diff options
Diffstat (limited to 'crates/auth/src/server')
| -rw-r--r-- | crates/auth/src/server/csrf_token_validation.rs | 11 | ||||
| -rw-r--r-- | crates/auth/src/server/routes.rs | 2 | ||||
| -rw-r--r-- | crates/auth/src/server/routes/authorised.rs | 11 | ||||
| -rw-r--r-- | crates/auth/src/server/routes/discord/discord_auth.rs | 3 |
4 files changed, 8 insertions, 19 deletions
diff --git a/crates/auth/src/server/csrf_token_validation.rs b/crates/auth/src/server/csrf_token_validation.rs index c9a627c..94424c8 100644 --- a/crates/auth/src/server/csrf_token_validation.rs +++ b/crates/auth/src/server/csrf_token_validation.rs @@ -1,23 +1,14 @@ use anyhow::{Context, anyhow}; -use axum_extra::headers; use oauth2::CsrfToken; -use time::OffsetDateTime; use tower_sessions::{CachingSessionStore, SessionStore, session::Id}; use tower_sessions_moka_store::MokaStore; use tower_sessions_sqlx_store::PostgresStore; use crate::{ error::AppError, - server::{COOKIE_NAME, CSRF_TOKEN, routes::authorised::AuthRequest}, - state::AppHandle, + server::{CSRF_TOKEN, routes::authorised::AuthRequest}, }; -pub struct Session { - id: String, - expires_at: OffsetDateTime, - user_id: String, -} - pub async fn csrf_token_validation_workflow( auth_request: &AuthRequest, store: &CachingSessionStore<MokaStore, PostgresStore>, diff --git a/crates/auth/src/server/routes.rs b/crates/auth/src/server/routes.rs index 7a25e70..1ab012c 100644 --- a/crates/auth/src/server/routes.rs +++ b/crates/auth/src/server/routes.rs @@ -34,7 +34,7 @@ mod tests { #[sqlx::test] async fn health_check(pool: PgPool) { let services = Services { postgres: pool }; - let state = AppState::create(services, &test_config()).await.unwrap(); + let (state, _) = AppState::create(services, &test_config()).await.unwrap(); let app = server::router(state); let response = app diff --git a/crates/auth/src/server/routes/authorised.rs b/crates/auth/src/server/routes/authorised.rs index 42bbde2..d493db5 100644 --- a/crates/auth/src/server/routes/authorised.rs +++ b/crates/auth/src/server/routes/authorised.rs @@ -43,7 +43,7 @@ struct User { const SESSION_COOKIE: &str = "info"; const SESSION_DATA_KEY: &str = "data"; -async fn login_authorized( +pub async fn login_authorised( Query(query): Query<AuthRequest>, State(state): State<AppHandle>, TypedHeader(cookies): TypedHeader<headers::Cookie>, @@ -52,8 +52,7 @@ async fn login_authorized( cookies .get(OAUTH_CSRF_COOKIE) .context("missing session cookie")?, - ) - .unwrap(); + )?; csrf_token_validation_workflow(&query, &state.session_store, oauth_session_id).await?; let client = state.http_client.clone(); @@ -65,7 +64,7 @@ async fn login_authorized( .exchange_code(AuthorizationCode::new(query.code.clone())) .request_async(&client) .await - .context("failed in sending request request to authorization server")?; + .context("failed in sending request request to authorisation server")?; let user_data: User = client // https://discord.com/developers/docs/resources/user#get-current-user @@ -76,7 +75,7 @@ async fn login_authorized( .context("failed in sending request to target Url")? .json::<User>() .await - .context("failed to deserialize response as JSON")?; + .context("failed to deserialise response as JSON")?; // Create a new session filled with user data let session_id = Id(i128::from_le_bytes(uuid::Uuid::new_v4().to_bytes_le())); @@ -92,7 +91,7 @@ async fn login_authorized( + Duration::from_secs(state.local_config.oauth.session_lifespan), }) .await - .context("failed in inserting serialized value into session")?; + .context("failed in inserting serialised value into session")?; // Store session and get corresponding cookie. let cookie = format!("{SESSION_COOKIE}={session_id}; SameSite=Lax; HttpOnly; Secure; Path=/"); diff --git a/crates/auth/src/server/routes/discord/discord_auth.rs b/crates/auth/src/server/routes/discord/discord_auth.rs index 5257a33..a45de86 100644 --- a/crates/auth/src/server/routes/discord/discord_auth.rs +++ b/crates/auth/src/server/routes/discord/discord_auth.rs @@ -43,8 +43,7 @@ pub async fn discord_auth(State(state): State<AppHandle>) -> Result<impl IntoRes + Duration::from_secs(state.local_config.oauth.session_lifespan), }) .await - .unwrap(); - // .context("failed in inserting CSRF token into session")?; + .context("failed in inserting CSRF token into session")?; // Attach the session cookie to the response header let cookie = |