forked from 2sys/shoutdotdev
fix auth bugs from empty redirect urls
This commit is contained in:
parent
8b693d44ed
commit
83e34b8654
1 changed files with 9 additions and 5 deletions
14
src/auth.rs
14
src/auth.rs
|
|
@ -45,12 +45,12 @@ pub fn new_oauth_client(settings: &Settings) -> Result<BasicClient, AppError> {
|
|||
|
||||
pub fn new_router() -> Router<AppState> {
|
||||
Router::new()
|
||||
.route("/login", get(propel_auth))
|
||||
.route("/login", get(start_login))
|
||||
.route("/callback", get(login_authorized))
|
||||
.route("/logout", get(logout))
|
||||
}
|
||||
|
||||
pub async fn propel_auth(
|
||||
pub async fn start_login(
|
||||
State(state): State<AppState>,
|
||||
State(Settings {
|
||||
auth: auth_settings,
|
||||
|
|
@ -64,7 +64,7 @@ pub async fn propel_auth(
|
|||
if let Some(session) = maybe_session {
|
||||
if session.get::<AuthInfo>(SESSION_KEY_AUTH_INFO).is_some() {
|
||||
tracing::debug!("already logged in, redirecting...");
|
||||
return Ok(Redirect::to(&base_path).into_response());
|
||||
return Ok(Redirect::to(&format!("{}/", base_path)).into_response());
|
||||
}
|
||||
}
|
||||
let csrf_token = CsrfToken::new_random();
|
||||
|
|
@ -124,7 +124,7 @@ pub async fn logout(
|
|||
}
|
||||
let jar = jar.remove(Cookie::from(auth_settings.cookie_name));
|
||||
tracing::debug!("Removed session cookie from jar.");
|
||||
Ok((jar, Redirect::to(&base_path)))
|
||||
Ok((jar, Redirect::to(&format!("{}/", base_path))))
|
||||
}
|
||||
|
||||
#[derive(Debug, Deserialize)]
|
||||
|
|
@ -167,11 +167,13 @@ pub async fn login_authorized(
|
|||
"OAuth CSRF tokens do not match.".to_string(),
|
||||
));
|
||||
}
|
||||
tracing::debug!("exchanging authorization code");
|
||||
let response = state
|
||||
.oauth_client
|
||||
.exchange_code(AuthorizationCode::new(query.code.clone()))
|
||||
.request_async(async_http_client)
|
||||
.await?;
|
||||
tracing::debug!("fetching user info");
|
||||
let auth_info: AuthInfo = reqwest_client
|
||||
.get(auth_settings.userinfo_url.as_str())
|
||||
.bearer_auth(response.access_token().secret())
|
||||
|
|
@ -179,6 +181,7 @@ pub async fn login_authorized(
|
|||
.await?
|
||||
.json()
|
||||
.await?;
|
||||
tracing::debug!("updating session");
|
||||
session.insert(SESSION_KEY_AUTH_INFO, &auth_info)?;
|
||||
session.insert(SESSION_KEY_AUTH_REFRESH_TOKEN, response.refresh_token())?;
|
||||
if state.session_store.store_session(session).await?.is_some() {
|
||||
|
|
@ -187,7 +190,8 @@ pub async fn login_authorized(
|
|||
)
|
||||
.into());
|
||||
}
|
||||
Ok(Redirect::to(&base_path))
|
||||
tracing::debug!("successfully authenticated");
|
||||
Ok(Redirect::to(&format!("{}/", base_path)))
|
||||
}
|
||||
|
||||
impl FromRequestParts<AppState> for AuthInfo {
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue