Added token expiration
This commit is contained in:
parent
dc9b063f70
commit
ba2594b84c
@ -18,3 +18,5 @@ pub const ERROR_INVALID_TOKEN: (&str, &str) = ("ERROR.INVALID_TOKEN", "The token
|
||||
pub const ERROR_INCORRECT_TOKEN: (&str, &str) = ("ERROR.INCORRECT_TOKEN", "The token you have supplied does not belong to this user.");
|
||||
|
||||
pub const ERROR_MISSING_TOKEN: (&str, &str) = ("ERROR.MISSING_TOKEN", "No token supplied.");
|
||||
|
||||
pub const ERROR_EXPIRED_TOKEN: (&str, &str) = ("ERROR.EXPIRED_TOKEN", "The token you have supplied is expired.");
|
@ -41,6 +41,7 @@ pub async fn start_all_routes(after_startup_fn_call: &dyn Fn(), state: SharedSta
|
||||
.service(user_routes::create_user)
|
||||
.service(user_routes::authenticate_user_with_password)
|
||||
.service(user_routes::refresh_auth_token)
|
||||
.service(user_routes::authenticate_user_with_auth_token)
|
||||
//.service(user_routes::get_user_from_db)
|
||||
})
|
||||
.bind((host_addr, host_port))?
|
||||
|
@ -2,9 +2,10 @@ use core::panic;
|
||||
use std::{sync::Mutex};
|
||||
|
||||
use actix_web::{web::{self, Data}, HttpResponse, post, patch, HttpRequest};
|
||||
use chrono::{Utc};
|
||||
use sqlx::MySqlConnection;
|
||||
|
||||
use crate::{r#do::user::User, dao::{user_dao::{insert_user, find_user_by_email}, token_dao::{insert_token, self, update_token_with_id}}, dto::{user_dtos::{UserForCreationDto, UserForLoginDto}, message_resources_dtos::MessageResourceDto}, validation::user_validator, util::hasher::{self, generate_multiple_random_token_with_rng}, r#do::token::Token, resources::error_messages::{ERROR_USER_ALREADY_EXISTS, ERROR_USER_DOES_NOT_EXIST, ERROR_PASSWORD_INCORRECT, ERROR_INVALID_TOKEN, ERROR_MISSING_TOKEN, ERROR_INCORRECT_TOKEN}};
|
||||
use crate::{r#do::user::User, dao::{user_dao::{insert_user, find_user_by_email}, token_dao::{insert_token, self, update_token_with_id}}, dto::{user_dtos::{UserForCreationDto, UserForLoginDto}, message_resources_dtos::MessageResourceDto}, validation::user_validator, util::hasher::{self, generate_multiple_random_token_with_rng}, r#do::token::Token, resources::error_messages::{ERROR_USER_ALREADY_EXISTS, ERROR_USER_DOES_NOT_EXIST, ERROR_PASSWORD_INCORRECT, ERROR_INVALID_TOKEN, ERROR_MISSING_TOKEN, ERROR_INCORRECT_TOKEN, ERROR_EXPIRED_TOKEN}, r#do::token::AUTH_TOKEN_EXPIRATION_TIME_IN_DAYS, r#do::token::REFRESH_TOKEN_EXPIRATION_TIME_IN_DAYS};
|
||||
|
||||
/*#[get("/u&ser/{id}")]
|
||||
pub async fn get_user_from_db(id: Path<i32>, db_conn: Data<Mutex<MySqlConnection>>) -> HttpResponse {
|
||||
@ -119,9 +120,8 @@ pub async fn authenticate_user_with_password(incoming_user: web::Json<UserForLog
|
||||
HttpResponse::Ok().json(token_to_insert)
|
||||
}
|
||||
|
||||
|
||||
|
||||
pub async fn _authenticate_user_with_auth_token(request: HttpRequest, user_id: web::Path<i32>, db_conn: Data<Mutex<MySqlConnection>>) -> HttpResponse{
|
||||
#[post("/user/auth/token/{user_id}")]
|
||||
pub async fn authenticate_user_with_auth_token(request: HttpRequest, user_id: web::Path<i32>, db_conn: Data<Mutex<MySqlConnection>>) -> HttpResponse{
|
||||
let mut message_resources: Vec<MessageResourceDto> = Vec::new();
|
||||
let headers = request.headers();
|
||||
let auth_token = match headers.get("auth-token") {
|
||||
@ -145,7 +145,16 @@ pub async fn _authenticate_user_with_auth_token(request: HttpRequest, user_id: w
|
||||
match token_dao::get_tokens_with_user_id(&mut db_conn.lock().unwrap(), &user_id).await {
|
||||
Ok(tokens) => {
|
||||
for token in tokens{
|
||||
if token.auth_token == auth_token{ return HttpResponse::Ok().finish(); }
|
||||
let now = Utc::now().naive_utc();
|
||||
match token.auth_token == auth_token{
|
||||
true if token.last_updated.unwrap().signed_duration_since(now).num_days() <
|
||||
AUTH_TOKEN_EXPIRATION_TIME_IN_DAYS.into() => { return HttpResponse::Ok().finish(); },
|
||||
true => {
|
||||
message_resources.push(MessageResourceDto::new_from_error_message(ERROR_EXPIRED_TOKEN));
|
||||
return HttpResponse::Unauthorized().json(web::Json(message_resources));
|
||||
},
|
||||
false => {}
|
||||
}
|
||||
};
|
||||
message_resources.push(MessageResourceDto::new_from_error_message(ERROR_INCORRECT_TOKEN));
|
||||
return HttpResponse::Unauthorized().json(web::Json(message_resources));
|
||||
@ -185,8 +194,15 @@ pub async fn refresh_auth_token(request: HttpRequest, user_id: web::Path<i32>, d
|
||||
Ok(tokens) => {
|
||||
let mut matched_token: Option<Token> = None;
|
||||
for token in tokens{
|
||||
if token.refresh_token == refresh_token{
|
||||
matched_token = Some(token);
|
||||
let now = Utc::now().naive_utc();
|
||||
match token.refresh_token == refresh_token{
|
||||
true if token.last_updated.unwrap().signed_duration_since(now).num_days() <
|
||||
REFRESH_TOKEN_EXPIRATION_TIME_IN_DAYS.into() => { matched_token = Some(token) },
|
||||
true => {
|
||||
message_resources.push(MessageResourceDto::new_from_error_message(ERROR_EXPIRED_TOKEN));
|
||||
return HttpResponse::Unauthorized().json(web::Json(message_resources));
|
||||
},
|
||||
false => {}
|
||||
}
|
||||
};
|
||||
match matched_token {
|
||||
@ -214,3 +230,5 @@ pub async fn refresh_auth_token(request: HttpRequest, user_id: web::Path<i32>, d
|
||||
return HttpResponse::InternalServerError().json(web::Json(message_resources));
|
||||
}};
|
||||
}
|
||||
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user