Check if user is authorized to access an application before authenticating him

This commit is contained in:
Pierre HUBERT 2022-04-09 12:24:03 +02:00
parent b10215ae9c
commit 5633aae029
2 changed files with 6 additions and 2 deletions

View File

@ -28,7 +28,7 @@ pub struct Session {
impl Session { impl Session {
pub fn is_expired(&self) -> bool { pub fn is_expired(&self) -> bool {
self.code_expire_on < time() || self.token_expire_at < time() self.code_expire_on < time() && self.token_expire_at < time()
} }
} }

View File

@ -111,7 +111,11 @@ pub async fn authorize(user: CurrentUser, query: web::Query<AuthorizeQuery>,
(_, _) => None (_, _) => None
}; };
// TODO : Check if user is authorized to access the application // Check if user is authorized to access the application
if !user.can_access_app(&client.id) {
return error_redirect(&query, "invalid_request",
"User is not authorized to access this application!");
}
// Save all authentication information in memory // Save all authentication information in memory
let session = Session { let session = Session {