Ruderverein-Donau-Linz/rowt
1
1
Fork 0
Code Issues 30 Pull Requests Actions Packages Projects Wiki Activity

renew cookies on every action; increase cookie timeout to 3 months

Browse Source
This commit is contained in:
philipp 2023-06-07 00:07:11 +02:00
parent 179bd5dfc3
commit d7417804a0
2 changed files with 15 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
src/model/user.rs
View File

@ -3,11 +3,13 @@ use std::ops::Deref;
use argon2::{password_hash::SaltString, Argon2, PasswordHasher}; use argon2::{password_hash::SaltString, Argon2, PasswordHasher};
use rocket::{ use rocket::{
async_trait, async_trait,
http::Status, http::{Cookie, Status},
request::{self, FromRequest, Outcome}, request::{self, FromRequest, Outcome},
time::{Duration, OffsetDateTime},
Request, Request,
}; };
use serde::{Deserialize, Serialize}; use serde::{Deserialize, Serialize};
use serde_json::json;
use sqlx::{FromRow, SqlitePool}; use sqlx::{FromRow, SqlitePool};
#[derive(FromRow, Debug, Serialize, Deserialize)] #[derive(FromRow, Debug, Serialize, Deserialize)]
@ -178,6 +180,12 @@ impl<'r> FromRequest<'r> for User {
Ok(user) => { Ok(user) => {
let db = req.rocket().state::<SqlitePool>().unwrap(); let db = req.rocket().state::<SqlitePool>().unwrap();
user.logged_in(db).await; user.logged_in(db).await;
let user_json: String = format!("{}", json!(user));
let mut cookie = Cookie::new("loggedin_user", user_json);
cookie.set_expires(OffsetDateTime::now_utc() + Duration::weeks(12));
req.cookies().add_private(cookie);
Outcome::Success(user) Outcome::Success(user)
} }
Err(_) => { Err(_) => {

8
src/rest/auth.rs
View File

@ -5,7 +5,9 @@ use rocket::{
post, post,
request::FlashMessage, request::FlashMessage,
response::{Flash, Redirect}, response::{Flash, Redirect},
routes, FromForm, Route, State, routes,
time::{Duration, OffsetDateTime},
FromForm, Route, State,
}; };
use rocket_dyn_templates::{context, tera, Template}; use rocket_dyn_templates::{context, tera, Template};
use serde_json::json; use serde_json::json;
@ -96,7 +98,9 @@ async fn updatepw(
user.update_pw(db, updatepw.password).await; user.update_pw(db, updatepw.password).await;
let user_json: String = format!("{}", json!(user)); let user_json: String = format!("{}", json!(user));
cookies.add_private(Cookie::new("loggedin_user", user_json)); let mut cookie = Cookie::new("loggedin_user", user_json);
cookie.set_expires(OffsetDateTime::now_utc() + Duration::weeks(12));
cookies.add_private(cookie);
Log::create(db, format!("User {} set her password.", user.name)).await; Log::create(db, format!("User {} set her password.", user.name)).await;