fix: revert changes to access_token made during refactor
All checks were successful
ci/woodpecker/push/build-and-publish Pipeline was successful
All checks were successful
ci/woodpecker/push/build-and-publish Pipeline was successful
This commit is contained in:
parent
d2fec66ddb
commit
9bf435b535
6 changed files with 25 additions and 59 deletions
|
|
@ -14,12 +14,13 @@ use diesel::{ExpressionMethods, QueryDsl, dsl::insert_into};
|
|||
use diesel_async::RunQueryDsl;
|
||||
use serde::Deserialize;
|
||||
|
||||
use super::Response;
|
||||
use crate::{
|
||||
AppState,
|
||||
error::Error,
|
||||
schema::*,
|
||||
utils::{
|
||||
PASSWORD_REGEX, generate_token, new_access_token_cookie, new_refresh_token_cookie,
|
||||
PASSWORD_REGEX, generate_token, new_refresh_token_cookie,
|
||||
user_uuid_from_identifier,
|
||||
},
|
||||
};
|
||||
|
|
@ -93,7 +94,7 @@ pub async fn response(
|
|||
.execute(&mut conn)
|
||||
.await?;
|
||||
|
||||
let mut response = StatusCode::OK.into_response();
|
||||
let mut response = (StatusCode::OK, Json(Response { access_token })).into_response();
|
||||
|
||||
response.headers_mut().append(
|
||||
"Set-Cookie",
|
||||
|
|
@ -102,12 +103,5 @@ pub async fn response(
|
|||
)?,
|
||||
);
|
||||
|
||||
response.headers_mut().append(
|
||||
"Set-Cookie",
|
||||
HeaderValue::from_str(
|
||||
&new_access_token_cookie(access_token).to_string(),
|
||||
)?,
|
||||
);
|
||||
|
||||
Ok(response)
|
||||
}
|
||||
|
|
|
|||
|
|
@ -9,6 +9,7 @@ use axum::{
|
|||
};
|
||||
use diesel::{ExpressionMethods, QueryDsl};
|
||||
use diesel_async::RunQueryDsl;
|
||||
use serde::Serialize;
|
||||
use uuid::Uuid;
|
||||
|
||||
use crate::{AppState, Conn, error::Error, schema::access_tokens::dsl};
|
||||
|
|
@ -22,6 +23,13 @@ mod reset_password;
|
|||
mod revoke;
|
||||
mod verify_email;
|
||||
|
||||
|
||||
#[derive(Serialize)]
|
||||
pub struct Response {
|
||||
access_token: String,
|
||||
}
|
||||
|
||||
|
||||
pub fn router() -> Router<Arc<AppState>> {
|
||||
Router::new()
|
||||
.route("/register", post(register::post))
|
||||
|
|
|
|||
|
|
@ -1,7 +1,7 @@
|
|||
use axum::{
|
||||
extract::State,
|
||||
http::{HeaderValue, StatusCode},
|
||||
response::IntoResponse,
|
||||
response::IntoResponse, Json,
|
||||
};
|
||||
use axum_extra::extract::CookieJar;
|
||||
use diesel::{ExpressionMethods, QueryDsl, delete, update};
|
||||
|
|
@ -12,6 +12,7 @@ use std::{
|
|||
time::{SystemTime, UNIX_EPOCH},
|
||||
};
|
||||
|
||||
use super::Response;
|
||||
use crate::{
|
||||
AppState,
|
||||
error::Error,
|
||||
|
|
@ -19,7 +20,7 @@ use crate::{
|
|||
access_tokens::{self, dsl},
|
||||
refresh_tokens::{self, dsl as rdsl},
|
||||
},
|
||||
utils::{generate_token, new_access_token_cookie, new_refresh_token_cookie},
|
||||
utils::{generate_token, new_refresh_token_cookie},
|
||||
};
|
||||
|
||||
pub async fn post(
|
||||
|
|
@ -33,9 +34,7 @@ pub async fn post(
|
|||
))?
|
||||
.to_owned();
|
||||
|
||||
let access_token_cookie = jar.get("access_token");
|
||||
|
||||
let refresh_token = String::from(refresh_token_cookie.value_trimmed());
|
||||
let mut refresh_token = String::from(refresh_token_cookie.value_trimmed());
|
||||
|
||||
let current_time = SystemTime::now().duration_since(UNIX_EPOCH)?.as_secs() as i64;
|
||||
|
||||
|
|
@ -66,21 +65,11 @@ pub async fn post(
|
|||
HeaderValue::from_str(&refresh_token_cookie.to_string())?,
|
||||
);
|
||||
|
||||
if let Some(cookie) = access_token_cookie {
|
||||
let mut cookie = cookie.clone();
|
||||
cookie.make_removal();
|
||||
response
|
||||
.headers_mut()
|
||||
.append("Set-Cookie", HeaderValue::from_str(&cookie.to_string())?);
|
||||
}
|
||||
|
||||
return Ok(response);
|
||||
}
|
||||
|
||||
let current_time = SystemTime::now().duration_since(UNIX_EPOCH)?.as_secs() as i64;
|
||||
|
||||
let mut response = StatusCode::OK.into_response();
|
||||
|
||||
if lifetime > 1987200 {
|
||||
let new_refresh_token = generate_token::<32>()?;
|
||||
|
||||
|
|
@ -94,13 +83,7 @@ pub async fn post(
|
|||
.await
|
||||
{
|
||||
Ok(_) => {
|
||||
response.headers_mut().append(
|
||||
"Set-Cookie",
|
||||
HeaderValue::from_str(
|
||||
&new_refresh_token_cookie(&app_state.config, new_refresh_token)
|
||||
.to_string(),
|
||||
)?,
|
||||
);
|
||||
refresh_token = new_refresh_token;
|
||||
}
|
||||
Err(error) => {
|
||||
error!("{error}");
|
||||
|
|
@ -119,14 +102,17 @@ pub async fn post(
|
|||
.execute(&mut conn)
|
||||
.await?;
|
||||
|
||||
let mut response = (StatusCode::OK, Json(Response { access_token })).into_response();
|
||||
|
||||
// TODO: Dont set this when refresh token is unchanged
|
||||
response.headers_mut().append(
|
||||
"Set-Cookie",
|
||||
HeaderValue::from_str(
|
||||
&new_access_token_cookie(access_token).to_string(),
|
||||
&new_refresh_token_cookie(&app_state.config, refresh_token).to_string(),
|
||||
)?,
|
||||
);
|
||||
|
||||
|
||||
return Ok(response);
|
||||
}
|
||||
|
||||
|
|
@ -138,13 +124,5 @@ pub async fn post(
|
|||
HeaderValue::from_str(&refresh_token_cookie.to_string())?,
|
||||
);
|
||||
|
||||
if let Some(cookie) = access_token_cookie {
|
||||
let mut cookie = cookie.clone();
|
||||
cookie.make_removal();
|
||||
response
|
||||
.headers_mut()
|
||||
.append("Set-Cookie", HeaderValue::from_str(&cookie.to_string())?);
|
||||
}
|
||||
|
||||
Ok(response)
|
||||
}
|
||||
|
|
|
|||
|
|
@ -18,6 +18,7 @@ use diesel_async::RunQueryDsl;
|
|||
use serde::{Deserialize, Serialize};
|
||||
use uuid::Uuid;
|
||||
|
||||
use super::Response;
|
||||
use crate::{
|
||||
AppState,
|
||||
error::Error,
|
||||
|
|
@ -28,7 +29,7 @@ use crate::{
|
|||
users::{self, dsl as udsl},
|
||||
},
|
||||
utils::{
|
||||
EMAIL_REGEX, PASSWORD_REGEX, USERNAME_REGEX, generate_token, new_access_token_cookie,
|
||||
EMAIL_REGEX, PASSWORD_REGEX, USERNAME_REGEX, generate_token,
|
||||
new_refresh_token_cookie,
|
||||
},
|
||||
};
|
||||
|
|
@ -160,7 +161,7 @@ pub async fn post(
|
|||
Member::new(&app_state, uuid, initial_guild).await?;
|
||||
}
|
||||
|
||||
let mut response = StatusCode::OK.into_response();
|
||||
let mut response = (StatusCode::OK, Json(Response {access_token})).into_response();
|
||||
|
||||
response.headers_mut().append(
|
||||
"Set-Cookie",
|
||||
|
|
@ -168,12 +169,6 @@ pub async fn post(
|
|||
&new_refresh_token_cookie(&app_state.config, refresh_token).to_string(),
|
||||
)?,
|
||||
);
|
||||
response.headers_mut().append(
|
||||
"Set-Cookie",
|
||||
HeaderValue::from_str(
|
||||
&new_access_token_cookie(access_token).to_string(),
|
||||
)?,
|
||||
);
|
||||
|
||||
return Ok(response);
|
||||
}
|
||||
|
|
|
|||
|
|
@ -7,7 +7,7 @@ use error::Error;
|
|||
use objects::MailClient;
|
||||
use socketioxide::SocketIo;
|
||||
use std::{sync::Arc, time::SystemTime};
|
||||
use tower_http::cors::{AllowHeaders, AllowMethods, AllowOrigin, CorsLayer};
|
||||
use tower_http::cors::{AllowOrigin, CorsLayer};
|
||||
mod config;
|
||||
use config::{Config, ConfigBuilder};
|
||||
use diesel_migrations::{EmbeddedMigrations, MigrationHarness, embed_migrations};
|
||||
|
|
|
|||
|
|
@ -43,15 +43,6 @@ pub fn new_refresh_token_cookie(config: &Config, refresh_token: String) -> Cooki
|
|||
.build()
|
||||
}
|
||||
|
||||
pub fn new_access_token_cookie<'cookie>(access_token: String) -> Cookie<'cookie> {
|
||||
Cookie::build(("access_token", access_token))
|
||||
.http_only(false)
|
||||
.secure(true)
|
||||
.same_site(SameSite::None)
|
||||
.max_age(Duration::hours(1))
|
||||
.build()
|
||||
}
|
||||
|
||||
pub fn generate_token<const N: usize>() -> Result<String, getrandom::Error> {
|
||||
let mut buf = [0u8; N];
|
||||
fill(&mut buf)?;
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue