pierre/BasicOIDC
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Fix issue for unauthenticated users
All checks were successful
continuous-integration/drone/push Build is passing
Details

Browse Source
This commit is contained in:
Pierre HUBERT 2024-03-26 21:50:37 +01:00
parent 3a7e2d01f0
commit 771cbc0888
1 changed files with 12 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
src/data/force_2fa_auth.rs
View File

@ -1,4 +1,6 @@
use crate::data::current_user::CurrentUser; use crate::data::current_user::CurrentUser;
use crate::data::session_identity::SessionIdentity;
use actix_identity::Identity;
use actix_web::dev::Payload; use actix_web::dev::Payload;
use actix_web::{web, Error, FromRequest, HttpRequest}; use actix_web::{web, Error, FromRequest, HttpRequest};
use std::future::Future; use std::future::Future;
@ -18,14 +20,19 @@ impl FromRequest for Force2FAAuth {
type Error = Error; type Error = Error;
type Future = Pin<Box<dyn Future<Output = Result<Self, Self::Error>>>>; type Future = Pin<Box<dyn Future<Output = Result<Self, Self::Error>>>>;
fn from_request(req: &HttpRequest, payload: &mut Payload) -> Self::Future { fn from_request(req: &HttpRequest, _: &mut Payload) -> Self::Future {
let req = req.clone(); let req = req.clone();
let query = web::Query::<Force2FAAuthQuery>::from_request(&req, payload)
.into_inner()
.unwrap();
Box::pin(async move { Box::pin(async move {
// It is impossible to force authentication for an unauthenticated user
let identity: Option<&Identity> = req.conn_data();
if !SessionIdentity(identity).is_authenticated() {
return Ok(Self { force: false });
}
let query = web::Query::<Force2FAAuthQuery>::from_request(&req, &mut Payload::None)
.into_inner()?;
let user = CurrentUser::from_request(&req, &mut Payload::None).await?; let user = CurrentUser::from_request(&req, &mut Payload::None).await?;
Ok(Self { Ok(Self {