Do not consider as valid sessions that are not completely signed in

This commit is contained in:
Pierre HUBERT 2022-04-03 14:46:58 +02:00
parent 123dc519af
commit 9f5fdd65ab

View File

@ -11,7 +11,7 @@ use askama::Template;
use crate::constants::{ADMIN_ROUTES, AUTHENTICATED_ROUTES};
use crate::controllers::base_controller::redirect_user_for_login;
use crate::data::session_identity::{SessionIdentity, SessionIdentityData};
use crate::data::session_identity::{SessionIdentity, SessionIdentityData, SessionStatus};
// There are two steps in middleware processing.
// 1. Middleware initialization, middleware factory gets called with
@ -40,19 +40,19 @@ impl<S, B> Transform<S, ServiceRequest> for AuthMiddleware
}
#[derive(Debug)]
enum SessionStatus {
enum ConnStatus {
SignedOut,
RegularUser,
Admin,
}
impl SessionStatus {
impl ConnStatus {
pub fn is_auth(&self) -> bool {
!matches!(self, SessionStatus::SignedOut)
!matches!(self, ConnStatus::SignedOut)
}
pub fn is_admin(&self) -> bool {
matches!(self, SessionStatus::Admin)
matches!(self, ConnStatus::Admin)
}
}
@ -92,9 +92,9 @@ impl<S, B> Service<ServiceRequest> for AuthInnerMiddleware<S>
}
let identity = match SessionIdentity::deserialize_session_data(req.get_identity()) {
None => SessionStatus::SignedOut,
Some(SessionIdentityData { is_admin: true, .. }) => SessionStatus::Admin,
_ => SessionStatus::RegularUser,
Some(SessionIdentityData { status: SessionStatus::SignedIn, is_admin: true, .. }) => ConnStatus::Admin,
Some(SessionIdentityData { status: SessionStatus::SignedIn, .. }) => ConnStatus::RegularUser,
_ => ConnStatus::SignedOut,
};
// Redirect user to login page