Record successful 2FA authentication in session cookie

src/data/session_identity.rs

@@ -24,6 +24,7 @@ pub struct SessionIdentityData {
     pub id: Option<UserID>,
     pub is_admin: bool,
     pub auth_time: u64,
+    pub last_2fa_auth: Option<u64>,
     pub status: SessionStatus,
 }
 
@@ -75,6 +76,7 @@ impl<'a> SessionIdentity<'a> {
             &SessionIdentityData {
                 id: Some(user.uid.clone()),
                 is_admin: user.admin,
+                last_2fa_auth: None,
                 auth_time: time(),
                 status,
             },
@@ -87,6 +89,12 @@ impl<'a> SessionIdentity<'a> {
         self.set_session_data(req, &sess);
     }
 
+    pub fn record_2fa_auth(&self, req: &HttpRequest) {
+        let mut sess = self.get_session_data().unwrap_or_default();
+        sess.last_2fa_auth = Some(time());
+        self.set_session_data(req, &sess);
+    }
+
     pub fn is_authenticated(&self) -> bool {
         self.get_session_data()
             .map(|s| s.status == SessionStatus::SignedIn)
@@ -119,4 +127,8 @@ impl<'a> SessionIdentity<'a> {
     pub fn auth_time(&self) -> u64 {
         self.get_session_data().unwrap_or_default().auth_time
     }
+
+    pub fn last_2fa_auth(&self) -> Option<u64> {
+        self.get_session_data().unwrap_or_default().last_2fa_auth
+    }
 }