Radish alpha
r
radicle-explorer
Radicle web interface
Radicle
Git (anonymous pull)
Log in to clone via SSH
Commits
httpd: Remove session serialize and rework
Sebastian Martinez committed 3 years ago
commit f689cb2c9f3f855815b2a55f515ce77b82324515
parent 585dcf4afe72889d45ada613a644c8061278dd16
2 files changed +27 -20
modified radicle-httpd/src/api/auth.rs
@@ -11,21 +11,25 @@ impl Serialize for DateTime {
    }

}
- 
#[derive(Clone, Serialize)]
- 
#[serde(tag = "type", rename_all = "camelCase")]
+ 
#[derive(Clone)]

pub enum AuthState {

    Authorized(Session),
- 
    Unauthorized {
- 
        public_key: PublicKey,
- 
        expires_at: DateTime,
- 
    },
+ 
    Unauthorized(Session),

}
- 
// We copy the implementation of siwe::Message here to derive Serialization and Debug
- 
#[derive(Clone, Serialize)]
- 
#[serde(rename_all = "camelCase")]
+ 
#[derive(Clone)]

pub struct Session {
+ 
    pub status: String,

    pub public_key: PublicKey,

    pub issued_at: DateTime,

    pub expires_at: DateTime,

}
+
+ 
impl From<AuthState> for Session {
+ 
    fn from(other: AuthState) -> Self {
+ 
        match other {
+ 
            AuthState::Authorized(s) => s,
+ 
            AuthState::Unauthorized(s) => s,
+ 
        }
+ 
    }
+ 
}
modified radicle-httpd/src/api/v1/sessions.rs
@@ -1,3 +1,4 @@
+ 
use std::convert::Into;

use std::iter::repeat_with;



use axum::extract::State;
@@ -44,12 +45,14 @@ async fn session_create_handler(State(ctx): State<Context>) -> impl IntoResponse
    let expiration_time = OffsetDateTime::now_utc()

        .checked_add(UNAUTHORIZED_SESSIONS_EXPIRATION)

        .unwrap();
- 
    let auth_state = AuthState::Unauthorized {
+ 
    let session = Session {
+ 
        status: String::from("unauthorized"),

        public_key: *signer.public_key(),
+ 
        issued_at: DateTime(OffsetDateTime::now_utc()),

        expires_at: DateTime(expiration_time),

    };

    let mut sessions = ctx.sessions.write().await;
- 
    sessions.insert(session_id.clone(), auth_state);
+ 
    sessions.insert(session_id.clone(), AuthState::Unauthorized(session));



    Ok::<_, Error>(Json(

        json!({"sessionId": session_id, "publicKey": signer.public_key()}),
@@ -63,9 +66,12 @@ async fn session_handler(
    Path(session_id): Path<String>,

) -> impl IntoResponse {

    let sessions = ctx.sessions.read().await;
- 
    let session = sessions.get(&session_id).ok_or(Error::NotFound)?.to_owned();
+ 
    let auth_state = sessions.get(&session_id).ok_or(Error::NotFound)?;
+ 
    let session = Session::from(auth_state.clone());
- 
    Ok::<_, Error>(Json(session))
+ 
    Ok::<_, Error>(Json(
+ 
        json!({"publicKey": session.public_key, "issuedAt": session.issued_at, "expiresAt": session.expires_at}),
+ 
    ))

}



/// Update session.
@@ -77,15 +83,11 @@ async fn session_signin_handler(
) -> impl IntoResponse {

    let mut sessions = ctx.sessions.write().await;

    let session = sessions.get(&session_id).ok_or(Error::NotFound)?;
- 
    if let AuthState::Unauthorized {
- 
        public_key,
- 
        expires_at,
- 
    } = session
- 
    {
- 
        if public_key != &request.pk {
+ 
    if let AuthState::Unauthorized(s) = session {
+ 
        if s.public_key != request.pk {

            return Err(Error::Auth("Invalid public key"));

        }
- 
        if expires_at <= &DateTime(OffsetDateTime::now_utc()) {
+ 
        if s.expires_at <= DateTime(OffsetDateTime::now_utc()) {

            return Err(Error::Auth("Session expired"));

        }

        let payload = format!("{}:{}", session_id, request.pk);
@@ -97,6 +99,7 @@ async fn session_signin_handler(
            .checked_add(AUTHORIZED_SESSIONS_EXPIRATION)

            .unwrap();

        let session = Session {
+ 
            status: String::from("authorized"),

            public_key: request.pk,

            issued_at: DateTime(OffsetDateTime::now_utc()),

            expires_at: DateTime(expiration_time),