Delegate session lifetime to actix-identity crate

This commit is contained in:
2022-04-02 17:17:54 +02:00
parent cb4daa1112
commit 9e72e6a044
4 changed files with 15 additions and 43 deletions

View File

@ -1,11 +1,13 @@
use actix::Actor;
use actix_identity::{CookieIdentityPolicy, IdentityService};
use actix_web::{App, get, HttpServer, web};
use actix_web::cookie::SameSite;
use actix_web::cookie::time::Duration;
use actix_web::middleware::Logger;
use clap::Parser;
use basic_oidc::actors::users_actor::UsersActor;
use basic_oidc::constants::{DEFAULT_ADMIN_PASSWORD, DEFAULT_ADMIN_USERNAME, SESSION_COOKIE_NAME};
use basic_oidc::constants::{DEFAULT_ADMIN_PASSWORD, DEFAULT_ADMIN_USERNAME, MAX_INACTIVITY_DURATION, MAX_SESSION_DURATION, SESSION_COOKIE_NAME};
use basic_oidc::controllers::assets_controller::assets_route;
use basic_oidc::controllers::login_controller::{login_route, logout_route};
use basic_oidc::data::app_config::AppConfig;
@ -64,7 +66,10 @@ async fn main() -> std::io::Result<()> {
HttpServer::new(move || {
let policy = CookieIdentityPolicy::new(config.token_key.as_bytes())
.name(SESSION_COOKIE_NAME)
.secure(config.secure_auth_cookie);
.secure(config.secure_auth_cookie)
.visit_deadline(Duration::seconds(MAX_INACTIVITY_DURATION))
.login_deadline(Duration::seconds(MAX_SESSION_DURATION))
.same_site(SameSite::Strict);
App::new()