diff --git a/trifid-api/config.toml b/trifid-api/config.toml index 720184e..3e7dd33 100644 --- a/trifid-api/config.toml +++ b/trifid-api/config.toml @@ -1,6 +1,7 @@ listen_port = 8000 db_url = "postgres://postgres@localhost/trifidapi" base = "http://localhost:8000" +web_root = "http://localhost:5173 magic_links_valid_for = 86400 session_tokens_valid_for = 86400 totp_verification_valid_for = 3600 \ No newline at end of file diff --git a/trifid-api/src/config.rs b/trifid-api/src/config.rs index df92e6b..aaedf2e 100644 --- a/trifid-api/src/config.rs +++ b/trifid-api/src/config.rs @@ -6,6 +6,7 @@ pub struct TFConfig { pub listen_port: u16, pub db_url: String, pub base: Url, + pub web_root: Url, pub magic_links_valid_for: i64, pub session_tokens_valid_for: i64, pub totp_verification_valid_for: i64 diff --git a/trifid-api/src/tokens.rs b/trifid-api/src/tokens.rs index c0a1c02..5e8c31f 100644 --- a/trifid-api/src/tokens.rs +++ b/trifid-api/src/tokens.rs @@ -11,7 +11,7 @@ use crate::util::{TOTP_ALGORITHM, TOTP_DIGITS, TOTP_ISSUER, TOTP_SKEW, TOTP_STEP // https://admin.defined.net/auth/magic-link?email=coredoescode%40gmail.com&token=ml-ckBsgw_5IdK5VYgseBYcoV_v_cQjtdq1re_RhDu_MKg pub async fn send_magic_link(id: i64, email: String, db: &PgPool, config: &TFConfig) -> Result<(), Box> { let otp = format!("ml-{}", Uuid::new_v4()); - let otp_url = config.base.join(&format!("/auth/magic-link?email={}&token={}", urlencoding::encode(&email.clone()), otp.clone())).unwrap(); + let otp_url = config.web_root.join(&format!("/auth/magic-link?email={}&token={}", urlencoding::encode(&email.clone()), otp.clone())).unwrap(); sqlx::query!("INSERT INTO magic_links (id, user_id, expires_on) VALUES ($1, $2, $3) ON CONFLICT DO NOTHING;", otp, id as i32, SystemTime::now().duration_since(UNIX_EPOCH).unwrap().as_secs() as i32 + config.magic_links_valid_for as i32).execute(db).await?; // TODO: send email info!("sent magic link {} to {}, valid for {} seconds", otp_url, email.clone(), config.magic_links_valid_for);