gorb/backend
4
0
Fork 1
Code Issues 1 Pull requests 1 Projects Releases Packages 1 Wiki Activity Actions
backend/src/api/v1/auth/refresh.rs
Radical 407460d2aa
All checks were successful
ci/woodpecker/push/build-and-publish Pipeline was successful
Details
ci/woodpecker/push/publish-docs Pipeline was successful
Details
style: use const generic for token length instead of multiple functions 
Simplifies codebase a bit and avoids having to add another function in future if we need another length of token
2025-06-25 13:25:39 +02:00

99 lines
2.9 KiB
Rust
Raw Blame History

use actix_web::{HttpRequest, HttpResponse, post, web};
use diesel::{ExpressionMethods, QueryDsl, delete, update};
use diesel_async::RunQueryDsl;
use log::error;
use std::time::{SystemTime, UNIX_EPOCH};
use crate::{
Data,
error::Error,
schema::{
access_tokens::{self, dsl},
refresh_tokens::{self, dsl as rdsl},
},
utils::{generate_token, new_refresh_token_cookie},
};
use super::Response;
#[post("/refresh")]
pub async fn res(req: HttpRequest, data: web::Data<Data>) -> Result<HttpResponse, Error> {
let mut refresh_token_cookie = req.cookie("refresh_token").ok_or(Error::Unauthorized(
"request has no refresh token".to_string(),
))?;
let mut refresh_token = String::from(refresh_token_cookie.value());
let current_time = SystemTime::now().duration_since(UNIX_EPOCH)?.as_secs() as i64;
let mut conn = data.pool.get().await?;
if let Ok(created_at) = rdsl::refresh_tokens
.filter(rdsl::token.eq(&refresh_token))
.select(rdsl::created_at)
.get_result::<i64>(&mut conn)
.await
{
let lifetime = current_time - created_at;
if lifetime > 2592000 {
if let Err(error) = delete(refresh_tokens::table)
.filter(rdsl::token.eq(&refresh_token))
.execute(&mut conn)
.await
{
error!("{}", error);
}
refresh_token_cookie.make_removal();
return Ok(HttpResponse::Unauthorized()
.cookie(refresh_token_cookie)
.finish());
}
let current_time = SystemTime::now().duration_since(UNIX_EPOCH)?.as_secs() as i64;
if lifetime > 1987200 {
let new_refresh_token = generate_token::<32>()?;
match update(refresh_tokens::table)
.filter(rdsl::token.eq(&refresh_token))
.set((
rdsl::token.eq(&new_refresh_token),
rdsl::created_at.eq(current_time),
))
.execute(&mut conn)
.await
{
Ok(_) => {
refresh_token = new_refresh_token;
}
Err(error) => {
error!("{}", error);
}
}
}
let access_token = generate_token::<16>()?;
update(access_tokens::table)
.filter(dsl::refresh_token.eq(&refresh_token))
.set((
dsl::token.eq(&access_token),
dsl::created_at.eq(current_time),
))
.execute(&mut conn)
.await?;
return Ok(HttpResponse::Ok()
.cookie(new_refresh_token_cookie(&data.config, refresh_token))
.json(Response { access_token }));
}
refresh_token_cookie.make_removal();
Ok(HttpResponse::Unauthorized()
.cookie(refresh_token_cookie)
.finish())
}
Reference in a new issue View git blame Copy permalink