pierre/BasicOIDC
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Update actix-identity to version 0.5.2 #27

Merged
pierre merged 5 commits from actix_identity into master 2022-07-22 12:45:45 +00:00
Conversation 0 Commits 5 Files Changed 10 +13 -10
3 changed files with 13 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files
Showing only changes of commit 24240ca4fd - Show all commits

16
src/controllers/login_controller.rs
View File

@ -132,17 +132,16 @@ pub async fn login_route(
match response { match response {
LoginResult::Success(user) => { LoginResult::Success(user) => {
SessionIdentity(id.as_ref()).set_user(&http_req, &user); let status = if user.need_reset_password {
SessionStatus::NeedNewPassword
return if user.need_reset_password {
SessionIdentity(id.as_ref()).set_status(&http_req, SessionStatus::NeedNewPassword);
redirect_user(&format!("/reset_password?redirect={}", query.redirect.get_encoded()))
} else if user.has_two_factor() { } else if user.has_two_factor() {
SessionIdentity(id.as_ref()).set_status(&http_req, SessionStatus::Need2FA); SessionStatus::Need2FA
redirect_user(&format!("/2fa_auth?redirect={}", query.redirect.get_encoded()))
} else { } else {
redirect_user(query.redirect.get()) SessionStatus::SignedIn
}; };
SessionIdentity(id.as_ref()).set_user(&http_req, &user, status);
redirect_user(query.redirect.get());
} }
LoginResult::AccountDisabled => { LoginResult::AccountDisabled => {
@ -262,6 +261,7 @@ pub async fn choose_2fa_method(id: Option<Identity>, query: web::Query<ChooseSec
// Automatically choose factor if there is only one factor // Automatically choose factor if there is only one factor
if user.two_factor.len() == 1 && !query.force_display { if user.two_factor.len() == 1 && !query.force_display {
log::trace!("User has only one factor, using it by default");
return redirect_user(&user.two_factor[0].login_url(&query.redirect)); return redirect_user(&user.two_factor[0].login_url(&query.redirect));
} }

4
src/data/session_identity.rs
View File

@ -70,12 +70,12 @@ impl<'a> SessionIdentity<'a> {
log::debug!("Did set user session data."); log::debug!("Did set user session data.");
} }
pub fn set_user(&self, req: &HttpRequest, user: &User) { pub fn set_user(&self, req: &HttpRequest, user: &User, status: SessionStatus) {
self.set_session_data(req, &SessionIdentityData { self.set_session_data(req, &SessionIdentityData {
id: Some(user.uid.clone()), id: Some(user.uid.clone()),
is_admin: user.admin, is_admin: user.admin,
auth_time: time(), auth_time: time(),
status: SessionStatus::SignedIn, status,
}); });
} }

3
src/middlewares/auth_middleware.rs
View File

@ -137,6 +137,9 @@ impl<S, B> Service<ServiceRequest> for AuthInnerMiddleware<S>
&& (req.path().starts_with(ADMIN_ROUTES) && (req.path().starts_with(ADMIN_ROUTES)
|| req.path().starts_with(AUTHENTICATED_ROUTES) || req.path().eq(AUTHORIZE_URI)) || req.path().starts_with(AUTHENTICATED_ROUTES) || req.path().eq(AUTHORIZE_URI))
{ {
log::debug!("Redirect unauthenticated user from {} to authorization route.",
req.path());
let path = req.uri().to_string(); let path = req.uri().to_string();
return Ok(req return Ok(req
.into_response(redirect_user_for_login(path)) .into_response(redirect_user_for_login(path))