gorb/backend
5
0
Fork 1
Code Issues 14 Pull requests Projects Releases Packages 1 Wiki Activity Actions

fix: revert changes to access_token made during refactor
All checks were successful
ci/woodpecker/push/build-and-publish Pipeline was successful
Details

Browse source
This commit is contained in:
Radical 2025-07-19 23:39:56 +02:00
parent d2fec66ddb
commit 9bf435b535
6 changed files with 25 additions and 59 deletions
Download patch file Download diff file Expand all files Collapse all files

12
src/api/v1/auth/login.rs
View file

@ -14,12 +14,13 @@ use diesel::{ExpressionMethods, QueryDsl, dsl::insert_into};
use diesel_async::RunQueryDsl; use diesel_async::RunQueryDsl;
use serde::Deserialize; use serde::Deserialize;
use super::Response;
use crate::{ use crate::{
AppState, AppState,
error::Error, error::Error,
schema::*, schema::*,
utils::{ utils::{
PASSWORD_REGEX, generate_token, new_access_token_cookie, new_refresh_token_cookie, PASSWORD_REGEX, generate_token, new_refresh_token_cookie,
user_uuid_from_identifier, user_uuid_from_identifier,
}, },
}; };
@ -93,7 +94,7 @@ pub async fn response(
.execute(&mut conn) .execute(&mut conn)
.await?; .await?;
let mut response = StatusCode::OK.into_response(); let mut response = (StatusCode::OK, Json(Response { access_token })).into_response();
response.headers_mut().append( response.headers_mut().append(
"Set-Cookie", "Set-Cookie",
@ -102,12 +103,5 @@ pub async fn response(
)?, )?,
); );
response.headers_mut().append(
"Set-Cookie",
HeaderValue::from_str(
&new_access_token_cookie(access_token).to_string(),
)?,
);
Ok(response) Ok(response)
} }

8
src/api/v1/auth/mod.rs
View file

@ -9,6 +9,7 @@ use axum::{
}; };
use diesel::{ExpressionMethods, QueryDsl}; use diesel::{ExpressionMethods, QueryDsl};
use diesel_async::RunQueryDsl; use diesel_async::RunQueryDsl;
use serde::Serialize;
use uuid::Uuid; use uuid::Uuid;
use crate::{AppState, Conn, error::Error, schema::access_tokens::dsl}; use crate::{AppState, Conn, error::Error, schema::access_tokens::dsl};
@ -22,6 +23,13 @@ mod reset_password;
mod revoke; mod revoke;
mod verify_email; mod verify_email;
#[derive(Serialize)]
pub struct Response {
access_token: String,
}
pub fn router() -> Router<Arc<AppState>> { pub fn router() -> Router<Arc<AppState>> {
Router::new() Router::new()
.route("/register", post(register::post)) .route("/register", post(register::post))

40
src/api/v1/auth/refresh.rs
View file

@ -1,7 +1,7 @@
use axum::{ use axum::{
extract::State, extract::State,
http::{HeaderValue, StatusCode}, http::{HeaderValue, StatusCode},
response::IntoResponse, response::IntoResponse, Json,
}; };
use axum_extra::extract::CookieJar; use axum_extra::extract::CookieJar;
use diesel::{ExpressionMethods, QueryDsl, delete, update}; use diesel::{ExpressionMethods, QueryDsl, delete, update};
@ -12,6 +12,7 @@ use std::{
time::{SystemTime, UNIX_EPOCH}, time::{SystemTime, UNIX_EPOCH},
}; };
use super::Response;
use crate::{ use crate::{
AppState, AppState,
error::Error, error::Error,
@ -19,7 +20,7 @@ use crate::{
access_tokens::{self, dsl}, access_tokens::{self, dsl},
refresh_tokens::{self, dsl as rdsl}, refresh_tokens::{self, dsl as rdsl},
}, },
utils::{generate_token, new_access_token_cookie, new_refresh_token_cookie}, utils::{generate_token, new_refresh_token_cookie},
}; };
pub async fn post( pub async fn post(
@ -33,9 +34,7 @@ pub async fn post(
))? ))?
.to_owned(); .to_owned();
let access_token_cookie = jar.get("access_token"); let mut refresh_token = String::from(refresh_token_cookie.value_trimmed());
let refresh_token = String::from(refresh_token_cookie.value_trimmed());
let current_time = SystemTime::now().duration_since(UNIX_EPOCH)?.as_secs() as i64; let current_time = SystemTime::now().duration_since(UNIX_EPOCH)?.as_secs() as i64;
@ -66,21 +65,11 @@ pub async fn post(
HeaderValue::from_str(&refresh_token_cookie.to_string())?, HeaderValue::from_str(&refresh_token_cookie.to_string())?,
); );
if let Some(cookie) = access_token_cookie {
let mut cookie = cookie.clone();
cookie.make_removal();
response
.headers_mut()
.append("Set-Cookie", HeaderValue::from_str(&cookie.to_string())?);
}
return Ok(response); return Ok(response);
} }
let current_time = SystemTime::now().duration_since(UNIX_EPOCH)?.as_secs() as i64; let current_time = SystemTime::now().duration_since(UNIX_EPOCH)?.as_secs() as i64;
let mut response = StatusCode::OK.into_response();
if lifetime > 1987200 { if lifetime > 1987200 {
let new_refresh_token = generate_token::<32>()?; let new_refresh_token = generate_token::<32>()?;
@ -94,13 +83,7 @@ pub async fn post(
.await .await
{ {
Ok(_) => { Ok(_) => {
response.headers_mut().append( refresh_token = new_refresh_token;
"Set-Cookie",
HeaderValue::from_str(
&new_refresh_token_cookie(&app_state.config, new_refresh_token)
.to_string(),
)?,
);
} }
Err(error) => { Err(error) => {
error!("{error}"); error!("{error}");
@ -119,14 +102,17 @@ pub async fn post(
.execute(&mut conn) .execute(&mut conn)
.await?; .await?;
let mut response = (StatusCode::OK, Json(Response { access_token })).into_response();
// TODO: Dont set this when refresh token is unchanged
response.headers_mut().append( response.headers_mut().append(
"Set-Cookie", "Set-Cookie",
HeaderValue::from_str( HeaderValue::from_str(
&new_access_token_cookie(access_token).to_string(), &new_refresh_token_cookie(&app_state.config, refresh_token).to_string(),
)?, )?,
); );
return Ok(response); return Ok(response);
} }
@ -138,13 +124,5 @@ pub async fn post(
HeaderValue::from_str(&refresh_token_cookie.to_string())?, HeaderValue::from_str(&refresh_token_cookie.to_string())?,
); );
if let Some(cookie) = access_token_cookie {
let mut cookie = cookie.clone();
cookie.make_removal();
response
.headers_mut()
.append("Set-Cookie", HeaderValue::from_str(&cookie.to_string())?);
}
Ok(response) Ok(response)
} }

11
src/api/v1/auth/register.rs
View file

@ -18,6 +18,7 @@ use diesel_async::RunQueryDsl;
use serde::{Deserialize, Serialize}; use serde::{Deserialize, Serialize};
use uuid::Uuid; use uuid::Uuid;
use super::Response;
use crate::{ use crate::{
AppState, AppState,
error::Error, error::Error,
@ -28,7 +29,7 @@ use crate::{
users::{self, dsl as udsl}, users::{self, dsl as udsl},
}, },
utils::{ utils::{
EMAIL_REGEX, PASSWORD_REGEX, USERNAME_REGEX, generate_token, new_access_token_cookie, EMAIL_REGEX, PASSWORD_REGEX, USERNAME_REGEX, generate_token,
new_refresh_token_cookie, new_refresh_token_cookie,
}, },
}; };
@ -160,7 +161,7 @@ pub async fn post(
Member::new(&app_state, uuid, initial_guild).await?; Member::new(&app_state, uuid, initial_guild).await?;
} }
let mut response = StatusCode::OK.into_response(); let mut response = (StatusCode::OK, Json(Response {access_token})).into_response();
response.headers_mut().append( response.headers_mut().append(
"Set-Cookie", "Set-Cookie",
@ -168,12 +169,6 @@ pub async fn post(
&new_refresh_token_cookie(&app_state.config, refresh_token).to_string(), &new_refresh_token_cookie(&app_state.config, refresh_token).to_string(),
)?, )?,
); );
response.headers_mut().append(
"Set-Cookie",
HeaderValue::from_str(
&new_access_token_cookie(access_token).to_string(),
)?,
);
return Ok(response); return Ok(response);
} }

2
src/main.rs
View file

@ -7,7 +7,7 @@ use error::Error;
use objects::MailClient; use objects::MailClient;
use socketioxide::SocketIo; use socketioxide::SocketIo;
use std::{sync::Arc, time::SystemTime}; use std::{sync::Arc, time::SystemTime};
use tower_http::cors::{AllowHeaders, AllowMethods, AllowOrigin, CorsLayer}; use tower_http::cors::{AllowOrigin, CorsLayer};
mod config; mod config;
use config::{Config, ConfigBuilder}; use config::{Config, ConfigBuilder};
use diesel_migrations::{EmbeddedMigrations, MigrationHarness, embed_migrations}; use diesel_migrations::{EmbeddedMigrations, MigrationHarness, embed_migrations};

9
src/utils.rs
View file

@ -43,15 +43,6 @@ pub fn new_refresh_token_cookie(config: &Config, refresh_token: String) -> Cooki
.build() .build()
} }
pub fn new_access_token_cookie<'cookie>(access_token: String) -> Cookie<'cookie> {
Cookie::build(("access_token", access_token))
.http_only(false)
.secure(true)
.same_site(SameSite::None)
.max_age(Duration::hours(1))
.build()
}
pub fn generate_token<const N: usize>() -> Result<String, getrandom::Error> { pub fn generate_token<const N: usize>() -> Result<String, getrandom::Error> {
let mut buf = [0u8; N]; let mut buf = [0u8; N];
fill(&mut buf)?; fill(&mut buf)?;