utils::new_key now has a larger entropy pool + is generally smaller/quicker
encode params takes a &[u8] as parameter now instead of &str utils::decode_params removed for now as it has not real use atm
This commit is contained in:
shockrah
parent
4f64fc3a13
commit
97e6b026cc
@ -1,7 +1,9 @@
|
||||
// Handlers for the base auth routes
|
||||
use crate::{
|
||||
DBConn, schema,
|
||||
utils,
|
||||
utils:: {
|
||||
encode_param, new_key
|
||||
},
|
||||
models::{
|
||||
Invite,
|
||||
User
|
||||
@ -123,7 +125,7 @@ fn create_new_session_key(conn: &MysqlConnection) -> Option<String> {
|
||||
use crate::models::InsertableSession;
|
||||
|
||||
let new_session = InsertableSession {
|
||||
secret: utils::new_key(),
|
||||
secret: encode_param(&new_key()),
|
||||
expires: (Utc::now() + Duration::hours(1)).timestamp() as u64
|
||||
};
|
||||
|
||||
@ -145,13 +147,11 @@ pub fn login(conn: DBConn, api_key: Form<AuthKey>) -> AuthResult<JsonValue, Auth
|
||||
* Session Tokens are used to key into a subset of online users
|
||||
* This is what should make queries faster per instance as we'll have less data to sift through w/ diesel
|
||||
*/
|
||||
use utils::encode_param;
|
||||
|
||||
if confirm_user_api_access(&conn.0, api_key.id, &api_key.secret) {
|
||||
blind_remove_session(&conn.0, &api_key.secret);
|
||||
let key = create_new_session_key(&conn.0);
|
||||
match key {
|
||||
Some(data) => Ok(json!({"key": encode_param(&data)})),
|
||||
Some(data) => Ok(json!({"key": data})),
|
||||
None => Err(AuthErr {
|
||||
msg: "Could not create session",
|
||||
status: 500
|
||||
@ -188,7 +188,7 @@ mod auth_tests {
|
||||
invites::static_rocket_route_info_for_use_invite,
|
||||
schema,
|
||||
models::Invite,
|
||||
utils::encode_param
|
||||
utils::{encode_param, new_key}
|
||||
};
|
||||
use super::*;
|
||||
use rocket::{
|
||||
@ -244,7 +244,7 @@ mod auth_tests {
|
||||
let api_key: Value = serde_json::from_str(&body).unwrap();
|
||||
|
||||
// Go about leaving the server
|
||||
let secret_str = encode_param(&format!("{}", api_key["secret"]));
|
||||
let secret_str = format!("{}", api_key["secret"]);
|
||||
let body_params = format!("id={}&secret={}", api_key["id"], secret_str);
|
||||
println!("Parameters being sent {}", body_params);
|
||||
let leave_response = rocket_c.post("/auth/leave")
|
||||
@ -269,7 +269,7 @@ mod auth_tests {
|
||||
let rocket_client = Client::new(app).expect("asdf");
|
||||
// Some dummy parameters as the /auth/leave route only has one type of response
|
||||
let id = 12345;
|
||||
let secret = encode_param("raw: &str");
|
||||
let secret = encode_param(&new_key());
|
||||
let params = format!("id={}&secret={}", id, secret);
|
||||
println!("Parameters posted to /auth/leave: {}", params);
|
||||
let response = rocket_client.post("/auth/leave")
|
||||
@ -286,7 +286,7 @@ mod auth_tests {
|
||||
|
||||
let insertable_user = InsertableUser {
|
||||
name: test_name,
|
||||
secret: encode_param(&utils::new_key()),
|
||||
secret: encode_param(&new_key()),
|
||||
date: Utc::now().timestamp() as u64,
|
||||
status: USER_OFFLINE
|
||||
};
|
||||
|
||||
@ -4,7 +4,7 @@ use rocket_contrib::json::{Json, JsonValue};
|
||||
use diesel::{self, prelude::*};
|
||||
use diesel::result::Error;
|
||||
|
||||
use crate::utils::new_key;
|
||||
use crate::utils::{encode_param, new_key};
|
||||
use crate::models::{User, USER_OFFLINE};
|
||||
use crate::{DBConn, schema};
|
||||
|
||||
@ -18,7 +18,7 @@ pub fn create_new_user(new_name: String) -> User {
|
||||
let conn = MysqlConnection::establish(&env::var("DATABASE_URL").unwrap()).unwrap();
|
||||
let ins = InsertableUser {
|
||||
name: new_name,
|
||||
secret: new_key(),
|
||||
secret: encode_param(&new_key()),
|
||||
date: Utc::now().timestamp() as u64,
|
||||
status: USER_OFFLINE,
|
||||
};
|
||||
|
||||
Loading…
Reference in New Issue
Block a user