xiretza/factoriauth
1
0
Fork 0
Code Issues 2 Pull requests Releases Activity

update last_used on verify_user_token

Browse source
This commit is contained in:
deneb 2024-02-11 20:00:05 +01:00
parent 731f6f2f6c
commit e913de5e8d
2 changed files with 33 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

10
src/auth/mod.rs
View file

@ -83,6 +83,9 @@ impl UserAuthenticator {
Self { db, backends } Self { db, backends }
} }
/// Attempt to verify credentials against all backends and return the user's most recent token if they match.
///
/// If a valid token already exists, return it; if not, create a new one.
#[instrument] #[instrument]
pub async fn get_user_token( pub async fn get_user_token(
&self, &self,
@ -108,12 +111,9 @@ impl UserAuthenticator {
return Err(AuthenticationError::InvalidUserOrPassword); return Err(AuthenticationError::InvalidUserOrPassword);
}; };
// if a valid token exists, return it; if not, create a new one
let mut db = self.db.lock().await; let mut db = self.db.lock().await;
let token = let token =
if let Some(UserTokenEntry::Valid(old_token, _, _)) = db.get_token(&username).await? { if let Some(UserTokenEntry::Valid(old_token, _, _)) = db.get_token(&username).await? {
// TODO: update old_token's last_used value
old_token old_token
} else { } else {
let new_token = let new_token =
@ -127,6 +127,9 @@ impl UserAuthenticator {
Ok((username, token)) Ok((username, token))
} }
/// Check if the passed token matches the user's currently active one.
///
/// Additionally, update the token's `last_used` value if verification is successful.
#[instrument] #[instrument]
pub async fn verify_user_token( pub async fn verify_user_token(
&self, &self,
@ -137,6 +140,7 @@ impl UserAuthenticator {
if let Some(UserTokenEntry::Valid(user_token, ..)) = &db.get_token(username).await? { if let Some(UserTokenEntry::Valid(user_token, ..)) = &db.get_token(username).await? {
if token == user_token { if token == user_token {
db.update_token_last_used(username, token).await?;
return Ok(()); return Ok(());
} }
} }

26
src/db.rs
View file

@ -28,6 +28,12 @@ pub trait Database: Debug {
async fn get_token(&mut self, username: &str) -> Result<Option<UserTokenEntry>, sqlx::Error>; async fn get_token(&mut self, username: &str) -> Result<Option<UserTokenEntry>, sqlx::Error>;
async fn save_token(&mut self, username: &str, token: &UserToken) -> Result<(), sqlx::Error>; async fn save_token(&mut self, username: &str, token: &UserToken) -> Result<(), sqlx::Error>;
async fn update_token_last_used(
&mut self,
username: &str,
token: &UserToken,
) -> Result<(), sqlx::Error>;
} }
#[derive(Debug)] #[derive(Debug)]
@ -122,4 +128,24 @@ impl Database for SqliteDatabase {
Ok(()) Ok(())
} }
#[instrument]
async fn update_token_last_used(
&mut self,
username: &str,
token: &UserToken,
) -> Result<(), sqlx::Error> {
let token_inner = token.0.expose_secret();
query!(
"UPDATE user_tokens
SET last_used = DATETIME('NOW')
WHERE username = $1 AND token = $2",
username,
token_inner
)
.execute(&mut self.conn)
.await?;
Ok(())
}
} }