vikarti.anatra/polaris-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Fixed a bug where auth cookie was interfering with polaris-web cookie

Browse source
This commit is contained in:
Antoine Gersant 2018-11-11 00:17:38 -08:00
parent 0cd82a338d
commit c6d5f7b7ee
1 changed files with 7 additions and 6 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

13
src/rocket_api.rs
View file

@ -24,7 +24,7 @@ use crate::vfs::VFSSource;
const CURRENT_MAJOR_VERSION: i32 = 3; const CURRENT_MAJOR_VERSION: i32 = 3;
const CURRENT_MINOR_VERSION: i32 = 0; const CURRENT_MINOR_VERSION: i32 = 0;
const SESSION_FIELD_USERNAME: &str = "username"; const COOKIE_SESSION: &str = "session";
pub fn get_routes() -> Vec<rocket::Route> { pub fn get_routes() -> Vec<rocket::Route> {
routes![ routes![
@ -60,9 +60,10 @@ struct Auth {
username: String, username: String,
} }
fn get_auth_cookie(username: &str) -> Cookie<'static> { fn get_session_cookie(username: &str) -> Cookie<'static> {
Cookie::build(SESSION_FIELD_USERNAME, username.to_owned()) Cookie::build(COOKIE_SESSION, username.to_owned())
.same_site(rocket::http::SameSite::Lax) .same_site(rocket::http::SameSite::Lax)
.http_only(true)
.finish() .finish()
} }
@ -71,7 +72,7 @@ impl<'a, 'r> FromRequest<'a, 'r> for Auth {
fn from_request(request: &'a Request<'r>) -> request::Outcome<Self, ()> { fn from_request(request: &'a Request<'r>) -> request::Outcome<Self, ()> {
let mut cookies = request.guard::<Cookies>().unwrap(); let mut cookies = request.guard::<Cookies>().unwrap();
if let Some(u) = cookies.get_private(SESSION_FIELD_USERNAME) { if let Some(u) = cookies.get_private(COOKIE_SESSION) {
return Outcome::Success(Auth { return Outcome::Success(Auth {
username: u.value().to_string(), username: u.value().to_string(),
}); });
@ -89,7 +90,7 @@ impl<'a, 'r> FromRequest<'a, 'r> for Auth {
_ => return Outcome::Failure((Status::InternalServerError, ())), _ => return Outcome::Failure((Status::InternalServerError, ())),
}; };
if user::auth(db.deref().deref(), &username, &password).unwrap_or(false) { if user::auth(db.deref().deref(), &username, &password).unwrap_or(false) {
cookies.add_private(get_auth_cookie(&username)); cookies.add_private(get_session_cookie(&username));
return Outcome::Success(Auth { return Outcome::Success(Auth {
username: username.to_string(), username: username.to_string(),
}); });
@ -238,7 +239,7 @@ fn auth(
return Err(errors::Error::from(errors::ErrorKind::IncorrectCredentials)) return Err(errors::Error::from(errors::ErrorKind::IncorrectCredentials))
} }
cookies.add_private(get_auth_cookie(&credentials.username)); cookies.add_private(get_session_cookie(&credentials.username));
let auth_output = AuthOutput { let auth_output = AuthOutput {
admin: user::is_admin::<DB>(&db, &credentials.username)?, admin: user::is_admin::<DB>(&db, &credentials.username)?,