From b56a54adffd3fe94dba138ef7279bab1e17cafc3 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Arma=C3=ABl=20Gu=C3=A9neau?= <armael.gueneau@ens-lyon.org>
Date: Sat, 21 Dec 2024 21:22:16 +0100
Subject: [PATCH] read the forgejo API token from an environment variable

---
 README.md   | 12 ++++++------
 src/main.rs |  7 ++++---
 2 files changed, 10 insertions(+), 9 deletions(-)

diff --git a/README.md b/README.md
index bd0027b..14c93f3 100644
--- a/README.md
+++ b/README.md
@@ -2,20 +2,21 @@
 
 ## Usage
 
-- create an API token for your admin account, and write it in an `api_token`
-  file at the root of the repo
 - remove `model.json` if you want to start with no pre-existing model of what is
   spam or not. Or keep it to use the current classifier. The file gets updated
   when using the tool: the classifier learns from spam/legit decisions and
   should get progressively better at identifying spam.
 - run: `cargo run`
-- classify users as spam/not spam. Right now the classification is stored
-  locally in `db.json`, no concrete action is taken. (Ultimately we will want to
-  lock/delete accounts, etc.)
+- classify users as spam/not spam. By default the classification is stored
+  locally in `db.json`, no concrete action is taken. (see the
+  `ACTUALLY_BAN_USERS` environment variable below.)
 
 ## Configuration
 
 Forgery reads the following environment variables:
+- `FORGEJO_API_TOKEN`: Forgejo API token *granting admin access*. Required. You
+  can generate an API token using the Forgejo web interface in `Settings ->
+  Applications -> Generate New Token`.
 - `ACTUALLY_BAN_USERS`: define it (e.g. to `true`) to actually lock user
   accounts, send notification emails and eventually delete user accounts. If not
   defined (the default), no actual action is taken, spammers are only listed in
@@ -35,5 +36,4 @@ Environment variables that are relevant when `ACTUALLY_BAN_USERS=true`:
    could not be locked, but delete the account after the grace period even if
    the email could not be sent…)
 - add backend to store data on garage instead of local files
-- replate the `api_token` file with a better mechanism: oauth maybe?
 - improve error handling 
diff --git a/src/main.rs b/src/main.rs
index b394a3a..9f35837 100644
--- a/src/main.rs
+++ b/src/main.rs
@@ -1,4 +1,5 @@
 use actix_web::{get, post, web, App, HttpRequest, HttpResponse, HttpServer, Responder};
+use anyhow::Context;
 use forgejo_api::{Auth, Forgejo};
 use lazy_static::lazy_static;
 use rand::prelude::*;
@@ -50,9 +51,9 @@ pub enum ActuallyBan {
 }
 
 fn forge() -> anyhow::Result<Forgejo> {
-    let api_token = std::fs::read_to_string(Path::new("api_token"))?
-        .trim()
-        .to_string();
+    let api_token = std::env::var("FORGEJO_API_TOKEN")
+        .context("reading the FORGEJO_API_TOKEN environment variable")?;
+
     let forge = Forgejo::new(
         Auth::Token(&api_token),
         url::Url::parse("https://git.deuxfleurs.fr")?,