Harden minecraft-server-play analytics (#5484)

* Harden minecraft-server-play analytics * Verify based on mc token * Fail for non-server projects * Nitpicks and factor out HTTP client * Allow passing old minecraft_uuid field for clients * Remove server play analytics test since it relies on auth against Minecraft API which I don't want to mock :( * Switch to using hasJoined for uuid validation * Fix formatting * Fix sessionserver status code * Ensure profile name and queried username matches * replace some wrap_request_errs with internal errs * add HTTP client into web::Data * short timeout on client-side session join query * further fixes * sqlx prepare * fix clippy --------- Co-authored-by: Creeperkatze <178587183+Creeperkatze@users.noreply.github.com> Co-authored-by: aecsocket <aecsocket@tutanota.com>
2026-03-09 17:26:15 +01:00
parent 4a0c610fc5
commit 73abe272d1
18 changed files with 310 additions and 89 deletions
--- a/apps/labrinth/src/lib.rs
+++ b/apps/labrinth/src/lib.rs
@@ -22,6 +22,7 @@ use crate::queue::moderation::AutomatedModerationQueue;
 use crate::routes::internal::delphi::rescan::rescan_projects_in_queue;
 use crate::util::anrok;
 use crate::util::archon::ArchonClient;
+use crate::util::http::HttpClient;
 use crate::util::ratelimit::{AsyncRateLimiter, GCRAParameters};
 use sync::friends::handle_pubsub;

@@ -69,6 +70,7 @@ pub struct LabrinthConfig {
    pub email_queue: web::Data<EmailQueue>,
    pub archon_client: web::Data<ArchonClient>,
    pub gotenberg_client: GotenbergClient,
+    pub http_client: web::Data<HttpClient>,
 }

 #[allow(clippy::too_many_arguments)]
@@ -103,10 +105,14 @@ pub fn app_setup(

    let scheduler = scheduler::Scheduler::new();

+    let http_client = web::Data::new(HttpClient::new());
    {
        let pool_ref = pool.clone();
+        let http_ref = http_client.clone();
        actix_rt::spawn(async move {
-            if let Err(err) = rescan_projects_in_queue(&pool_ref).await {
+            if let Err(err) =
+                rescan_projects_in_queue(&pool_ref, &http_ref).await
+            {
                warn!("Delphi rescan failed: {err:#}");
            }
        });
@@ -303,6 +309,7 @@ pub fn app_setup(
        stripe_client,
        anrok_client,
        gotenberg_client,
+        http_client,
        archon_client: web::Data::new(
            ArchonClient::from_env()
                .expect("ARCHON_URL and PYRO_API_KEY must be set"),
@@ -333,6 +340,7 @@ pub fn app_config(
    .app_data(web::Data::new(labrinth_config.file_host.clone()))
    .app_data(web::Data::new(labrinth_config.search_config.clone()))
    .app_data(web::Data::new(labrinth_config.gotenberg_client.clone()))
+    .app_data(labrinth_config.http_client.clone())
    .app_data(labrinth_config.session_queue.clone())
    .app_data(labrinth_config.payouts_queue.clone())
    .app_data(labrinth_config.email_queue.clone())