core
/
trifid
1
0
Fork 0
Code Issues 1 Pull Requests Actions Packages Projects 7 Releases Wiki Activity

use webroot for magic links instead of apiroot

This commit is contained in:
core 2023-02-20 21:48:46 -05:00
parent 36409b3dca
commit 918d81b03f
Signed by: core
GPG Key ID: FDBF740DADDCEECF
3 changed files with 3 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
trifid-api/config.toml
View File

@ -1,6 +1,7 @@
listen_port = 8000 listen_port = 8000
db_url = "postgres://postgres@localhost/trifidapi" db_url = "postgres://postgres@localhost/trifidapi"
base = "http://localhost:8000" base = "http://localhost:8000"
web_root = "http://localhost:5173
magic_links_valid_for = 86400 magic_links_valid_for = 86400
session_tokens_valid_for = 86400 session_tokens_valid_for = 86400
totp_verification_valid_for = 3600 totp_verification_valid_for = 3600

1
trifid-api/src/config.rs
View File

@ -6,6 +6,7 @@ pub struct TFConfig {
pub listen_port: u16, pub listen_port: u16,
pub db_url: String, pub db_url: String,
pub base: Url, pub base: Url,
pub web_root: Url,
pub magic_links_valid_for: i64, pub magic_links_valid_for: i64,
pub session_tokens_valid_for: i64, pub session_tokens_valid_for: i64,
pub totp_verification_valid_for: i64 pub totp_verification_valid_for: i64

2
trifid-api/src/tokens.rs
View File

@ -11,7 +11,7 @@ use crate::util::{TOTP_ALGORITHM, TOTP_DIGITS, TOTP_ISSUER, TOTP_SKEW, TOTP_STEP
// https://admin.defined.net/auth/magic-link?email=coredoescode%40gmail.com&token=ml-ckBsgw_5IdK5VYgseBYcoV_v_cQjtdq1re_RhDu_MKg // https://admin.defined.net/auth/magic-link?email=coredoescode%40gmail.com&token=ml-ckBsgw_5IdK5VYgseBYcoV_v_cQjtdq1re_RhDu_MKg
pub async fn send_magic_link(id: i64, email: String, db: &PgPool, config: &TFConfig) -> Result<(), Box<dyn Error>> { pub async fn send_magic_link(id: i64, email: String, db: &PgPool, config: &TFConfig) -> Result<(), Box<dyn Error>> {
let otp = format!("ml-{}", Uuid::new_v4()); let otp = format!("ml-{}", Uuid::new_v4());
let otp_url = config.base.join(&format!("/auth/magic-link?email={}&token={}", urlencoding::encode(&email.clone()), otp.clone())).unwrap(); let otp_url = config.web_root.join(&format!("/auth/magic-link?email={}&token={}", urlencoding::encode(&email.clone()), otp.clone())).unwrap();
sqlx::query!("INSERT INTO magic_links (id, user_id, expires_on) VALUES ($1, $2, $3) ON CONFLICT DO NOTHING;", otp, id as i32, SystemTime::now().duration_since(UNIX_EPOCH).unwrap().as_secs() as i32 + config.magic_links_valid_for as i32).execute(db).await?; sqlx::query!("INSERT INTO magic_links (id, user_id, expires_on) VALUES ($1, $2, $3) ON CONFLICT DO NOTHING;", otp, id as i32, SystemTime::now().duration_since(UNIX_EPOCH).unwrap().as_secs() as i32 + config.magic_links_valid_for as i32).execute(db).await?;
// TODO: send email // TODO: send email
info!("sent magic link {} to {}, valid for {} seconds", otp_url, email.clone(), config.magic_links_valid_for); info!("sent magic link {} to {}, valid for {} seconds", otp_url, email.clone(), config.magic_links_valid_for);