feat: return refresh_token in cookie
This commit is contained in:
parent
ebb4286c08
commit
0f897dc0c6
5 changed files with 32 additions and 33 deletions
|
|
@ -1,17 +1,17 @@
|
|||
use std::time::{SystemTime, UNIX_EPOCH};
|
||||
|
||||
use actix_web::{Error, HttpResponse, error, post, web};
|
||||
use actix_web::{error, post, web, Error, HttpResponse};
|
||||
use argon2::{PasswordHash, PasswordVerifier};
|
||||
use futures::StreamExt;
|
||||
use log::error;
|
||||
use serde::{Deserialize, Serialize};
|
||||
use serde::Deserialize;
|
||||
|
||||
use crate::{
|
||||
Data,
|
||||
api::v1::auth::{EMAIL_REGEX, PASSWORD_REGEX, USERNAME_REGEX},
|
||||
crypto::{generate_access_token, generate_refresh_token},
|
||||
api::v1::auth::{EMAIL_REGEX, PASSWORD_REGEX, USERNAME_REGEX}, crypto::{generate_access_token, generate_refresh_token}, utils::refresh_token_cookie, Data
|
||||
};
|
||||
|
||||
use super::Response;
|
||||
|
||||
#[derive(Deserialize)]
|
||||
struct LoginInformation {
|
||||
username: String,
|
||||
|
|
@ -19,12 +19,6 @@ struct LoginInformation {
|
|||
device_name: String,
|
||||
}
|
||||
|
||||
#[derive(Serialize)]
|
||||
pub struct Response {
|
||||
pub access_token: String,
|
||||
pub refresh_token: String,
|
||||
}
|
||||
|
||||
const MAX_SIZE: usize = 262_144;
|
||||
|
||||
#[post("/login")]
|
||||
|
|
@ -187,8 +181,7 @@ async fn login(
|
|||
return HttpResponse::InternalServerError().finish()
|
||||
}
|
||||
|
||||
HttpResponse::Ok().json(Response {
|
||||
HttpResponse::Ok().cookie(refresh_token_cookie(refresh_token)).json(Response {
|
||||
access_token,
|
||||
refresh_token,
|
||||
})
|
||||
}
|
||||
|
|
|
|||
|
|
@ -7,6 +7,7 @@ use std::{
|
|||
use actix_web::{HttpResponse, Scope, web};
|
||||
use log::error;
|
||||
use regex::Regex;
|
||||
use serde::Serialize;
|
||||
use sqlx::Postgres;
|
||||
use uuid::Uuid;
|
||||
|
||||
|
|
@ -15,6 +16,11 @@ mod refresh;
|
|||
mod register;
|
||||
mod revoke;
|
||||
|
||||
#[derive(Serialize)]
|
||||
struct Response {
|
||||
access_token: String,
|
||||
}
|
||||
|
||||
static EMAIL_REGEX: LazyLock<Regex> = LazyLock::new(|| {
|
||||
Regex::new(r"[-A-Za-z0-9!#$%&'*+/=?^_`{|}~]+(?:\.[-A-Za-z0-9!#$%&'*+/=?^_`{|}~]+)*@(?:[A-Za-z0-9](?:[-A-Za-z0-9]*[A-Za-z0-9])?\.)+[A-Za-z0-9](?:[-A-Za-z0-9]*[A-Za-z0-9])?").unwrap()
|
||||
});
|
||||
|
|
|
|||
|
|
@ -1,28 +1,22 @@
|
|||
use actix_web::{post, web, Error, HttpRequest, HttpResponse};
|
||||
use log::error;
|
||||
use serde::Serialize;
|
||||
use std::time::{SystemTime, UNIX_EPOCH};
|
||||
|
||||
use crate::{
|
||||
Data,
|
||||
crypto::{generate_access_token, generate_refresh_token},
|
||||
crypto::{generate_access_token, generate_refresh_token}, utils::refresh_token_cookie, Data
|
||||
};
|
||||
|
||||
#[derive(Serialize)]
|
||||
struct Response {
|
||||
refresh_token: String,
|
||||
access_token: String,
|
||||
}
|
||||
use super::Response;
|
||||
|
||||
#[post("/refresh")]
|
||||
pub async fn res(req: HttpRequest, data: web::Data<Data>) -> Result<HttpResponse, Error> {
|
||||
let refresh_token_cookie = req.cookie("refresh_token");
|
||||
let recv_refresh_token_cookie = req.cookie("refresh_token");
|
||||
|
||||
if let None = refresh_token_cookie {
|
||||
if let None = recv_refresh_token_cookie {
|
||||
return Ok(HttpResponse::Unauthorized().finish())
|
||||
}
|
||||
|
||||
let mut refresh_token = String::from(refresh_token_cookie.unwrap().value());
|
||||
let mut refresh_token = String::from(recv_refresh_token_cookie.unwrap().value());
|
||||
|
||||
let current_time = SystemTime::now()
|
||||
.duration_since(UNIX_EPOCH)
|
||||
|
|
@ -101,8 +95,7 @@ pub async fn res(req: HttpRequest, data: web::Data<Data>) -> Result<HttpResponse
|
|||
return Ok(HttpResponse::InternalServerError().finish())
|
||||
}
|
||||
|
||||
return Ok(HttpResponse::Ok().json(Response {
|
||||
refresh_token,
|
||||
return Ok(HttpResponse::Ok().cookie(refresh_token_cookie(refresh_token)).json(Response {
|
||||
access_token,
|
||||
}));
|
||||
}
|
||||
|
|
|
|||
|
|
@ -10,11 +10,9 @@ use log::error;
|
|||
use serde::{Deserialize, Serialize};
|
||||
use uuid::Uuid;
|
||||
|
||||
use super::login::Response;
|
||||
use super::Response;
|
||||
use crate::{
|
||||
Data,
|
||||
api::v1::auth::{EMAIL_REGEX, PASSWORD_REGEX, USERNAME_REGEX},
|
||||
crypto::{generate_access_token, generate_refresh_token},
|
||||
api::v1::auth::{EMAIL_REGEX, PASSWORD_REGEX, USERNAME_REGEX}, crypto::{generate_access_token, generate_refresh_token}, utils::refresh_token_cookie, Data
|
||||
};
|
||||
|
||||
#[derive(Deserialize)]
|
||||
|
|
@ -159,9 +157,8 @@ pub async fn res(mut payload: web::Payload, data: web::Data<Data>) -> Result<Htt
|
|||
return Ok(HttpResponse::InternalServerError().finish())
|
||||
}
|
||||
|
||||
HttpResponse::Ok().json(Response {
|
||||
HttpResponse::Ok().cookie(refresh_token_cookie(refresh_token)).json(Response {
|
||||
access_token,
|
||||
refresh_token,
|
||||
})
|
||||
}
|
||||
Err(error) => {
|
||||
|
|
|
|||
12
src/utils.rs
12
src/utils.rs
|
|
@ -1,4 +1,4 @@
|
|||
use actix_web::{HttpResponse, http::header::HeaderMap};
|
||||
use actix_web::{cookie::{time::Duration, Cookie, SameSite}, http::header::HeaderMap, HttpResponse};
|
||||
|
||||
pub fn get_auth_header(headers: &HeaderMap) -> Result<&str, HttpResponse> {
|
||||
let auth_token = headers.get(actix_web::http::header::AUTHORIZATION);
|
||||
|
|
@ -21,3 +21,13 @@ pub fn get_auth_header(headers: &HeaderMap) -> Result<&str, HttpResponse> {
|
|||
|
||||
Ok(auth_value.unwrap())
|
||||
}
|
||||
|
||||
pub fn refresh_token_cookie(refresh_token: String) -> Cookie<'static> {
|
||||
Cookie::build("refresh_token", refresh_token)
|
||||
.http_only(true)
|
||||
.secure(true)
|
||||
.same_site(SameSite::None)
|
||||
.path("/api")
|
||||
.max_age(Duration::days(30))
|
||||
.finish()
|
||||
}
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue