only save (encrypted) user_id in cookie
This commit is contained in:
parent
b5fd4018ff
commit
16a0654e1f
@ -32,6 +32,7 @@ pub struct User {
|
|||||||
#[derive(Debug)]
|
#[derive(Debug)]
|
||||||
pub enum LoginError {
|
pub enum LoginError {
|
||||||
InvalidAuthenticationCombo,
|
InvalidAuthenticationCombo,
|
||||||
|
UserNotFound,
|
||||||
NotLoggedIn,
|
NotLoggedIn,
|
||||||
NotAnAdmin,
|
NotAnAdmin,
|
||||||
NotACox,
|
NotACox,
|
||||||
@ -274,19 +275,22 @@ impl<'r> FromRequest<'r> for User {
|
|||||||
|
|
||||||
async fn from_request(req: &'r Request<'_>) -> request::Outcome<Self, Self::Error> {
|
async fn from_request(req: &'r Request<'_>) -> request::Outcome<Self, Self::Error> {
|
||||||
match req.cookies().get_private("loggedin_user") {
|
match req.cookies().get_private("loggedin_user") {
|
||||||
Some(user) => match serde_json::from_str::<User>(user.value()) {
|
Some(user_id) => match user_id.value().parse::<i32>() {
|
||||||
Ok(user) => {
|
Ok(user_id) => {
|
||||||
let db = req.rocket().state::<SqlitePool>().unwrap();
|
let db = req.rocket().state::<SqlitePool>().unwrap();
|
||||||
|
let Some(user) = User::find_by_id(db, user_id).await else {
|
||||||
|
return Outcome::Failure((Status::Unauthorized, LoginError::UserNotFound));
|
||||||
|
};
|
||||||
user.logged_in(db).await;
|
user.logged_in(db).await;
|
||||||
|
|
||||||
let user_json: String = format!("{}", json!(user));
|
let mut cookie = Cookie::new("loggedin_user", format!("{}", user.id));
|
||||||
let mut cookie = Cookie::new("loggedin_user", user_json);
|
|
||||||
cookie.set_expires(OffsetDateTime::now_utc() + Duration::weeks(12));
|
cookie.set_expires(OffsetDateTime::now_utc() + Duration::weeks(12));
|
||||||
req.cookies().add_private(cookie);
|
req.cookies().add_private(cookie);
|
||||||
|
|
||||||
Outcome::Success(user)
|
Outcome::Success(user)
|
||||||
}
|
}
|
||||||
Err(_) => {
|
Err(_) => {
|
||||||
|
println!("{:?}", user_id.value());
|
||||||
Outcome::Failure((Status::Unauthorized, LoginError::DeserializationError))
|
Outcome::Failure((Status::Unauthorized, LoginError::DeserializationError))
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
|
@ -79,8 +79,7 @@ async fn login(
|
|||||||
}
|
}
|
||||||
};
|
};
|
||||||
|
|
||||||
let user_json: String = format!("{}", json!(user));
|
cookies.add_private(Cookie::new("loggedin_user", format!("{}", json!(user.id))));
|
||||||
cookies.add_private(Cookie::new("loggedin_user", user_json));
|
|
||||||
|
|
||||||
Log::create(
|
Log::create(
|
||||||
db,
|
db,
|
||||||
|
Loading…
Reference in New Issue
Block a user