🗝
summary refs log tree commit diff
path: root/src
diff options
context:
space:
mode:
authormia <mia@mia.jetzt>2024-04-23 19:50:24 -0700
committermia <mia@mia.jetzt>2024-04-23 19:50:24 -0700
commitcb74c3346428d5e352b66d1f7982f77e0e8b8621 (patch)
tree143a2168f076c2ede754fbb8527c6b1a8baa4de1 /src
parent979d3d2fd87d5def87d27f4991ca8624c72b2317 (diff)
downloaddissociate-0.2.3.tar.gz
dissociate-0.2.3.zip
add expires data to token handoff v0.2.3
Diffstat (limited to 'src')
-rw-r--r--src/server/falx.rs40
-rw-r--r--src/server/mod.rs2
-rw-r--r--src/server/store.rs4
3 files changed, 33 insertions, 13 deletions
diff --git a/src/server/falx.rs b/src/server/falx.rs
index 1efffdc..9783cef 100644
--- a/src/server/falx.rs
+++ b/src/server/falx.rs
@@ -1,3 +1,5 @@
+use std::time::SystemTime;
+
 use axum::{
     body::Body,
     extract::{Path, State},
@@ -22,7 +24,7 @@ async fn check_(
     Path((token, scope)): Path<(String, String)>,
     State(store): State<Store>,
 ) -> Response {
-    let Some(name) = store.check_token(&token).await else {
+    let Some((name, _)) = store.check_token(&token).await else {
         return StatusCode::UNAUTHORIZED.into_response();
     };
     let Some(account) = store.get_account(&name).await else {
@@ -39,6 +41,7 @@ async fn check_(
 async fn handoff(
     jar: CookieJar,
     State(Handoffs(handoffs)): State<Handoffs>,
+    State(store): State<Store>,
     headers: HeaderMap,
 ) -> Response {
     let Some(origin_header) = headers.get("Origin") else {
@@ -55,14 +58,31 @@ async fn handoff(
     if !handoffs.contains(&origin) {
         return (StatusCode::FORBIDDEN, "Origin not registered for handoff").into_response();
     }
-    let Some(token) = jar.get("dissociate-token") else {
-        return (StatusCode::UNAUTHORIZED, "Authenticate cookie missing").into_response();
-    };
-    return Response::builder()
-        .status(StatusCode::OK)
+
+    let builder = Response::builder()
         .header("Access-Control-Allow-Credentials", "true")
-        .header("Access-Control-Allow-Methods", "GET")
-        .header("Access-Control-Allow-Origin", origin_header)
-        .body(Body::from(token.value().to_string()))
-        .unwrap();
+        .header("Access-Control-Allow-Origin", origin_header);
+
+    if let Some(token) = jar.get("dissociate-token") {
+        if let Some((_, expires)) = store.check_token(token.value()).await {
+            let expires_in = expires
+                .duration_since(SystemTime::now())
+                .unwrap_or_default()
+                .as_secs();
+
+            return builder
+                .status(StatusCode::OK)
+                .body(Body::from(format!(
+                    r#"{{"token":"{}","expiresIn":{}}}"#,
+                    token.value().to_string(),
+                    expires_in,
+                )))
+                .unwrap();
+        }
+    }
+
+    builder
+        .status(StatusCode::UNAUTHORIZED)
+        .body(Body::empty())
+        .unwrap()
 }
diff --git a/src/server/mod.rs b/src/server/mod.rs
index 81dc519..a583f85 100644
--- a/src/server/mod.rs
+++ b/src/server/mod.rs
@@ -161,6 +161,6 @@ impl<T> Nevermind<T> for Option<T> {
 async fn account_auth(jar: &CookieJar, store: &Store) -> Option<String> {
     let cookie = jar.get("dissociate-token")?;
     let token = cookie.value();
-    let name = store.check_token(token).await?;
+    let (name, _) = store.check_token(token).await?;
     Some(name)
 }
diff --git a/src/server/store.rs b/src/server/store.rs
index 98c1bcc..0911090 100644
--- a/src/server/store.rs
+++ b/src/server/store.rs
@@ -166,7 +166,7 @@ impl Store {
         }
     }
 
-    pub async fn check_token(&self, token: &str) -> Option<String> {
+    pub async fn check_token(&self, token: &str) -> Option<(String, SystemTime)> {
         let guard = self.0.read().await;
         let Some((name, expires)) = guard.token_map.get(token) else {
             return None;
@@ -174,7 +174,7 @@ impl Store {
         if *expires < SystemTime::now() {
             return None;
         }
-        Some(name.clone())
+        Some((name.clone(), expires.clone()))
     }
 
     pub async fn create_invite(&self) -> std::io::Result<String> {