summaryrefslogtreecommitdiffstats
path: root/crates/auth/src/server
diff options
context:
space:
mode:
authorrtkay123 <dev@kanjala.com>2025-07-23 19:27:32 +0200
committerrtkay123 <dev@kanjala.com>2025-07-23 19:27:32 +0200
commit521c4e32e63ec20094df128c17d24e8e1dcb17c0 (patch)
tree2e4a945a9b279b097c385f689585d2d5fb10f3b6 /crates/auth/src/server
parent579883b66bceefe7b50157401bccbf66a6c5d58e (diff)
downloadsellershut-521c4e32e63ec20094df128c17d24e8e1dcb17c0.tar.bz2
sellershut-521c4e32e63ec20094df128c17d24e8e1dcb17c0.zip
feat(auth): redirect uri
Diffstat (limited to 'crates/auth/src/server')
-rw-r--r--crates/auth/src/server/csrf_token_validation.rs11
-rw-r--r--crates/auth/src/server/routes.rs2
-rw-r--r--crates/auth/src/server/routes/authorised.rs11
-rw-r--r--crates/auth/src/server/routes/discord/discord_auth.rs3
4 files changed, 8 insertions, 19 deletions
diff --git a/crates/auth/src/server/csrf_token_validation.rs b/crates/auth/src/server/csrf_token_validation.rs
index c9a627c..94424c8 100644
--- a/crates/auth/src/server/csrf_token_validation.rs
+++ b/crates/auth/src/server/csrf_token_validation.rs
@@ -1,23 +1,14 @@
use anyhow::{Context, anyhow};
-use axum_extra::headers;
use oauth2::CsrfToken;
-use time::OffsetDateTime;
use tower_sessions::{CachingSessionStore, SessionStore, session::Id};
use tower_sessions_moka_store::MokaStore;
use tower_sessions_sqlx_store::PostgresStore;
use crate::{
error::AppError,
- server::{COOKIE_NAME, CSRF_TOKEN, routes::authorised::AuthRequest},
- state::AppHandle,
+ server::{CSRF_TOKEN, routes::authorised::AuthRequest},
};
-pub struct Session {
- id: String,
- expires_at: OffsetDateTime,
- user_id: String,
-}
-
pub async fn csrf_token_validation_workflow(
auth_request: &AuthRequest,
store: &CachingSessionStore<MokaStore, PostgresStore>,
diff --git a/crates/auth/src/server/routes.rs b/crates/auth/src/server/routes.rs
index 7a25e70..1ab012c 100644
--- a/crates/auth/src/server/routes.rs
+++ b/crates/auth/src/server/routes.rs
@@ -34,7 +34,7 @@ mod tests {
#[sqlx::test]
async fn health_check(pool: PgPool) {
let services = Services { postgres: pool };
- let state = AppState::create(services, &test_config()).await.unwrap();
+ let (state, _) = AppState::create(services, &test_config()).await.unwrap();
let app = server::router(state);
let response = app
diff --git a/crates/auth/src/server/routes/authorised.rs b/crates/auth/src/server/routes/authorised.rs
index 42bbde2..d493db5 100644
--- a/crates/auth/src/server/routes/authorised.rs
+++ b/crates/auth/src/server/routes/authorised.rs
@@ -43,7 +43,7 @@ struct User {
const SESSION_COOKIE: &str = "info";
const SESSION_DATA_KEY: &str = "data";
-async fn login_authorized(
+pub async fn login_authorised(
Query(query): Query<AuthRequest>,
State(state): State<AppHandle>,
TypedHeader(cookies): TypedHeader<headers::Cookie>,
@@ -52,8 +52,7 @@ async fn login_authorized(
cookies
.get(OAUTH_CSRF_COOKIE)
.context("missing session cookie")?,
- )
- .unwrap();
+ )?;
csrf_token_validation_workflow(&query, &state.session_store, oauth_session_id).await?;
let client = state.http_client.clone();
@@ -65,7 +64,7 @@ async fn login_authorized(
.exchange_code(AuthorizationCode::new(query.code.clone()))
.request_async(&client)
.await
- .context("failed in sending request request to authorization server")?;
+ .context("failed in sending request request to authorisation server")?;
let user_data: User = client
// https://discord.com/developers/docs/resources/user#get-current-user
@@ -76,7 +75,7 @@ async fn login_authorized(
.context("failed in sending request to target Url")?
.json::<User>()
.await
- .context("failed to deserialize response as JSON")?;
+ .context("failed to deserialise response as JSON")?;
// Create a new session filled with user data
let session_id = Id(i128::from_le_bytes(uuid::Uuid::new_v4().to_bytes_le()));
@@ -92,7 +91,7 @@ async fn login_authorized(
+ Duration::from_secs(state.local_config.oauth.session_lifespan),
})
.await
- .context("failed in inserting serialized value into session")?;
+ .context("failed in inserting serialised value into session")?;
// Store session and get corresponding cookie.
let cookie = format!("{SESSION_COOKIE}={session_id}; SameSite=Lax; HttpOnly; Secure; Path=/");
diff --git a/crates/auth/src/server/routes/discord/discord_auth.rs b/crates/auth/src/server/routes/discord/discord_auth.rs
index 5257a33..a45de86 100644
--- a/crates/auth/src/server/routes/discord/discord_auth.rs
+++ b/crates/auth/src/server/routes/discord/discord_auth.rs
@@ -43,8 +43,7 @@ pub async fn discord_auth(State(state): State<AppHandle>) -> Result<impl IntoRes
+ Duration::from_secs(state.local_config.oauth.session_lifespan),
})
.await
- .unwrap();
- // .context("failed in inserting CSRF token into session")?;
+ .context("failed in inserting CSRF token into session")?;
// Attach the session cookie to the response header
let cookie =
generated by cgit v1.2.3 (git 2.39.1) at 2025-08-14 21:04:36 +0000