Implement auth interceptor

Author: TanmayArya-1p

crates/grpc_server/src/interceptors.rs

@@ -1,31 +1,46 @@
-use crate::config;
-use std::fs::metadata;
-use tonic::{GrpcMethod, Request, Response, Status, service::Interceptor};
-use tracing::{Level, Metadata, event};
+use tonic::{GrpcMethod, Request, Status, service::Interceptor};
+use tracing::{Level, event};
 
 pub fn logging_interceptor(req: Request<()>) -> Result<Request<()>, Status> {
     if let Some(method) = req.extensions().get::<GrpcMethod>() {
-        event!(
-            Level::INFO,
-            "RPC call: {}:{} | from: {}",
+        println!(
+            "RPC to {}:{} : From {:?}",
             method.service(),
             method.method(),
-            req.remote_addr().unwrap()
+            req.remote_addr()
         );
     }
     Ok(req)
 }
 
-//TODO: implement auth
+#[derive(Clone)]
+pub struct AuthInterceptor {
+    root_password: String,
+}
 
-// struct AuthInterceptor {
-//     config: &'static config::GRPCServerConfig,
-// }
+impl Interceptor for AuthInterceptor {
+    fn call(&mut self, req: tonic::Request<()>) -> Result<tonic::Request<()>, Status> {
+        let auth_token = match req.metadata().get("authorization") {
+            Some(t) => t,
+            None => return Err(Status::unauthenticated("Invalid credentials")),
+        };
+        if auth_token
+            .to_str()
+            .unwrap_or_default()
+            .strip_prefix("Bearer ")
+            .unwrap_or_default()
+            == self.root_password
+        {
+            Ok(req)
+        } else {
+            event!(Level::WARN, "Unauthorized Request");
+            Err(Status::unauthenticated("Invalid credentials"))
+        }
+    }
+}
 
-// impl Interceptor for AuthInterceptor {
-//     fn call(&mut self, req: tonic::Request<()>) -> Result<tonic::Request<()>, Status> {
-//     	if let req.metadata().unwrap() == self.config.root_password {
-//     	};
-//     	Ok(req)
-//     }
-// }
+impl AuthInterceptor {
+    pub fn new(root_password: String) -> AuthInterceptor {
+        AuthInterceptor { root_password }
+    }
+}

crates/grpc_server/src/main.rs

@@ -1,10 +1,9 @@
-use std::panic;
-
 use api;
 use defs;
-use grpc_server::config;
 use grpc_server::constants::SIMILARITY_PROTOBUF_MAP;
 use grpc_server::interceptors;
+use grpc_server::{config::GRPCServerConfig, interceptors::logging_interceptor};
+use std::panic;
 use tonic::{Request, Response, Status, service::InterceptorLayer, transport::Server};
 use tracing_subscriber;
 
@@ -66,7 +65,7 @@ impl VectorDb for VectorDBService {
 
         let point = point_opt.unwrap();
 
-        // TODO: handle payload properly once defined
+        // TODO: handle payload properly once we decide to define it
         Ok(Response::new(Point {
             id: Some(PointId { id: point.id }),
             vector: Some(DenseVector {
@@ -82,6 +81,8 @@ impl VectorDb for VectorDBService {
     ) -> Result<Response<SearchResponse>, Status> {
         let search_request = request.into_inner();
 
+        //TODO: distance function panics if different dimensions; no dimension enforcement
+
         // extract request arguments
         let query_vect = search_request.query_vector.unwrap();
         let similarity = SIMILARITY_PROTOBUF_MAP[search_request.similarity as usize];
@@ -106,9 +107,10 @@ impl VectorDb for VectorDBService {
     async fn delete_point(&self, request: Request<PointId>) -> Result<Response<()>, Status> {
         let point_id = request.into_inner().id;
 
-        if self.vector_db.delete(point_id).is_err() {
-            return Err(Status::not_found("Point not found"));
-        };
+        // TODO: delete call needs to return a boolean indicating if point is present or not
+        // if self.vector_db.delete(point_id)? {
+        //     return Err(Status::not_found("Point not found"));
+        // };
 
         Ok(Response::new(()))
     }
@@ -117,7 +119,7 @@ impl VectorDb for VectorDBService {
 #[tokio::main]
 async fn main() -> Result<(), Box<dyn std::error::Error>> {
     tracing_subscriber::fmt::init();
-    let config = config::GRPCServerConfig::load_config()
+    let config = GRPCServerConfig::load_config()
         .inspect_err(|err| panic!("Failed to load config: {}", err))
         .unwrap();
 
@@ -135,8 +137,11 @@ async fn main() -> Result<(), Box<dyn std::error::Error>> {
         config.addr.to_string()
     );
 
-    Server::builder()
-        .layer(InterceptorLayer::new(interceptors::logging_interceptor))
+    let auth_interceptor = interceptors::AuthInterceptor::new(config.root_password);
+
+    let _ = Server::builder()
+        .layer(InterceptorLayer::new(logging_interceptor))
+        .layer(InterceptorLayer::new(auth_interceptor))
         .add_service(VectorDbServer::new(vector_db_service))
         .serve(config.addr)
         .await