rename auth module to session
This commit is contained in:
parent
3edf10edd9
commit
dedb732b2f
4 changed files with 59 additions and 48 deletions
|
@ -1,15 +1,14 @@
|
||||||
//pub mod dns;
|
|
||||||
pub mod auth;
|
|
||||||
pub mod class;
|
pub mod class;
|
||||||
pub mod errors;
|
pub mod errors;
|
||||||
pub mod name;
|
pub mod name;
|
||||||
pub mod rdata;
|
pub mod rdata;
|
||||||
pub mod record;
|
pub mod record;
|
||||||
|
pub mod session;
|
||||||
pub mod user;
|
pub mod user;
|
||||||
pub mod zone;
|
pub mod zone;
|
||||||
|
|
||||||
// Reexport types for convenience
|
// Reexport types for convenience
|
||||||
pub use auth::{AuthTokenRequest, Session};
|
pub use session::{AuthTokenRequest, Session};
|
||||||
pub use class::DNSClass;
|
pub use class::DNSClass;
|
||||||
pub use errors::{UserError, ErrorResponse, make_500};
|
pub use errors::{UserError, ErrorResponse, make_500};
|
||||||
pub use name::{AbsoluteName, SerdeName};
|
pub use name::{AbsoluteName, SerdeName};
|
||||||
|
|
|
@ -7,10 +7,17 @@ use diesel::prelude::*;
|
||||||
use rand::Rng;
|
use rand::Rng;
|
||||||
use rand::rngs::OsRng;
|
use rand::rngs::OsRng;
|
||||||
use rand::distributions::Alphanumeric;
|
use rand::distributions::Alphanumeric;
|
||||||
|
use rocket::request::{FromRequest, Request, Outcome};
|
||||||
|
use rocket::outcome::try_outcome;
|
||||||
|
|
||||||
use crate::models::user::UserInfo;
|
|
||||||
use crate::schema::*;
|
use crate::schema::*;
|
||||||
use crate::models::errors::UserError;
|
use crate::DbConn;
|
||||||
|
use crate::models::user::UserInfo;
|
||||||
|
use crate::models::errors::{UserError, ErrorResponse, make_500};
|
||||||
|
|
||||||
|
const BEARER: &str = "Bearer ";
|
||||||
|
const AUTH_HEADER: &str = "Authorization";
|
||||||
|
pub const COOKIE_NAME: &str = "session_id";
|
||||||
|
|
||||||
|
|
||||||
#[derive(Debug, Deserialize)]
|
#[derive(Debug, Deserialize)]
|
||||||
|
@ -75,4 +82,49 @@ impl Session {
|
||||||
Ok(user_session)
|
Ok(user_session)
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
fn get_token_from_header<'r>(request: &'r Request<'_>) -> Outcome<String, ErrorResponse> {
|
||||||
|
let auth_header = match request.headers().get_one(AUTH_HEADER) {
|
||||||
|
None => return Outcome::Forward(()),
|
||||||
|
Some(auth_header) => auth_header,
|
||||||
|
};
|
||||||
|
|
||||||
|
let token = if auth_header.starts_with(BEARER) {
|
||||||
|
auth_header.trim_start_matches(BEARER).to_string()
|
||||||
|
} else {
|
||||||
|
return ErrorResponse::from(UserError::MalformedHeader).into();
|
||||||
|
};
|
||||||
|
|
||||||
|
Outcome::Success(token)
|
||||||
|
}
|
||||||
|
|
||||||
|
fn get_token_from_cookie<'r>(request: &'r Request<'_>) -> Outcome<String, ErrorResponse> {
|
||||||
|
match request.cookies().get(COOKIE_NAME) {
|
||||||
|
None => Outcome::Forward(()),
|
||||||
|
Some(session_cookie) => Outcome::Success(session_cookie.value().to_string()),
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
#[rocket::async_trait]
|
||||||
|
impl<'r> FromRequest<'r> for Session {
|
||||||
|
type Error = ErrorResponse;
|
||||||
|
|
||||||
|
async fn from_request(request: &'r Request<'_>) -> Outcome<Self, Self::Error> {
|
||||||
|
let token = try_outcome!(
|
||||||
|
Session::get_token_from_header(request)
|
||||||
|
.forward_then(|_| Session::get_token_from_cookie(request))
|
||||||
|
);
|
||||||
|
|
||||||
|
let conn = try_outcome!(request.guard::<DbConn>().await.map_failure(make_500));
|
||||||
|
|
||||||
|
conn.run(move |c| {
|
||||||
|
match Session::from_session_id(c, &token) {
|
||||||
|
Err(e) => ErrorResponse::from(e).into(),
|
||||||
|
Ok(s) => Outcome::Success(s),
|
||||||
|
}
|
||||||
|
}).await
|
||||||
|
}
|
||||||
}
|
}
|
|
@ -16,12 +16,7 @@ use crate::DbConn;
|
||||||
|
|
||||||
use crate::models::errors::{UserError, ErrorResponse, make_500};
|
use crate::models::errors::{UserError, ErrorResponse, make_500};
|
||||||
use crate::models::zone::Zone;
|
use crate::models::zone::Zone;
|
||||||
use crate::models::auth::Session;
|
use crate::models::session::Session;
|
||||||
|
|
||||||
|
|
||||||
const BEARER: &str = "Bearer ";
|
|
||||||
const AUTH_HEADER: &str = "Authorization";
|
|
||||||
pub const COOKIE_NAME: &str = "session_id";
|
|
||||||
|
|
||||||
|
|
||||||
#[derive(Debug, DbEnum, Deserialize, Clone)]
|
#[derive(Debug, DbEnum, Deserialize, Clone)]
|
||||||
|
@ -115,49 +110,14 @@ impl UserInfo {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
fn get_token_from_header<'r>(request: &'r Request<'_>) -> Outcome<String, ErrorResponse> {
|
|
||||||
let auth_header = match request.headers().get_one(AUTH_HEADER) {
|
|
||||||
None => return Outcome::Forward(()),
|
|
||||||
Some(auth_header) => auth_header,
|
|
||||||
};
|
|
||||||
|
|
||||||
let token = if auth_header.starts_with(BEARER) {
|
|
||||||
auth_header.trim_start_matches(BEARER).to_string()
|
|
||||||
} else {
|
|
||||||
return ErrorResponse::from(UserError::MalformedHeader).into();
|
|
||||||
};
|
|
||||||
|
|
||||||
Outcome::Success(token)
|
|
||||||
}
|
|
||||||
|
|
||||||
fn get_token_from_cookie<'r>(request: &'r Request<'_>) -> Outcome<String, ErrorResponse> {
|
|
||||||
match request.cookies().get(COOKIE_NAME) {
|
|
||||||
None => Outcome::Forward(()),
|
|
||||||
Some(session_cookie) => Outcome::Success(session_cookie.value().to_string()),
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
#[rocket::async_trait]
|
#[rocket::async_trait]
|
||||||
impl<'r> FromRequest<'r> for UserInfo {
|
impl<'r> FromRequest<'r> for UserInfo {
|
||||||
type Error = ErrorResponse;
|
type Error = ErrorResponse;
|
||||||
|
|
||||||
async fn from_request(request: &'r Request<'_>) -> Outcome<Self, Self::Error> {
|
async fn from_request(request: &'r Request<'_>) -> Outcome<Self, Self::Error> {
|
||||||
let token = try_outcome!(
|
let session = try_outcome!(request.guard::<Session>().await.map_failure(make_500));
|
||||||
get_token_from_header(request)
|
|
||||||
.forward_then(|_| get_token_from_cookie(request))
|
|
||||||
);
|
|
||||||
|
|
||||||
let conn = try_outcome!(request.guard::<DbConn>().await.map_failure(make_500));
|
let conn = try_outcome!(request.guard::<DbConn>().await.map_failure(make_500));
|
||||||
|
|
||||||
let session_res = conn.run(move |c| {
|
|
||||||
Session::from_session_id(c, &token)
|
|
||||||
}).await;
|
|
||||||
|
|
||||||
let session = match session_res {
|
|
||||||
Err(e) => return ErrorResponse::from(e).into(),
|
|
||||||
Ok(s) => s,
|
|
||||||
};
|
|
||||||
|
|
||||||
conn.run(move |c| {
|
conn.run(move |c| {
|
||||||
match LocalUser::get_user_by_uuid(c, &session.user_id) {
|
match LocalUser::get_user_by_uuid(c, &session.user_id) {
|
||||||
Err(e) => ErrorResponse::from(e).into(),
|
Err(e) => ErrorResponse::from(e).into(),
|
||||||
|
|
|
@ -33,7 +33,7 @@ pub async fn create_auth_token(
|
||||||
// About unwrap: I guess too bad if session time is over year 9999 (current max time if time-rs)
|
// About unwrap: I guess too bad if session time is over year 9999 (current max time if time-rs)
|
||||||
let expires = time::OffsetDateTime::from_unix_timestamp(session.expires_at.timestamp()).unwrap();
|
let expires = time::OffsetDateTime::from_unix_timestamp(session.expires_at.timestamp()).unwrap();
|
||||||
|
|
||||||
let session_cookie = Cookie::build(models::user::COOKIE_NAME, session.session_id.clone())
|
let session_cookie = Cookie::build(models::session::COOKIE_NAME, session.session_id.clone())
|
||||||
.same_site(SameSite::Strict)
|
.same_site(SameSite::Strict)
|
||||||
.secure(true)
|
.secure(true)
|
||||||
.http_only(true)
|
.http_only(true)
|
||||||
|
|
Loading…
Reference in a new issue