pierre/BasicOIDC
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Need to perform 2FA before modifying factors

Browse Source
This commit is contained in:
Pierre HUBERT
2024-03-27 19:26:07 +01:00
parent 8d739c6f72
commit 9a79ef701b
9 changed files with 107 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

32
src/data/critical_route.rs Normal file
View File

@@ -0,0 +1,32 @@
use crate::data::current_user::CurrentUser;
use crate::data::from_request_redirect::FromRequestRedirect;
use crate::data::login_redirect::{get_2fa_url, LoginRedirect};
use actix_web::dev::Payload;
use actix_web::{FromRequest, HttpRequest};
use std::future::Future;
use std::pin::Pin;
pub struct CriticalRoute;
impl FromRequest for CriticalRoute {
type Error = FromRequestRedirect;
type Future = Pin<Box<dyn Future<Output = Result<Self, Self::Error>>>>;
fn from_request(req: &HttpRequest, _: &mut Payload) -> Self::Future {
let req = req.clone();
Box::pin(async move {
let current_user = CurrentUser::from_request(&req, &mut Payload::None)
.await
.expect("Failed to extract user identity!");
if current_user.should_request_2fa_for_critical_function() {
let url = get_2fa_url(&LoginRedirect::from_req(&req), true);
return Err(FromRequestRedirect::new(url));
}
Ok(Self)
})
}
}