37 lines
1.2 KiB
Rust
37 lines
1.2 KiB
Rust
use actix_identity::Identity;
|
|
use actix_web::{web, HttpRequest, HttpResponse, Responder};
|
|
use webauthn_rs::prelude::PublicKeyCredential;
|
|
|
|
use crate::data::session_identity::{SessionIdentity, SessionStatus};
|
|
use crate::data::webauthn_manager::WebAuthManagerReq;
|
|
|
|
#[derive(serde::Deserialize)]
|
|
pub struct AuthWebauthnRequest {
|
|
opaque_state: String,
|
|
credential: PublicKeyCredential,
|
|
}
|
|
|
|
pub async fn auth_webauthn(
|
|
id: Identity,
|
|
req: web::Json<AuthWebauthnRequest>,
|
|
manager: WebAuthManagerReq,
|
|
http_req: HttpRequest,
|
|
) -> impl Responder {
|
|
if !SessionIdentity(Some(&id)).need_2fa_auth() {
|
|
return HttpResponse::Unauthorized().json("No 2FA required!");
|
|
}
|
|
|
|
let user_id = SessionIdentity(Some(&id)).user_id();
|
|
|
|
match manager.finish_authentication(&user_id, &req.opaque_state, &req.credential) {
|
|
Ok(_) => {
|
|
SessionIdentity(Some(&id)).set_status(&http_req, SessionStatus::SignedIn);
|
|
HttpResponse::Ok().body("You are authenticated!")
|
|
}
|
|
Err(e) => {
|
|
log::error!("Failed to authenticate user using webauthn! {:?}", e);
|
|
HttpResponse::InternalServerError().body("Failed to validate security key!")
|
|
}
|
|
}
|
|
}
|