aboutsummaryrefslogtreecommitdiff
path: root/src/utils/cookie.rs
diff options
context:
space:
mode:
Diffstat (limited to 'src/utils/cookie.rs')
-rw-r--r--src/utils/cookie.rs18
1 files changed, 10 insertions, 8 deletions
diff --git a/src/utils/cookie.rs b/src/utils/cookie.rs
index e21e7d4..1ca3b73 100644
--- a/src/utils/cookie.rs
+++ b/src/utils/cookie.rs
@@ -1,25 +1,27 @@
use hex;
use rand_core::{OsRng, TryRngCore};
-use crate::crypto::signed;
use crate::model::config::Config;
-const TOKEN_BYTES: usize = 20;
+// We consider that it’s unfeasible to guess a token from 128 bit long (=16 bytes) to 256 bit (=32 bytes) with safe margin.
+const TOKEN_BYTES: usize = 32;
pub fn login(config: &Config, token: &str) -> Result<String, String> {
- let signed_token = signed::sign(&config.auth_secret, token)?;
- Ok(cookie(config, &signed_token, 365 * 24 * 60 * 60))
+ Ok(cookie(config, &token, 365 * 24 * 60 * 60))
}
pub fn logout(config: &Config) -> String {
cookie(config, "", 0)
}
-pub fn extract_token(config: &Config, cookie: &str) -> Result<String, String> {
+pub fn extract_token(cookie: &str) -> Result<String, String> {
let mut xs = cookie.split('=');
- xs.next();
- let signed_cookie = xs.next().ok_or("Error extracting cookie")?;
- signed::verify(&config.auth_secret, signed_cookie)
+ if xs.next() != Some("TOKEN") {
+ Err("Error extracting cookie".to_string())
+ } else {
+ let token = xs.next().ok_or("Error extracting cookie")?;
+ Ok(token.to_string())
+ }
}
pub fn generate_token() -> Result<String, String> {
generated by cgit v1.2.3 (git 2.25.1) at 2026-04-21 09:09:08 +0000