forked from gorb/backend
68 lines
1.8 KiB
Rust
68 lines
1.8 KiB
Rust
use std::{
|
|
str::FromStr,
|
|
sync::LazyLock,
|
|
time::{SystemTime, UNIX_EPOCH},
|
|
};
|
|
|
|
use actix_web::{HttpResponse, Scope, web};
|
|
use log::error;
|
|
use regex::Regex;
|
|
use sqlx::Postgres;
|
|
use uuid::Uuid;
|
|
|
|
mod login;
|
|
mod refresh;
|
|
mod register;
|
|
mod revoke;
|
|
|
|
static EMAIL_REGEX: LazyLock<Regex> = LazyLock::new(|| {
|
|
Regex::new(r"[-A-Za-z0-9!#$%&'*+/=?^_`{|}~]+(?:\.[-A-Za-z0-9!#$%&'*+/=?^_`{|}~]+)*@(?:[A-Za-z0-9](?:[-A-Za-z0-9]*[A-Za-z0-9])?\.)+[A-Za-z0-9](?:[-A-Za-z0-9]*[A-Za-z0-9])?").unwrap()
|
|
});
|
|
|
|
// FIXME: This regex doesnt seem to be working
|
|
static USERNAME_REGEX: LazyLock<Regex> = LazyLock::new(|| Regex::new(r"[a-zA-Z0-9.-_]").unwrap());
|
|
|
|
// Password is expected to be hashed using SHA3-384
|
|
static PASSWORD_REGEX: LazyLock<Regex> = LazyLock::new(|| Regex::new(r"[0-9a-f]{96}").unwrap());
|
|
|
|
pub fn web() -> Scope {
|
|
web::scope("/auth")
|
|
.service(register::res)
|
|
.service(login::response)
|
|
.service(refresh::res)
|
|
.service(revoke::res)
|
|
}
|
|
|
|
pub async fn check_access_token(
|
|
access_token: String,
|
|
pool: &sqlx::Pool<Postgres>,
|
|
) -> Result<Uuid, HttpResponse> {
|
|
match sqlx::query_as(
|
|
"SELECT CAST(uuid as VARCHAR), created FROM access_tokens WHERE token = $1",
|
|
)
|
|
.bind(&access_token)
|
|
.fetch_one(pool)
|
|
.await
|
|
{
|
|
Ok(row) => {
|
|
let (uuid, created): (String, i64) = row;
|
|
|
|
let current_time = SystemTime::now()
|
|
.duration_since(UNIX_EPOCH)
|
|
.unwrap()
|
|
.as_secs() as i64;
|
|
|
|
let lifetime = current_time - created;
|
|
|
|
if lifetime > 3600 {
|
|
return Err(HttpResponse::Unauthorized().finish());
|
|
}
|
|
|
|
Ok(Uuid::from_str(&uuid).unwrap())
|
|
}
|
|
Err(error) => {
|
|
error!("{}", error);
|
|
Err(HttpResponse::InternalServerError().finish())
|
|
}
|
|
}
|
|
}
|