Refactor code

2022-07-22 14:28:44 +02:00
parent 07542abf8b
commit 24240ca4fd
3 changed files with 13 additions and 10 deletions
--- a/src/controllers/login_controller.rs
+++ b/src/controllers/login_controller.rs
@@ -132,17 +132,16 @@ pub async fn login_route(

        match response {
            LoginResult::Success(user) => {
-                SessionIdentity(id.as_ref()).set_user(&http_req, &user);
-
-                return if user.need_reset_password {
-                    SessionIdentity(id.as_ref()).set_status(&http_req, SessionStatus::NeedNewPassword);
-                    redirect_user(&format!("/reset_password?redirect={}", query.redirect.get_encoded()))
+                let status = if user.need_reset_password {
+                    SessionStatus::NeedNewPassword
                } else if user.has_two_factor() {
-                    SessionIdentity(id.as_ref()).set_status(&http_req, SessionStatus::Need2FA);
-                    redirect_user(&format!("/2fa_auth?redirect={}", query.redirect.get_encoded()))
+                    SessionStatus::Need2FA
                } else {
-                    redirect_user(query.redirect.get())
+                    SessionStatus::SignedIn
                };
+
+                SessionIdentity(id.as_ref()).set_user(&http_req, &user, status);
+                redirect_user(query.redirect.get());
            }

            LoginResult::AccountDisabled => {
@@ -262,6 +261,7 @@ pub async fn choose_2fa_method(id: Option<Identity>, query: web::Query<ChooseSec

    // Automatically choose factor if there is only one factor
    if user.two_factor.len() == 1 && !query.force_display {
+        log::trace!("User has only one factor, using it by default");
        return redirect_user(&user.two_factor[0].login_url(&query.redirect));
    }

--- a/src/data/session_identity.rs
+++ b/src/data/session_identity.rs
@@ -70,12 +70,12 @@ impl<'a> SessionIdentity<'a> {
        log::debug!("Did set user session data.");
    }

-    pub fn set_user(&self, req: &HttpRequest, user: &User) {
+    pub fn set_user(&self, req: &HttpRequest, user: &User, status: SessionStatus) {
        self.set_session_data(req, &SessionIdentityData {
            id: Some(user.uid.clone()),
            is_admin: user.admin,
            auth_time: time(),
-            status: SessionStatus::SignedIn,
+            status,
        });
    }

--- a/src/middlewares/auth_middleware.rs
+++ b/src/middlewares/auth_middleware.rs
@@ -137,6 +137,9 @@ impl<S, B> Service<ServiceRequest> for AuthInnerMiddleware<S>
                && (req.path().starts_with(ADMIN_ROUTES)
                || req.path().starts_with(AUTHENTICATED_ROUTES) || req.path().eq(AUTHORIZE_URI))
            {
+                log::debug!("Redirect unauthenticated user from {} to authorization route.",
+                    req.path());
+
                let path = req.uri().to_string();
                return Ok(req
                    .into_response(redirect_user_for_login(path))