gorb/backend
4
0
Fork 0
Code Issues 4 Pull requests 1 Projects Releases Packages 1 Wiki Activity Actions

Compare commits

base: gorb:f12f81d584982144a94db396450e2cdbe938d8a5
Branches Tags
gorb:main
gorb:wip/messaging
gorb:wip/messaging-test
...
compare: gorb:0f897dc0c6235d57776ee85aaeee028730273d22
Branches Tags
gorb:wip/messaging
gorb:main
gorb:wip/messaging-test

2 commits
f12f81d584 ... 0f897dc0c6

Author SHA1 Message Date
Radical
0f897dc0c6 feat: return refresh_token in cookie 2025-05-04 22:13:28 +02:00
Radical
ebb4286c08 refactor: move api to /api 
serve api under /api
 2025-05-04 22:13:05 +02:00
7 changed files with 44 additions and 37 deletions
Download patch file Download diff file Expand all files Collapse all files

13
src/api/mod.rs
View file

@ -1,2 +1,11 @@
pub mod v1; use actix_web::Scope;
pub mod versions; use actix_web::web;
mod v1;
mod versions;
pub fn web() -> Scope {
web::scope("/api")
.service(v1::web())
.service(versions::res)
}

19
src/api/v1/auth/login.rs
View file

@ -1,17 +1,17 @@
use std::time::{SystemTime, UNIX_EPOCH}; use std::time::{SystemTime, UNIX_EPOCH};
use actix_web::{Error, HttpResponse, error, post, web}; use actix_web::{error, post, web, Error, HttpResponse};
use argon2::{PasswordHash, PasswordVerifier}; use argon2::{PasswordHash, PasswordVerifier};
use futures::StreamExt; use futures::StreamExt;
use log::error; use log::error;
use serde::{Deserialize, Serialize}; use serde::Deserialize;
use crate::{ use crate::{
Data, api::v1::auth::{EMAIL_REGEX, PASSWORD_REGEX, USERNAME_REGEX}, crypto::{generate_access_token, generate_refresh_token}, utils::refresh_token_cookie, Data
api::v1::auth::{EMAIL_REGEX, PASSWORD_REGEX, USERNAME_REGEX},
crypto::{generate_access_token, generate_refresh_token},
}; };
use super::Response;
#[derive(Deserialize)] #[derive(Deserialize)]
struct LoginInformation { struct LoginInformation {
username: String, username: String,
@ -19,12 +19,6 @@ struct LoginInformation {
device_name: String, device_name: String,
} }
#[derive(Serialize)]
pub struct Response {
pub access_token: String,
pub refresh_token: String,
}
const MAX_SIZE: usize = 262_144; const MAX_SIZE: usize = 262_144;
#[post("/login")] #[post("/login")]
@ -187,8 +181,7 @@ async fn login(
return HttpResponse::InternalServerError().finish() return HttpResponse::InternalServerError().finish()
} }
HttpResponse::Ok().json(Response { HttpResponse::Ok().cookie(refresh_token_cookie(refresh_token)).json(Response {
access_token, access_token,
refresh_token,
}) })
} }

6
src/api/v1/auth/mod.rs
View file

@ -7,6 +7,7 @@ use std::{
use actix_web::{HttpResponse, Scope, web}; use actix_web::{HttpResponse, Scope, web};
use log::error; use log::error;
use regex::Regex; use regex::Regex;
use serde::Serialize;
use sqlx::Postgres; use sqlx::Postgres;
use uuid::Uuid; use uuid::Uuid;
@ -15,6 +16,11 @@ mod refresh;
mod register; mod register;
mod revoke; mod revoke;
#[derive(Serialize)]
struct Response {
access_token: String,
}
static EMAIL_REGEX: LazyLock<Regex> = LazyLock::new(|| { static EMAIL_REGEX: LazyLock<Regex> = LazyLock::new(|| {
Regex::new(r"[-A-Za-z0-9!#$%&'*+/=?^_`{|}~]+(?:\.[-A-Za-z0-9!#$%&'*+/=?^_`{|}~]+)*@(?:[A-Za-z0-9](?:[-A-Za-z0-9]*[A-Za-z0-9])?\.)+[A-Za-z0-9](?:[-A-Za-z0-9]*[A-Za-z0-9])?").unwrap() Regex::new(r"[-A-Za-z0-9!#$%&'*+/=?^_`{|}~]+(?:\.[-A-Za-z0-9!#$%&'*+/=?^_`{|}~]+)*@(?:[A-Za-z0-9](?:[-A-Za-z0-9]*[A-Za-z0-9])?\.)+[A-Za-z0-9](?:[-A-Za-z0-9]*[A-Za-z0-9])?").unwrap()
}); });

19
src/api/v1/auth/refresh.rs
View file

@ -1,28 +1,22 @@
use actix_web::{post, web, Error, HttpRequest, HttpResponse}; use actix_web::{post, web, Error, HttpRequest, HttpResponse};
use log::error; use log::error;
use serde::Serialize;
use std::time::{SystemTime, UNIX_EPOCH}; use std::time::{SystemTime, UNIX_EPOCH};
use crate::{ use crate::{
Data, crypto::{generate_access_token, generate_refresh_token}, utils::refresh_token_cookie, Data
crypto::{generate_access_token, generate_refresh_token},
}; };
#[derive(Serialize)] use super::Response;
struct Response {
refresh_token: String,
access_token: String,
}
#[post("/refresh")] #[post("/refresh")]
pub async fn res(req: HttpRequest, data: web::Data<Data>) -> Result<HttpResponse, Error> { pub async fn res(req: HttpRequest, data: web::Data<Data>) -> Result<HttpResponse, Error> {
let refresh_token_cookie = req.cookie("refresh_token"); let recv_refresh_token_cookie = req.cookie("refresh_token");
if let None = refresh_token_cookie { if let None = recv_refresh_token_cookie {
return Ok(HttpResponse::Unauthorized().finish()) return Ok(HttpResponse::Unauthorized().finish())
} }
let mut refresh_token = String::from(refresh_token_cookie.unwrap().value()); let mut refresh_token = String::from(recv_refresh_token_cookie.unwrap().value());
let current_time = SystemTime::now() let current_time = SystemTime::now()
.duration_since(UNIX_EPOCH) .duration_since(UNIX_EPOCH)
@ -101,8 +95,7 @@ pub async fn res(req: HttpRequest, data: web::Data<Data>) -> Result<HttpResponse
return Ok(HttpResponse::InternalServerError().finish()) return Ok(HttpResponse::InternalServerError().finish())
} }
return Ok(HttpResponse::Ok().json(Response { return Ok(HttpResponse::Ok().cookie(refresh_token_cookie(refresh_token)).json(Response {
refresh_token,
access_token, access_token,
})); }));
} }

9
src/api/v1/auth/register.rs
View file

@ -10,11 +10,9 @@ use log::error;
use serde::{Deserialize, Serialize}; use serde::{Deserialize, Serialize};
use uuid::Uuid; use uuid::Uuid;
use super::login::Response; use super::Response;
use crate::{ use crate::{
Data, api::v1::auth::{EMAIL_REGEX, PASSWORD_REGEX, USERNAME_REGEX}, crypto::{generate_access_token, generate_refresh_token}, utils::refresh_token_cookie, Data
api::v1::auth::{EMAIL_REGEX, PASSWORD_REGEX, USERNAME_REGEX},
crypto::{generate_access_token, generate_refresh_token},
}; };
#[derive(Deserialize)] #[derive(Deserialize)]
@ -159,9 +157,8 @@ pub async fn res(mut payload: web::Payload, data: web::Data<Data>) -> Result<Htt
return Ok(HttpResponse::InternalServerError().finish()) return Ok(HttpResponse::InternalServerError().finish())
} }
HttpResponse::Ok().json(Response { HttpResponse::Ok().cookie(refresh_token_cookie(refresh_token)).json(Response {
access_token, access_token,
refresh_token,
}) })
} }
Err(error) => { Err(error) => {

3
src/main.rs
View file

@ -89,8 +89,7 @@ async fn main() -> Result<(), Error> {
HttpServer::new(move || { HttpServer::new(move || {
App::new() App::new()
.app_data(web::Data::new(data.clone())) .app_data(web::Data::new(data.clone()))
.service(api::versions::res) .service(api::web())
.service(api::v1::web())
}) })
.bind((web.url, web.port))? .bind((web.url, web.port))?
.run() .run()

12
src/utils.rs
View file

@ -1,4 +1,4 @@
use actix_web::{HttpResponse, http::header::HeaderMap}; use actix_web::{cookie::{time::Duration, Cookie, SameSite}, http::header::HeaderMap, HttpResponse};
pub fn get_auth_header(headers: &HeaderMap) -> Result<&str, HttpResponse> { pub fn get_auth_header(headers: &HeaderMap) -> Result<&str, HttpResponse> {
let auth_token = headers.get(actix_web::http::header::AUTHORIZATION); let auth_token = headers.get(actix_web::http::header::AUTHORIZATION);
@ -21,3 +21,13 @@ pub fn get_auth_header(headers: &HeaderMap) -> Result<&str, HttpResponse> {
Ok(auth_value.unwrap()) Ok(auth_value.unwrap())
} }
pub fn refresh_token_cookie(refresh_token: String) -> Cookie<'static> {
Cookie::build("refresh_token", refresh_token)
.http_only(true)
.secure(true)
.same_site(SameSite::None)
.path("/api")
.max_age(Duration::days(30))
.finish()
}