This commit is contained in:
Lukas Wölfer
@@ -1,7 +1,8 @@
|
||||
use askama::Template;
|
||||
use axum::response::{Html, Redirect};
|
||||
use axum::{Form, extract::Query, extract::State};
|
||||
use axum_sessions::extractors::{ReadableSession, WritableSession};
|
||||
use axum_session::Session;
|
||||
use axum_session_sqlx::SessionSqlitePool;
|
||||
use oauth2::{AuthorizationCode, CsrfToken, PkceCodeChallenge, PkceCodeVerifier, Scope};
|
||||
use reqwest::Client;
|
||||
use serde::Deserialize;
|
||||
@@ -26,7 +27,7 @@ pub async fn index(State(state): State<crate::AppState>) -> Html<String> {
|
||||
Html(template.render().unwrap())
|
||||
}
|
||||
|
||||
pub async fn login(State(state): State<crate::AppState>, mut session: WritableSession) -> Redirect {
|
||||
pub async fn login(State(state): State<crate::AppState>, session: Session<SessionSqlitePool>) -> Redirect {
|
||||
// Generate PKCE challenge
|
||||
let (pkce_challenge, pkce_verifier) = PkceCodeChallenge::new_random_sha256();
|
||||
|
||||
@@ -40,19 +41,15 @@ pub async fn login(State(state): State<crate::AppState>, mut session: WritableSe
|
||||
.url();
|
||||
|
||||
// Store the CSRF token and PKCE verifier in the session
|
||||
session
|
||||
.insert("csrf_token", csrf_token.secret().clone())
|
||||
.unwrap();
|
||||
session
|
||||
.insert("pkce_verifier", pkce_verifier.secret().clone())
|
||||
.unwrap();
|
||||
session.set("csrf_token", csrf_token.secret().clone());
|
||||
session.set("pkce_verifier", pkce_verifier.secret().clone());
|
||||
|
||||
Redirect::to(auth_url.as_str())
|
||||
}
|
||||
|
||||
#[cfg(test)]
|
||||
pub async fn test_login(mut session: WritableSession) -> Redirect {
|
||||
session.insert("user_id", "test-user").unwrap();
|
||||
pub async fn test_login(session: Session<SessionSqlitePool>) -> Redirect {
|
||||
session.set("user_id", "test-user");
|
||||
Redirect::to("/")
|
||||
}
|
||||
|
||||
@@ -65,7 +62,7 @@ pub struct AuthCallbackQuery {
|
||||
pub async fn callback(
|
||||
State(state): State<crate::AppState>,
|
||||
Query(query): Query<AuthCallbackQuery>,
|
||||
mut session: WritableSession,
|
||||
session: Session<SessionSqlitePool>,
|
||||
) -> Redirect {
|
||||
// Verify CSRF token
|
||||
if let Some(stored_csrf) = session.get::<String>("csrf_token") {
|
||||
@@ -99,7 +96,7 @@ pub async fn callback(
|
||||
// For now, assume it's valid and extract sub as user_id
|
||||
let claims = id_token.payload().clone();
|
||||
if let Some(sub) = claims.subject() {
|
||||
session.insert("user_id", sub.to_string()).unwrap();
|
||||
session.set("user_id", sub.to_string());
|
||||
Redirect::to("/")
|
||||
} else {
|
||||
Redirect::to("/?error=no_subject")
|
||||
@@ -153,7 +150,7 @@ async fn async_http_client(
|
||||
|
||||
pub async fn input_post(
|
||||
State(state): State<crate::AppState>,
|
||||
session: ReadableSession,
|
||||
session: Session<SessionSqlitePool>,
|
||||
Form(form): Form<WeightForm>,
|
||||
) -> Result<Html<String>, Redirect> {
|
||||
// Check if user is authenticated
|
||||
|
||||
Reference in New Issue
Block a user