Check if user is authorized to access an application before authenticating him
This commit is contained in:
parent
b10215ae9c
commit
5633aae029
@ -28,7 +28,7 @@ pub struct Session {
|
|||||||
|
|
||||||
impl Session {
|
impl Session {
|
||||||
pub fn is_expired(&self) -> bool {
|
pub fn is_expired(&self) -> bool {
|
||||||
self.code_expire_on < time() || self.token_expire_at < time()
|
self.code_expire_on < time() && self.token_expire_at < time()
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -111,7 +111,11 @@ pub async fn authorize(user: CurrentUser, query: web::Query<AuthorizeQuery>,
|
|||||||
(_, _) => None
|
(_, _) => None
|
||||||
};
|
};
|
||||||
|
|
||||||
// TODO : Check if user is authorized to access the application
|
// Check if user is authorized to access the application
|
||||||
|
if !user.can_access_app(&client.id) {
|
||||||
|
return error_redirect(&query, "invalid_request",
|
||||||
|
"User is not authorized to access this application!");
|
||||||
|
}
|
||||||
|
|
||||||
// Save all authentication information in memory
|
// Save all authentication information in memory
|
||||||
let session = Session {
|
let session = Session {
|
||||||
|
Loading…
Reference in New Issue
Block a user