Commit Graph

49 Commits

Author SHA1 Message Date
Sergio Benitez 17dd8dafd0 Move examples to their own workspace.
This allows us to test all of the "core" crates (and the guide) by
testing the root workspace, and all of the examples by testing in the
examples workspace.
2021-03-09 21:57:30 -08:00
Sergio Benitez 63a14525d8 UTF-8 routes. Forms revamp. Temp files. Capped.
So. Many. Changes.

This is an insane commit: simultaneously one of the best (because of all
the wonderful improvements!) and one of the worst (because it is just
massive) in the project's history.

Routing:
  * All UTF-8 characters are accepted everywhere in route paths. (#998)
  * `path` is now `uri` in `route` attribute: `#[route(GET, path = "..")]`
    becomes `#[route(GET, uri = "..")]`.

Forms Revamp
  * All form related types now reside in a new `form` module.
  * Multipart forms are supported. (resolves #106)
  * Collections are supported in forms and queries. (resolves #205)
  * Nested structures in forms and queries are supported. (resolves #313)
  * Form fields can be ad-hoc validated with `#[field(validate = expr)]`.
  * `FromFormValue` is now `FromFormField`, blanket implements `FromForm`.
  * Form field values are always percent-decoded apriori.

Temporary Files
  * A new `TempFile` data and form guard allows streaming data directly to a
    file which can then be persisted.
  * A new `temp_dir` config parameter specifies where to store `TempFile`.
  * The limits `file` and `file/$ext`, where `$ext` is the file extension,
    determines the data limit for a `TempFile`.

Capped
  * A new `Capped` type is used to indicate when data has been truncated due to
    incoming data limits. It allows checking whether data is complete or
    truncated.
  * `DataStream` methods return `Capped` types.
  * `DataStream` API has been revamped to account for `Capped` types.
  * Several `Capped<T>` types implement `FromData`, `FromForm`.
  * HTTP 413 (Payload Too Large) errors are now returned when data limits are
    exceeded. (resolves #972)

Hierarchical Limits
  * Data limits are now hierarchical, delimited with `/`. A limit of `a/b/c`
    falls back to `a/b` then `a`.

Core
  * `&RawStr` no longer implements `FromParam`.
  * `&str` implements `FromParam`, `FromData`, `FromForm`.
  * `FromTransformedData` was removed.
  * `FromData` gained a lifetime for use with request-local data.
  * The default error HTML is more compact.
  * `&Config` is a request guard.
  * The `DataStream` interface was entirely revamped.
  * `State` is only exported via `rocket::State`.
  * A `request::local_cache!()` macro was added for storing values in
    request-local cache without consideration for type uniqueness by using a
    locally generated anonymous type.
  * `Request::get_param()` is now `Request::param()`.
  * `Request::get_segments()` is now `Request::segments()`, takes a range.
  * `Request::get_query_value()` is now `Request::query_value()`, can parse any
    `FromForm` including sequences.
  * `std::io::Error` implements `Responder` like `Debug<std::io::Error>`.
  * `(Status, R)` where `R: Responder` implements `Responder` by overriding the
    `Status` of `R`.
  * The name of a route is printed first during route matching.
  * `FlashMessage` now only has one lifetime generic.

HTTP
  * `RawStr` implements `serde::{Serialize, Deserialize}`.
  * `RawStr` implements _many_ more methods, in particular, those related to the
    `Pattern` API.
  * `RawStr::from_str()` is now `RawStr::new()`.
  * `RawStr::url_decode()` and `RawStr::url_decode_lossy()` only allocate as
    necessary, return `Cow`.
  * `Status` implements `Default` with `Status::Ok`.
  * `Status` implements `PartialEq`, `Eq`, `Hash`, `PartialOrd`, `Ord`.
  * Authority and origin part of `Absolute` can be modified with new
    `Absolute::{with,set}_authority()`, `Absolute::{with,set}_origin()` methods.
  * `Origin::segments()` was removed in favor of methods split into query and
    path parts and into raw and decoded versions.
  * The `Segments` iterator is smarter, returns decoded `&str` items.
  * `Segments::into_path_buf()` is now `Segments::to_path_buf()`.
  * A new `QuerySegments` is the analogous query segment iterator.
  * Once set, `expires` on private cookies is not overwritten. (resolves #1506)
  * `Origin::path()` and `Origin::query()` return `&RawStr`, not `&str`.

Codegen
  * Preserve more spans in `uri!` macro.
  * Preserve spans `FromForm` field types.
  * All dynamic parameters in a query string must typecheck as `FromForm`.
  * `FromFormValue` derive removed; `FromFormField` added.
  * The `form` `FromForm` and `FromFormField` field attribute is now named
    `field`. `#[form(field = ..)]` is now `#[field(name = ..)]`.

Contrib
  * `Json` implements `FromForm`.
  * `MsgPack` implements `FromForm`.
  * The `json!` macro is exported as `rocket_contrib::json::json!`.
  * Added clarifying docs to `StaticFiles`.

Examples
  * `form_validation` and `form_kitchen_sink` removed in favor of `forms`.
  * The `hello_world` example uses unicode in paths.
  * The `json` example only allocates as necessary.

Internal
  * Codegen uses new `exports` module with the following conventions:
    - Locals starts with `__` and are lowercased.
    - Rocket modules start with `_` and are lowercased.
    - `std` types start with `_` and are titlecased.
    - Rocket types are titlecased.
  * A `header` module was added to `http`, contains header types.
  * `SAFETY` is used as doc-string keyword for `unsafe` related comments.
  * The `Uri` parser no longer recognizes Rocket route URIs.
2021-03-04 01:51:21 -08:00
Sergio Benitez 1fb061496d Revamp configuration.
This commit completely overhauls Rocket's configuration systems, basing
it on the new Figment library. It includes many breaking changes
pertaining to configuration. They are:

  * "Environments" are replaced by "profiles".
  * 'ROCKET_PROFILE' takes the place of 'ROCKET_ENV'.
  * Profile names are now arbitrary, but 'debug' and 'release' are given
    special treatment as default profiles for the debug and release
    compilation profiles.
  * A 'default' profile now sits along-side the meta 'global' profile.
  * The concept of "extras" is no longer present; users can extract any
    values they want from the configured 'Figment'.
  * The 'Poolable' trait takes an '&Config'.
  * The 'secrets' feature is disabled by default.
  * It is a hard error if 'secrets' is enabled under the 'release'
    profile and no 'secret_key' is configured.
  * 'ConfigBuilder' no longer exists: all fields of 'Config' are public
    with public constructors for each type.
  * 'keep_alive' is disabled with '0', not 'false' or 'off'.
  * Inlined error variants into the 'Error' structure.
  * 'LoggingLevel' is now 'LogLevel'.
  * Limits can now be specified in SI units: "1 MiB".

The summary of other changes are:

  * The default config file can be configured with 'ROCKET_CONFIG'.
  * HTTP/1 and HTTP/2 keep-alive configuration is restored.
  * 'ctrlc' is now a recognized config option.
  * 'serde' is now a core dependency.
  * TLS misconfiguration errors are improved.
  * Several example use '_' as the return type of '#[launch]' fns.
  * 'AdHoc::config()' was added for simple config extraction.
  * Added more documentation for using 'Limits'.
  * Launch information is no longer treated specially.
  * The configuration guide was rewritten.

Resolves #852.
Resolves #209.
Closes #1404.
Closes #652.
2020-10-20 19:21:56 -07:00
Sergio Benitez 5d9035ddc1 Keep an op-log for sync 'CookieJar'.
In brief, this commit:

  * Updates to the latest upstream 'cookie', fixing a memory leak.
  * Make changes to 'CookieJar' observable only through 'pending()'.
  * Deprecates 'Client::new()' in favor of 'Client::tracked()'.
  * Makes 'dispatch()' on tracked 'Client's synchronize on cookies.
  * Makes 'Client::untracked()' actually untracked.

This commit updates to the latest 'cookie' which removes support for
'Sync' cookie jars. Instead of relying on 'cookie', this commit
implements an op-log based 'CookieJar' which internally keeps track of
changes. The API is such that changes are only observable through
specialized '_pending()' methods.
2020-10-14 21:37:16 -07:00
Sergio Benitez 52320020bc Use thread-safe 'CookieJar's.
The user-facing changes effected by this commit are:

  * The 'http::Cookies<'_>' guard is now '&http::CookieJar<'_>'.
  * The "one-at-a-time" jar restriction is no longer imposed.
  * 'CookieJar' retrieval methods return 'http::CookieCrumb'.
  * The 'private-cookies' feature is now called 'secrets'.
  * Docs flag private cookie methods with feature cfg.
  * Local, async request dispatching is never serialized.
  * 'Client::cookies()' returns the tracked 'CookieJar'.
  * 'LocalResponse::cookies()' returns a 'CookieJar'.
  * 'Response::cookies()' returns an 'impl Iterator'.
  * A path of '/' is set by default on all cookies.
  * 'SameSite=strict' is set by default on all cookies.
  * 'LocalRequest::cookies()' accepts any 'Cookie' iterator.
  * The 'Debug' impl for 'Request' prints the cookie jar.

Resolves #1332.
2020-08-16 02:19:45 -07:00
Sergio Benitez adc79016cd Rearrange top-level exports. Use '#[launch]'.
This commits makes the following high-level changes:

  * 'ShutdownHandle' is renamed to 'Shutdown'.
  * 'Rocket::shutdown_handle()' is renamed to 'Rocket::shutdown()'.
  * '#[launch]` is preferred to '#[rocket::launch]'.
  * Various docs phrasings are improved.
  * Fixed various broken links in docs.

This commits rearranges top-level exports as follows:

  * 'shutdown' module is no longer exported.
  * 'Shutdown' is exported from the crate root.
  * 'Outcome' is not longer exported from the root.
  * 'Handler', 'ErrorHandler' are no longer exported from the root.
2020-07-22 16:10:02 -07:00
Sergio Benitez 62355b424f Remove use of stable 'proc_macro_hygiene' feature. 2020-07-11 10:48:08 -07:00
Jeb Rosen 06975bfaea Use the blocking testing API everywhere.
Co-authored-by: Sergio Benitez <sb@sergio.bz>
2020-07-11 09:24:30 -07:00
Sergio Benitez 6482fa2fba Rework 'local' module. Add 'LocalResponse' methods.
This completes the 'local' blocking client implementation.
2020-07-11 09:24:30 -07:00
Sergio Benitez 03127f4dae Add blocking variant of 'local'.
This commit adds the 'local::blocking' module and moves the existing
asynchronous testing to 'local::asynchronous'. It also includes several
changes to improve the local API, bringing it to parity (and beyond)
with master. These changes are:

  * 'LocalRequest' implements 'Clone'.
  * 'LocalResponse' doesn't implement 'DerefMut<Target=Response>'.
    Instead, direct methods on the type, such as 'into_string()', can
    be used to read the 'Response'.
  * 'Response::body()' returns an '&ResponseBody' as opposed to '&mut
    ResponseBody', which is returned by a new 'Response::body_mut()'.
  * '&ResponseBody' implements 'known_size()` to retrieve a body's size,
    if it is known.

Co-authored-by: Jeb Rosen <jeb@jebrosen.com>
2020-07-11 09:24:30 -07:00
Sergio Benitez 12308b403f Add '#[rocket::launch]' attribute.
The attribute is applied everywhere it can be across the codebase and is
the newly preferred method for launching an application. This commit
also makes '#[rocket::main]` stricter by warning when it is applied to
functions other than 'main'.
2020-07-11 09:24:29 -07:00
Jeb Rosen bc1b90cbdb Add '#[rocket::main]' attribute and make 'launch()' an 'async fn'.
'#[rocket::main]' works like '#[rocket::async_test]', but it uses
tokio's multithreaded scheduler.
2020-07-11 09:24:29 -07:00
Jeb Rosen b0238e5110 Make 'Fairing::on_attach()' async.
This transitively requires that 'Rocket::inspect()', 'Client::new()',
and 'Client::untracked()' also become async.
2020-07-11 09:24:29 -07:00
Sergio Benitez 431b963774 Use 'async_trait' for 'FromRequest'.
Removes 'FromRequestAsync'.
2020-07-11 09:24:29 -07:00
Jeb Rosen 7c4cd068d1 Update for rust-lang/rust#64856.
Raise the nightly version to one that accepts '...(format!(...)).await'.

This additionally reverts commit bdbf80f2da.
2020-07-11 09:24:29 -07:00
Jeb Rosen 62a99e9e49 Fix a minor compilation error, possibly caused by rust-lang/rust#64292. 2020-07-11 09:24:28 -07:00
Jacob Pratt cd6a80c230 Implement an API to request a graceful shutdown.
Additionally listen for Ctrl-C as a shutdown signal by default.
2020-07-11 09:24:28 -07:00
Jeb Rosen 560f0977d3 Revamp testing system for async.
* body_string_wait and body_bytes_wait are removed; use `.await` instead
* `dispatch()` is now an async fn and must be .await-ed
* Add `#[rocket::async_test]` macro, similar in purpose to `tokio::test`
* Tests now use either `rocket::async_test(async { })` or
  `#[rocket::async_test]` in order to `.await` the futures returned
  from `dispatch()` and `body_{string,bytes}()`
* Update 'test.sh' to reflect the tests that should be passing.

Broken:

* Cloned dispatch and mut_dispatch() with a live previous response now both fail, due to a (partial) check for mutable aliasing in LocalRequest.
* Some tests are still failing and need example-specific changes.
2020-07-11 09:24:28 -07:00
Jacob Pratt e44c5896b8 Remove stabilized 'async_await' feature gate and update the minimum nightly version. 2020-07-11 09:24:28 -07:00
Jeb Rosen 6044961680 Update parts of contrib and associated tests and examples:
* json
  * templates
  * helmet
  * databases
  * serve
  * examples/cookies
  * examples/handlebars_templates
  * examples/json
  * examples/session
  * examples/static_files
  * examples/tera_templates
2020-07-11 09:24:28 -07:00
Jeb Rosen 5d439bafc0 Convert core to async and add support for async routes.
Minimum rustc bump required for rust-lang/rust#61775
2020-07-11 09:24:28 -07:00
Pieter Frenssen 1383671090 Do not display 'Error:' on a successful logout in the 'session' example. 2019-08-12 17:39:52 -07:00
Jeb Rosen 3e4f8453ce Remove use of the 'decl_macro' feature.
Also removes one internal use in the 'typed-uris' codegen test.
2019-07-19 11:39:56 -07:00
Jacob Pratt 34a741a26e Remove use of '!' type in favor of 'Infallible'.
This removes the use of and dependence on the 'never_type' feature.
2019-07-09 15:10:51 -07:00
Jeb Rosen d9f989a496 Migrate all examples to Rust 2018. 2019-06-25 11:30:43 -07:00
Linus Unnebäck 53758c6dd7 Introduce the 'private-cookies' feature. 2018-11-08 23:38:18 -08:00
Sergio Benitez 9cb031a47d Modularize contrib. 2018-10-09 04:31:09 -07:00
Sergio Benitez 2839aca8ce Update features for latest nightly. 2018-10-09 04:31:09 -07:00
Sergio Benitez 360b0e80b0 Port all codegen tests to codegen_next. 2018-10-09 04:31:08 -07:00
Sergio Benitez 61f107f550 Reimplement route attribute as a proc-macro.
This commits also implement the query reform from #608. It also consists
of many, many breaking changes. Among them are:

  * Query parts in route paths use new query reform syntax.
  * Routing for queries is now lenient.
    - Default ranking has changed to reflect query reform.
  * Format routing matching has been fixed.
    - Routes with formats matching "accept" will always collide.
    - Routes with formats matching "content-type" require requests to
      have an equivalent content-type header to match.
    - Requests with imprecise content-types are treated as not having a
      content-type.
  * Generated routes and catchers respect visibility modifiers.
  * Raw getter methods from request were renamed and retooled.
    - In particular, the index parameter is based on segments in the
      route path, not dynamic parameters.
  * The method-based attributes no longer accept a keyed 'path'.
  * The 'rocket_codegen' crate is gone and will no longer be public.
  * The 'FormItems' iterator emits values of type 'FormItem'.
    - The internal form items' string can no longer be retrieved.
  * In general, routes are more strictly validated.
  * Logging from codegen now funnels through logging infrastructure.
  * Routing has been optimized by caching routing metadata.

Resolves #93.
Resolves #608.
Resolves #693.
Resolves #476.
2018-10-09 04:18:04 -07:00
Sergio Benitez ec4cc3a293 Allow transforms in 'FromData'. Add 'FromDataSimple'.
The new 'FromData' trait allows an implementor to instruct the caller to
maintain state on its stack and later pass a borrow for processing.
Among other things, it greatly simplifies the 'Form' type, removing a
use of unsafe, and allows references in deserialized data guards.
2018-09-26 21:33:02 -07:00
jeb 8e779610c4 Reimplement 'routes!' and 'catchers!' as proc-macros. 2018-09-16 18:52:23 -07:00
Sergio Benitez fe59a7fe38 Use better types for 'Error' associated types. 2018-08-10 04:42:30 -07:00
Sergio Benitez d7f6d82fe4 Implement 'FromForm[Value]', 'Responder' proc-macro derives.
This completes the migration of custom derives to proc-macros, removing
the need for the `custom_derive` feature in consumer code. This commit
also includes documentation, unit tests, and compile UI tests for each
of the derives.

Additionally, this commit improves the existing `FromForm` and
`FromFormValue` derives. The generated code for `FromForm` now returns
an error value indicating the error condition. The `FromFormValue`
derive now accepts a `form` attribute on variants for specifying the
exact value string to match against.

Closes #590.
Closes #670.
2018-08-06 19:58:07 -07:00
David Darrell 76bbcb5de8 Always set 'secret_key' in session example.
This commit also removes a previously unused 'Flash' message.
2018-06-28 19:02:39 -07:00
Sergio Benitez f171dc9d09 Reorganize repository.
The directory structure has changed to better isolate crates serving
core and contrib. The new directory structure is:

  contrib/
    lib/ - the contrib library
  core/
    lib/ - the core Rocket library
    codegen/ - the "compile extension" codegen library
    codegen_next/ - the new proc-macro library
  examples/ - unchanged
  scripts/ - unchanged
  site/ - unchanged

This commit also removes the following files:

  appveyor.yml - AppVeyor (Rust on Windows) is far too spotty for use
  rustfmt.toml - rustfmt is, unfortunately, not mature enough for use

Finally, all example Cargo crates were marked with 'publish = false'.
2018-06-03 18:44:38 +02:00
Sergio Benitez 9629b40202 Clear flash cookies only after they're inspected.
Resolves #512.
Resolves #466.
2018-04-14 19:53:36 -07:00
Sergio Benitez 5b4a35d508 Update codegen for 2018-04-06 nightly. 2018-04-07 13:51:57 -07:00
Sergio Benitez 084481a84e Initial implementation of typed URIs.
This is a breaking change. All Rocket applications using code
generation must now additionally declare usage of the 'decl_macro'
feature.
2017-09-14 22:10:25 -07:00
Sergio Benitez 05a8a93eec Add tests for the 'session' example.
Closes #316.
2017-07-04 14:51:41 -07:00
Sergio Benitez 150aef7764 Impl 'try' for 'Outcome'. Document 'Cookies'.
The 'try' impl for 'Outcome' allows the '?' operator to be used with
'Outcome' values. This is likely to make 'FromRequest' and 'FromData'
implementations more ergonomic.

This commit also expands the 'IntoOutcome' trait. It is now
implemented for 'Option'. It also now includes an additional
'or_forward' method.
2017-06-24 02:49:31 -07:00
Sergio Benitez b8ba7b855f Remove Session in favor of private cookies. New testing API.
Sessions
--------

This commit removes the `Session` type in favor of methods on the
`Cookies` types that allow for adding, removing, and getting private
(signed and encrypted) cookies. These methods provide a superset of
the functionality of `Session` while also being a minimal addition to
the existing API. They can be used to implement the previous `Session`
type as well as other forms of session storage. The new methods are:

  * Cookie::add_private(&mut self, Cookie)
  * Cookie::remove_private(&mut self, Cookie)
  * Cookie::get_private(&self, &str)

Resolves #20

Testing
-------

This commit removes the `rocket::testing` module. It adds the
`rocket::local` module which provides a `Client` type for local
dispatching of requests against a `Rocket` instance. This `local`
package subsumes the previous `testing` package.

Rocket Examples
---------------

The `forms`, `optional_result`, and `hello_alt_methods` examples have
been removed. The following example have been renamed:

  * extended_validation -> form_validation
  * hello_ranks -> ranking
  * from_request -> request_guard
  * hello_tls -> tls

Other Changes
-------------

This commit also includes the following smaller changes:

  * Config::{development, staging, production} constructors have been
    added for easier creation of default `Config` structures.
  * The `Config` type is exported from the root.
  * `Request` implements `Clone` and `Debug`.
  * `Request::new` is no longer exported.
  * A `Response::body_bytes` method was added to easily retrieve a
    response's body as a `Vec<u8>`.
2017-06-08 17:34:50 -07:00
Anton Pirker 781477fff1 Rename 'session_key' config parameter to 'secret_key'.
Resolves #220.
2017-05-12 17:24:25 -07:00
Sergio Benitez 1e5a1b8940 Remove 'testing' feature. Close stream on network error.
This is a breaking change.

The `testing` feature no longer exists. Testing structures can now be
accessed without any features enabled.

Prior to this change, Rocket would panic when draining from a network
stream failed. With this change, Rocket force closes the stream on any
error.

This change also ensures that the `Fairings` launch output only prints
if at least one fairing has been attached.
2017-04-20 20:36:12 -07:00
Sergio Benitez 7c19bf784d Allow form field renaming via #[form(field = "name")] attribute. 2017-04-03 19:06:30 -07:00
Sergio Benitez 65da988962 Return a `LaunchError` from `launch` when launching fails.
This is a (minor) breaking change. If `rocket.launch()` is the last expression
in a function, the return type will change from `()` to `LaunchError`. A simple
workaround that preserves the previous functionality is to simply add a
semicolon after `launch()`: `rocket.launch();`.

resolves #34
2017-03-15 22:10:09 -07:00
Sergio Benitez a4f532da09 Set examplem versions to 0.0.0. 2017-03-08 14:29:24 -08:00
Sergio Benitez 63e89b04b4 Rename Session::add to Session::set.
Also set a default expiration of 3 hours for session cookies.
2017-03-08 14:25:58 -08:00
Sergio Benitez 16cb7297ab Initial session support.
This commit includes the following additions:
  * A `session` example was added.
  * `Config::take_session_key` was removed.
  * If a `session_key` is not supplied, one is automatically generated.
  * The `Session` type implements signed, encrypted sessions.
  * A `Session` can be retrieved via its request guard.
2017-03-08 03:28:12 -08:00