pierre/BasicOIDC
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Improve redirect URI management

Browse Source
This commit is contained in:
Pierre HUBERT
2022-04-19 19:30:14 +02:00
parent ce7118ff81
commit 806a085c97
7 changed files with 27 additions and 26 deletions
Download Patch File Download Diff File Expand all files Collapse all files

34
src/controllers/login_controller.rs
View File

@ -8,44 +8,44 @@ use crate::actors::bruteforce_actor::BruteForceActor;
use crate::actors::users_actor::{ChangePasswordResult, LoginResult, UsersActor};
use crate::constants::{APP_NAME, MAX_FAILED_LOGIN_ATTEMPTS, MIN_PASS_LEN};
use crate::controllers::base_controller::{FatalErrorPage, redirect_user, redirect_user_for_login};
use crate::data::login_redirect_query::LoginRedirectQuery;
use crate::data::login_redirect::LoginRedirect;
use crate::data::remote_ip::RemoteIP;
use crate::data::session_identity::{SessionIdentity, SessionStatus};
use crate::data::user::{FactorID, TwoFactor, User};
struct BaseLoginPage {
struct BaseLoginPage<'a> {
danger: Option<String>,
success: Option<String>,
page_title: &'static str,
app_name: &'static str,
redirect_uri: String,
redirect_uri: &'a LoginRedirect,
}
#[derive(Template)]
#[template(path = "login/login.html")]
struct LoginTemplate {
_p: BaseLoginPage,
struct LoginTemplate<'a> {
_p: BaseLoginPage<'a>,
login: String,
}
#[derive(Template)]
#[template(path = "login/password_reset.html")]
struct PasswordResetTemplate {
_p: BaseLoginPage,
struct PasswordResetTemplate<'a> {
_p: BaseLoginPage<'a>,
min_pass_len: usize,
}
#[derive(Template)]
#[template(path = "login/choose_second_factor.html")]
struct ChooseSecondFactorTemplate<'a> {
_p: BaseLoginPage,
_p: BaseLoginPage<'a>,
factors: &'a [TwoFactor],
}
#[derive(Template)]
#[template(path = "login/opt_input.html")]
struct LoginWithOTPTemplate<'a> {
_p: BaseLoginPage,
_p: BaseLoginPage<'a>,
factor: &'a TwoFactor,
}
@ -60,7 +60,7 @@ pub struct LoginRequestBody {
pub struct LoginRequestQuery {
logout: Option<bool>,
#[serde(default)]
redirect: LoginRedirectQuery,
redirect: LoginRedirect,
}
/// Authenticate user
@ -155,7 +155,7 @@ pub async fn login_route(
danger,
success,
app_name: APP_NAME,
redirect_uri: query.redirect.get_encoded(),
redirect_uri: &query.redirect,
},
login,
}
@ -177,7 +177,7 @@ pub struct ChangePasswordRequestBody {
#[derive(serde::Deserialize)]
pub struct PasswordResetQuery {
#[serde(default)]
redirect: LoginRedirectQuery,
redirect: LoginRedirect,
}
/// Reset user password route
@ -220,7 +220,7 @@ pub async fn reset_password_route(id: Identity, query: web::Query<PasswordResetQ
danger,
success: None,
app_name: APP_NAME,
redirect_uri: query.redirect.get_encoded(),
redirect_uri: &query.redirect,
},
min_pass_len: MIN_PASS_LEN,
}
@ -232,7 +232,7 @@ pub async fn reset_password_route(id: Identity, query: web::Query<PasswordResetQ
#[derive(serde::Deserialize)]
pub struct ChooseSecondFactorQuery {
#[serde(default)]
redirect: LoginRedirectQuery,
redirect: LoginRedirect,
}
@ -253,7 +253,7 @@ pub async fn choose_2fa_method(id: Identity, query: web::Query<ChooseSecondFacto
danger: None,
success: None,
app_name: APP_NAME,
redirect_uri: query.redirect.get_encoded(),
redirect_uri: &query.redirect,
},
factors: &user.two_factor,
}
@ -265,7 +265,7 @@ pub async fn choose_2fa_method(id: Identity, query: web::Query<ChooseSecondFacto
#[derive(serde::Deserialize)]
pub struct LoginWithOTPQuery {
#[serde(default)]
redirect: LoginRedirectQuery,
redirect: LoginRedirect,
id: FactorID,
}
@ -292,7 +292,7 @@ pub async fn login_with_otp(id: Identity, query: web::Query<LoginWithOTPQuery>,
success: None,
page_title: "Two-Factor Auth",
app_name: APP_NAME,
redirect_uri: query.redirect.get_encoded(),
redirect_uri: &query.redirect,
},
factor,
}.render().unwrap())