
BMCWEB_ROUTE(app, "/")([]() { return boost::beast::http::status::ok; });
auto _ = async(std::launch::async, [&] { app.run(); });
@@ -318,4 +309,4 @@
}
app.stop();
-}
\ No newline at end of file
+}
diff --git a/src/webserver_main.cpp b/src/webserver_main.cpp
index 036db54..2e043d7 100644
--- a/src/webserver_main.cpp
+++ b/src/webserver_main.cpp
@@ -14,17 +14,15 @@
#ifdef BMCWEB_ENABLE_IBM_MANAGEMENT_CONSOLE
#include <ibm/management_console_rest.hpp>
#endif
-#include <persistent_data_middleware.hpp>
#include <redfish.hpp>
#include <redfish_v1.hpp>
#include <sdbusplus/asio/connection.hpp>
#include <sdbusplus/bus.hpp>
#include <sdbusplus/server.hpp>
-#include <security_headers_middleware.hpp>
+#include <security_headers.hpp>
#include <ssl_key_handler.hpp>
#include <vm_websocket.hpp>
#include <webassets.hpp>
-#include <webserver_common.hpp>
#include <string>
@@ -34,8 +32,7 @@
constexpr int defaultPort = 18080;
-template <typename... Middlewares>
-void setupSocket(crow::Crow<Middlewares...>& app)
+void setupSocket(crow::App& app)
{
int listenFd = sd_listen_fds(0);
if (1 == listenFd)
@@ -68,7 +65,7 @@
crow::logger::setLogLevel(crow::LogLevel::Debug);
auto io = std::make_shared<boost::asio::io_context>();
- CrowApp app(io);
+ App app(io);
// Static assets need to be initialized before Authorization, because auth
// needs to build the whitelist from the static routes
@@ -104,6 +101,10 @@
crow::ibm_mc_lock::Lock::getInstance();
#endif
+#ifdef BMCWEB_INSECURE_DISABLE_XSS_PREVENTION
+ cors_preflight::requestRoutes(app);
+#endif
+
crow::login_routes::requestRoutes(app);
BMCWEB_LOG_INFO << "bmcweb (" << __DATE__ << ": " << __TIME__ << ')';