aboutsummaryrefslogtreecommitdiff
path: root/src/routes.rs
diff options
context:
space:
mode:
authorJoris2023-08-12 20:05:09 +0200
committerJoris2023-08-12 20:05:09 +0200
commit8c689db1c8fa06ddb9119e626e7b1149f3493905 (patch)
treecb4029776162387a03a7a131ceee3628ed1ba4ef /src/routes.rs
parent459016e70dd4933a8082d27748097de81a3e53ff (diff)
Sign cookie with secret key
Diffstat (limited to 'src/routes.rs')
-rw-r--r--src/routes.rs14
1 files changed, 7 insertions, 7 deletions
diff --git a/src/routes.rs b/src/routes.rs
index b9e137e..ef63c8e 100644
--- a/src/routes.rs
+++ b/src/routes.rs
@@ -12,6 +12,7 @@ use crate::controller::wallet::Wallet;
use crate::db;
use crate::model::config::Config;
use crate::model::user::User;
+use crate::utils::cookie;
pub async fn routes(
config: Config,
@@ -32,7 +33,7 @@ pub async fn routes(
}
(&Method::POST, ["login"]) => {
controller::login::login(
- config,
+ &config,
&assets,
&templates,
body_form(request).await,
@@ -47,7 +48,7 @@ pub async fn routes(
"icon.png" => file("assets/icon.png", "image/png").await,
_ => controller::utils::not_found(),
},
- _ => match connected_user(&pool, &request).await {
+ _ => match connected_user(&config, &pool, &request).await {
Some(user) => {
let wallet = Wallet {
pool,
@@ -55,7 +56,7 @@ pub async fn routes(
templates,
user,
};
- authenticated_routes(config, wallet, request).await
+ authenticated_routes(&config, wallet, request).await
}
None => controller::utils::redirect("/login"),
},
@@ -65,18 +66,17 @@ pub async fn routes(
}
async fn connected_user(
+ config: &Config,
pool: &SqlitePool,
request: &Request<Body>,
) -> Option<User> {
let cookie = request.headers().get("COOKIE")?.to_str().ok()?;
- let mut xs = cookie.split('=');
- xs.next();
- let login_token = xs.next()?;
+ let login_token = cookie::extract_token(config, cookie).ok()?;
db::users::get_by_login_token(pool, login_token.to_string()).await
}
async fn authenticated_routes(
- config: Config,
+ config: &Config,
wallet: Wallet,
request: Request<Body>,
) -> Response<Body> {