Radical
9bf435b535
All checks were successful
ci/woodpecker/push/build-and-publish Pipeline was successful
70 lines
1.8 KiB
Rust
70 lines
1.8 KiB
Rust
use std::{
|
|
sync::Arc,
|
|
time::{SystemTime, UNIX_EPOCH},
|
|
};
|
|
|
|
use axum::{
|
|
Router,
|
|
routing::{delete, get, post},
|
|
};
|
|
use diesel::{ExpressionMethods, QueryDsl};
|
|
use diesel_async::RunQueryDsl;
|
|
use serde::Serialize;
|
|
use uuid::Uuid;
|
|
|
|
use crate::{AppState, Conn, error::Error, schema::access_tokens::dsl};
|
|
|
|
mod devices;
|
|
mod login;
|
|
mod logout;
|
|
mod refresh;
|
|
mod register;
|
|
mod reset_password;
|
|
mod revoke;
|
|
mod verify_email;
|
|
|
|
|
|
#[derive(Serialize)]
|
|
pub struct Response {
|
|
access_token: String,
|
|
}
|
|
|
|
|
|
pub fn router() -> Router<Arc<AppState>> {
|
|
Router::new()
|
|
.route("/register", post(register::post))
|
|
.route("/login", post(login::response))
|
|
.route("/logout", delete(logout::res))
|
|
.route("/refresh", post(refresh::post))
|
|
.route("/revoke", post(revoke::post))
|
|
.route("/verify-email", get(verify_email::get))
|
|
.route("/verify-email", post(verify_email::post))
|
|
.route("/reset-password", get(reset_password::get))
|
|
.route("/reset-password", post(reset_password::post))
|
|
.route("/devices", get(devices::get))
|
|
}
|
|
|
|
pub async fn check_access_token(access_token: &str, conn: &mut Conn) -> Result<Uuid, Error> {
|
|
let (uuid, created_at): (Uuid, i64) = dsl::access_tokens
|
|
.filter(dsl::token.eq(access_token))
|
|
.select((dsl::uuid, dsl::created_at))
|
|
.get_result(conn)
|
|
.await
|
|
.map_err(|error| {
|
|
if error == diesel::result::Error::NotFound {
|
|
Error::Unauthorized("Invalid access token".to_string())
|
|
} else {
|
|
Error::from(error)
|
|
}
|
|
})?;
|
|
|
|
let current_time = SystemTime::now().duration_since(UNIX_EPOCH)?.as_secs() as i64;
|
|
|
|
let lifetime = current_time - created_at;
|
|
|
|
if lifetime > 3600 {
|
|
return Err(Error::Unauthorized("Invalid access token".to_string()));
|
|
}
|
|
|
|
Ok(uuid)
|
|
}
|