finish /v1/totp-authenticators
This commit is contained in:
parent
1e66d14710
commit
d70064f998
|
@ -1,5 +1,6 @@
|
|||
use std::error::Error;
|
||||
use actix_web::HttpRequest;
|
||||
use log::debug;
|
||||
use sea_orm::{ColumnTrait, Condition, DatabaseConnection, EntityTrait, QueryFilter};
|
||||
use crate::tokens::get_token_type;
|
||||
use trifid_api_entities::entity::{auth_token, session_token};
|
||||
|
@ -45,7 +46,7 @@ pub async fn enforce_session(req: &HttpRequest, db: &DatabaseConnection) -> Resu
|
|||
}
|
||||
let tokens = &authorization_split[1..];
|
||||
|
||||
let sess_token = tokens.iter().find(|i| get_token_type(**i).unwrap_or("n-sess") == "sess").copied().ok_or("Missing session token")?;
|
||||
let sess_token = tokens.iter().find(|i| get_token_type(i).unwrap_or("n-sess") == "sess").copied().ok_or("Missing session token")?;
|
||||
|
||||
let token: session_token::Model = session_token::Entity::find().filter(session_token::Column::Id.eq(sess_token)).one(db).await?.ok_or("Invalid session token")?;
|
||||
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
use actix_web::{HttpResponse, post};
|
||||
use actix_web::web::{Data, Json};
|
||||
use log::error;
|
||||
use sea_orm::{ActiveModelTrait, ColumnTrait, EntityTrait, IntoActiveModel, QueryFilter};
|
||||
use sea_orm::{ActiveModelTrait, ColumnTrait, EntityTrait, IntoActiveModel, ModelTrait, QueryFilter};
|
||||
use serde::{Serialize, Deserialize};
|
||||
use crate::AppState;
|
||||
use trifid_api_entities::entity::magic_link;
|
||||
|
@ -78,9 +78,27 @@ pub async fn verify_magic_link_request(db: Data<AppState>, req: Json<VerifyMagic
|
|||
})
|
||||
}
|
||||
|
||||
let user = link.user.clone();
|
||||
|
||||
match link.delete(&db.conn).await {
|
||||
Ok(_) => (),
|
||||
Err(e) => {
|
||||
error!("database error: {}", e);
|
||||
return HttpResponse::InternalServerError().json(APIErrorsResponse {
|
||||
errors: vec![
|
||||
APIError {
|
||||
code: "ERR_DB_ERROR".to_string(),
|
||||
message: "There was an error with the database request, please try again later.".to_string(),
|
||||
path: None,
|
||||
}
|
||||
],
|
||||
})
|
||||
}
|
||||
}
|
||||
|
||||
let model = session_token::Model {
|
||||
id: random_token("sess"),
|
||||
user: link.user,
|
||||
user,
|
||||
expires_on: expires_in_seconds(CONFIG.tokens.session_token_expiry_time_seconds) as i64,
|
||||
};
|
||||
let token = model.id.clone();
|
||||
|
|
|
@ -2,7 +2,7 @@ use serde::{Serialize, Deserialize};
|
|||
use actix_web::{HttpRequest, HttpResponse, post};
|
||||
use actix_web::web::{Data, Json};
|
||||
use log::error;
|
||||
use sea_orm::{ActiveModelTrait, ColumnTrait, EntityTrait, IntoActiveModel, QueryFilter};
|
||||
use sea_orm::{ActiveModelTrait, ColumnTrait, EntityTrait, IntoActiveModel, ModelTrait, QueryFilter};
|
||||
use totp_rs::{Algorithm, Secret, TOTP};
|
||||
use crate::AppState;
|
||||
use crate::auth_tokens::{enforce_2fa, enforce_session, TokenInfo};
|
||||
|
@ -72,7 +72,8 @@ pub async fn totp_authenticators_request(db: Data<AppState>, req_data: HttpReque
|
|||
});
|
||||
}
|
||||
};
|
||||
if auther.is_some() {
|
||||
if let Some(auther) = auther {
|
||||
if auther.verified {
|
||||
return HttpResponse::BadRequest().json(APIErrorsResponse {
|
||||
errors: vec![
|
||||
APIError {
|
||||
|
@ -83,6 +84,22 @@ pub async fn totp_authenticators_request(db: Data<AppState>, req_data: HttpReque
|
|||
]
|
||||
});
|
||||
}
|
||||
match auther.delete(&db.conn).await {
|
||||
Ok(_) => (),
|
||||
Err(e) => {
|
||||
error!("database error: {}", e);
|
||||
return HttpResponse::InternalServerError().json(APIErrorsResponse {
|
||||
errors: vec![
|
||||
APIError {
|
||||
code: "ERR_DB_ERROR".to_string(),
|
||||
message: "There was an error with the database request, please try again later.".to_string(),
|
||||
path: None,
|
||||
}
|
||||
],
|
||||
})
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
let secret = Secret::generate_secret();
|
||||
let totpmachine = match TOTP::new(Algorithm::SHA1, 6, 1, 30, secret.to_bytes().expect("Invalid randomized data"), Some("trifid-api".to_string()), session_token.user.email) {
|
||||
|
|
|
@ -5,5 +5,5 @@ pub fn expires_in_seconds(seconds: u64) -> u64 {
|
|||
}
|
||||
|
||||
pub fn expired(time: u64) -> bool {
|
||||
UNIX_EPOCH + Duration::from_secs(time) > SystemTime::now()
|
||||
UNIX_EPOCH + Duration::from_secs(time) < SystemTime::now()
|
||||
}
|
Loading…
Reference in New Issue