diff options
| -rw-r--r-- | Cargo.lock | 2 | ||||
| -rw-r--r-- | Cargo.toml | 2 | ||||
| -rw-r--r-- | src/server/falx.rs | 40 | ||||
| -rw-r--r-- | src/server/mod.rs | 2 | ||||
| -rw-r--r-- | src/server/store.rs | 4 |
5 files changed, 35 insertions, 15 deletions
diff --git a/Cargo.lock b/Cargo.lock index 0480382..1fa23b2 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -488,7 +488,7 @@ dependencies = [ [[package]] name = "dissociate" -version = "0.2.2" +version = "0.2.3" dependencies = [ "argon2", "axum", diff --git a/Cargo.toml b/Cargo.toml index 0b6f860..794e6d9 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "dissociate" -version = "0.2.2" +version = "0.2.3" edition = "2021" [dependencies] diff --git a/src/server/falx.rs b/src/server/falx.rs index 1efffdc..9783cef 100644 --- a/src/server/falx.rs +++ b/src/server/falx.rs @@ -1,3 +1,5 @@ +use std::time::SystemTime; + use axum::{ body::Body, extract::{Path, State}, @@ -22,7 +24,7 @@ async fn check_( Path((token, scope)): Path<(String, String)>, State(store): State<Store>, ) -> Response { - let Some(name) = store.check_token(&token).await else { + let Some((name, _)) = store.check_token(&token).await else { return StatusCode::UNAUTHORIZED.into_response(); }; let Some(account) = store.get_account(&name).await else { @@ -39,6 +41,7 @@ async fn check_( async fn handoff( jar: CookieJar, State(Handoffs(handoffs)): State<Handoffs>, + State(store): State<Store>, headers: HeaderMap, ) -> Response { let Some(origin_header) = headers.get("Origin") else { @@ -55,14 +58,31 @@ async fn handoff( if !handoffs.contains(&origin) { return (StatusCode::FORBIDDEN, "Origin not registered for handoff").into_response(); } - let Some(token) = jar.get("dissociate-token") else { - return (StatusCode::UNAUTHORIZED, "Authenticate cookie missing").into_response(); - }; - return Response::builder() - .status(StatusCode::OK) + + let builder = Response::builder() .header("Access-Control-Allow-Credentials", "true") - .header("Access-Control-Allow-Methods", "GET") - .header("Access-Control-Allow-Origin", origin_header) - .body(Body::from(token.value().to_string())) - .unwrap(); + .header("Access-Control-Allow-Origin", origin_header); + + if let Some(token) = jar.get("dissociate-token") { + if let Some((_, expires)) = store.check_token(token.value()).await { + let expires_in = expires + .duration_since(SystemTime::now()) + .unwrap_or_default() + .as_secs(); + + return builder + .status(StatusCode::OK) + .body(Body::from(format!( + r#"{{"token":"{}","expiresIn":{}}}"#, + token.value().to_string(), + expires_in, + ))) + .unwrap(); + } + } + + builder + .status(StatusCode::UNAUTHORIZED) + .body(Body::empty()) + .unwrap() } diff --git a/src/server/mod.rs b/src/server/mod.rs index 81dc519..a583f85 100644 --- a/src/server/mod.rs +++ b/src/server/mod.rs @@ -161,6 +161,6 @@ impl<T> Nevermind<T> for Option<T> { async fn account_auth(jar: &CookieJar, store: &Store) -> Option<String> { let cookie = jar.get("dissociate-token")?; let token = cookie.value(); - let name = store.check_token(token).await?; + let (name, _) = store.check_token(token).await?; Some(name) } diff --git a/src/server/store.rs b/src/server/store.rs index 98c1bcc..0911090 100644 --- a/src/server/store.rs +++ b/src/server/store.rs @@ -166,7 +166,7 @@ impl Store { } } - pub async fn check_token(&self, token: &str) -> Option<String> { + pub async fn check_token(&self, token: &str) -> Option<(String, SystemTime)> { let guard = self.0.read().await; let Some((name, expires)) = guard.token_map.get(token) else { return None; @@ -174,7 +174,7 @@ impl Store { if *expires < SystemTime::now() { return None; } - Some(name.clone()) + Some((name.clone(), expires.clone())) } pub async fn create_invite(&self) -> std::io::Result<String> { |