Two factor authentication : TOTP #5
@ -46,7 +46,7 @@ impl Session {
|
||||
jwt_signer: &JWTSigner) -> Res {
|
||||
let access_token = AccessToken {
|
||||
issuer: app_config.website_origin.to_string(),
|
||||
subject_identifier: self.user.clone(),
|
||||
subject_identifier: self.user.clone().0,
|
||||
issued_at: time(),
|
||||
exp_time: time() + OPEN_ID_ACCESS_TOKEN_TIMEOUT,
|
||||
rand_val: rand_str(OPEN_ID_ACCESS_TOKEN_LEN),
|
||||
|
@ -18,7 +18,7 @@ struct FindUserResult {
|
||||
pub async fn find_username(req: web::Form<FindUserNameReq>, users: web::Data<Addr<UsersActor>>) -> impl Responder {
|
||||
let res = users.send(FindUserByUsername(req.0.username)).await.unwrap();
|
||||
HttpResponse::Ok().json(FindUserResult {
|
||||
user_id: res.0.map(|r| r.uid)
|
||||
user_id: res.0.map(|r| r.uid.0)
|
||||
})
|
||||
}
|
||||
|
||||
|
@ -341,7 +341,7 @@ pub async fn token(req: HttpRequest,
|
||||
// Generate id token
|
||||
let id_token = IdToken {
|
||||
issuer: app_config.website_origin.to_string(),
|
||||
subject_identifier: session.user,
|
||||
subject_identifier: session.user.0,
|
||||
audience: session.client.0.to_string(),
|
||||
expiration_time: session.access_token_expire_at,
|
||||
issued_at: time(),
|
||||
@ -499,7 +499,7 @@ async fn user_info(req: HttpRequest, token: Option<String>,
|
||||
HttpResponse::Ok()
|
||||
.json(OpenIDUserInfo {
|
||||
name: user.full_name(),
|
||||
sub: user.uid,
|
||||
sub: user.uid.0,
|
||||
given_name: user.first_name,
|
||||
family_name: user.last_name,
|
||||
preferred_username: user.username,
|
||||
|
@ -20,7 +20,7 @@ impl Default for SessionStatus {
|
||||
|
||||
#[derive(Debug, Serialize, Deserialize, Default)]
|
||||
pub struct SessionIdentityData {
|
||||
pub id: UserID,
|
||||
pub id: Option<UserID>,
|
||||
pub is_admin: bool,
|
||||
pub auth_time: u64,
|
||||
pub status: SessionStatus,
|
||||
@ -48,7 +48,7 @@ impl<'a> SessionIdentity<'a> {
|
||||
|
||||
// Check if session is valid
|
||||
if let Some(sess) = &res {
|
||||
if sess.id.is_empty() {
|
||||
if sess.id.is_none() {
|
||||
return None;
|
||||
}
|
||||
}
|
||||
@ -64,7 +64,7 @@ impl<'a> SessionIdentity<'a> {
|
||||
|
||||
pub fn set_user(&self, user: &User) {
|
||||
self.set_session_data(&SessionIdentityData {
|
||||
id: user.uid.clone(),
|
||||
id: Some(user.uid.clone()),
|
||||
is_admin: user.admin,
|
||||
auth_time: time(),
|
||||
status: SessionStatus::SignedIn,
|
||||
@ -101,6 +101,7 @@ impl<'a> SessionIdentity<'a> {
|
||||
|
||||
pub fn user_id(&self) -> UserID {
|
||||
self.get_session_data().unwrap_or_default().id
|
||||
.expect("UserID should never be null here!")
|
||||
}
|
||||
|
||||
pub fn auth_time(&self) -> u64 {
|
||||
|
@ -4,7 +4,8 @@ use crate::data::login_redirect::LoginRedirect;
|
||||
use crate::data::totp_key::TotpKey;
|
||||
use crate::utils::err::Res;
|
||||
|
||||
pub type UserID = String;
|
||||
#[derive(Clone, Debug, Eq, PartialEq, serde::Serialize, serde::Deserialize)]
|
||||
pub struct UserID(pub String);
|
||||
|
||||
#[derive(Clone, Debug, Eq, PartialEq, serde::Serialize, serde::Deserialize)]
|
||||
pub struct FactorID(pub String);
|
||||
@ -101,7 +102,7 @@ impl Eq for User {}
|
||||
impl Default for User {
|
||||
fn default() -> Self {
|
||||
Self {
|
||||
uid: uuid::Uuid::new_v4().to_string(),
|
||||
uid: UserID(uuid::Uuid::new_v4().to_string()),
|
||||
first_name: "".to_string(),
|
||||
last_name: "".to_string(),
|
||||
username: "".to_string(),
|
||||
|
@ -5,7 +5,7 @@
|
||||
<tbody>
|
||||
<tr>
|
||||
<th scope="row">User ID</th>
|
||||
<td>{{ u.uid }}</td>
|
||||
<td>{{ u.uid.0 }}</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<th scope="row">First name</th>
|
||||
|
@ -6,7 +6,7 @@
|
||||
<div class="form-group">
|
||||
<label class="form-label mt-4" for="userID">User ID</label>
|
||||
<input class="form-control" id="userID" type="text" readonly=""
|
||||
name="uid" value="{{ u.uid }}"/>
|
||||
name="uid" value="{{ u.uid.0 }}"/>
|
||||
</div>
|
||||
|
||||
<!-- User name -->
|
||||
@ -145,7 +145,7 @@
|
||||
return;
|
||||
|
||||
const userID = await find_username(usernameEl.value);
|
||||
usernameEl.classList.add((userID === null || userID === "{{ u.uid }}") ? "is-valid" : "is-invalid");
|
||||
usernameEl.classList.add((userID === null || userID === "{{ u.uid.0 }}") ? "is-valid" : "is-invalid");
|
||||
|
||||
} catch(e) {
|
||||
console.error(e);
|
||||
|
@ -19,7 +19,7 @@
|
||||
</thead>
|
||||
<tbody>
|
||||
{% for u in users %}
|
||||
<tr id="row-user-{{ u.uid }}">
|
||||
<tr id="row-user-{{ u.uid.0 }}">
|
||||
<td>{{ u.username }}</td>
|
||||
<td>{{ u.first_name }}</td>
|
||||
<td>{{ u.last_name }}</td>
|
||||
@ -27,8 +27,8 @@
|
||||
<td>{% if u.admin %}Admin{% else %}Regular user{% endif %}</td>
|
||||
<td>{% if u.enabled %}Enabled{% else %}Disabled{% endif %}</td>
|
||||
<td>
|
||||
<a href="/admin/edit_user?id={{ u.uid }}">Edit</a>
|
||||
<a href="javascript:delete_user('{{ u.uid }}', '{{ u.username }}')">Delete</a>
|
||||
<a href="/admin/edit_user?id={{ u.uid.0 }}">Edit</a>
|
||||
<a href="javascript:delete_user('{{ u.uid.0 }}', '{{ u.username }}')">Delete</a>
|
||||
</td>
|
||||
</tr>
|
||||
{% endfor %}
|
||||
|
Loading…
Reference in New Issue
Block a user