phoenix/icarus_auth
1
0
Fork 0
Code Issues 3 Pull Requests Actions Packages Projects Releases 47 Wiki Activity

tsk-51: Refresh token endpoint (#54)
All checks were successful
Rust Build / Check (push) Successful in 46s
Details
Rust Build / Test Suite (push) Successful in 57s
Details
Release Tagging / release (push) Successful in 59s
Details
Rust Build / Rustfmt (push) Successful in 37s
Details
Rust Build / Clippy (push) Successful in 48s
Details
Rust Build / Check (pull_request) Successful in 45s
Details
Rust Build / build (push) Successful in 59s
Details
Rust Build / Rustfmt (pull_request) Successful in 38s
Details
Rust Build / Clippy (pull_request) Successful in 43s
Details
Rust Build / Test Suite (pull_request) Successful in 54s
Details
Rust Build / build (pull_request) Successful in 59s
Details

Browse Source 
Closes #51

Reviewed-on: #54
Co-authored-by: phoenix <kundeng00@pm.me>
Co-committed-by: phoenix <kundeng00@pm.me>
This commit is contained in:
phoenix
2025-08-11 22:15:17 +00:00
committed by phoenix
parent 99390ce8b7
commit eb1e2990f9
8 changed files with 273 additions and 18 deletions
Download Patch File Download Diff File Expand all files Collapse all files

94
src/callers/login.rs
View File

@@ -13,6 +13,13 @@ pub mod request {
pub passphrase: String,
}
}
pub mod refresh_token {
#[derive(Debug, serde::Deserialize, serde::Serialize)]
pub struct Request {
pub access_token: String,
}
}
}
pub mod response {
@@ -31,6 +38,14 @@ pub mod response {
pub data: Vec<icarus_models::login_result::LoginResult>,
}
}
pub mod refresh_token {
#[derive(Debug, Default, serde::Deserialize, serde::Serialize)]
pub struct Response {
pub message: String,
pub data: Vec<icarus_models::login_result::LoginResult>,
}
}
}
pub mod endpoint {
@@ -43,6 +58,10 @@ pub mod endpoint {
use super::request;
use super::response;
// TODO: At some point, get the username from the DB
// Name of service username when returning a login result
pub const SERVICE_USERNAME: &str = "service";
async fn not_found(message: &str) -> (StatusCode, Json<response::Response>) {
(
StatusCode::NOT_FOUND,
@@ -63,7 +82,8 @@ pub mod endpoint {
if hashing::verify_password(&payload.password, user.password.clone()).unwrap() {
// Create token
let key = icarus_envy::environment::get_secret_key().await;
let (token_literal, duration) = token_stuff::create_token(&key).unwrap();
let (token_literal, duration) =
token_stuff::create_token(&key, &user.id).unwrap();
if token_stuff::verify_token(&key, &token_literal) {
let current_time = time::OffsetDateTime::now_utc();
@@ -107,12 +127,13 @@ pub mod endpoint {
match repo::service::valid_passphrase(&pool, &payload.passphrase).await {
Ok((id, _passphrase, _date_created)) => {
let key = icarus_envy::environment::get_secret_key().await;
let (token_literal, duration) = token_stuff::create_service_token(&key).unwrap();
let (token_literal, duration) =
token_stuff::create_service_token(&key, &id).unwrap();
if token_stuff::verify_token(&key, &token_literal) {
let login_result = icarus_models::login_result::LoginResult {
id,
username: String::from("service"),
username: String::from(SERVICE_USERNAME),
token: token_literal,
token_type: String::from(icarus_models::token::TOKEN_TYPE),
expiration: duration,
@@ -132,4 +153,71 @@ pub mod endpoint {
}
}
}
pub async fn refresh_token(
axum::Extension(pool): axum::Extension<sqlx::PgPool>,
axum::Json(payload): axum::Json<request::refresh_token::Request>,
) -> (
axum::http::StatusCode,
axum::Json<response::refresh_token::Response>,
) {
let mut response = response::refresh_token::Response::default();
let key = icarus_envy::environment::get_secret_key().await;
if token_stuff::verify_token(&key, &payload.access_token) {
let token_type = token_stuff::get_token_type(&key, &payload.access_token).unwrap();
if token_stuff::is_token_type_valid(&token_type) {
// Get passphrase record with id
match token_stuff::extract_id_from_token(&key, &payload.access_token) {
Ok(id) => match repo::service::get_passphrase(&pool, &id).await {
Ok((returned_id, _, _)) => {
match token_stuff::create_service_refresh_token(&key, &returned_id) {
Ok((access_token, exp_dur)) => {
let login_result = icarus_models::login_result::LoginResult {
id: returned_id,
token: access_token,
expiration: exp_dur,
token_type: String::from(icarus_models::token::TOKEN_TYPE),
username: String::from(SERVICE_USERNAME),
};
response.message = String::from("Successful");
response.data.push(login_result);
(axum::http::StatusCode::OK, axum::Json(response))
}
Err(err) => {
response.message = err.to_string();
(
axum::http::StatusCode::INTERNAL_SERVER_ERROR,
axum::Json(response),
)
}
}
}
Err(err) => {
response.message = err.to_string();
(
axum::http::StatusCode::INTERNAL_SERVER_ERROR,
axum::Json(response),
)
}
},
Err(err) => {
response.message = err.to_string();
(
axum::http::StatusCode::INTERNAL_SERVER_ERROR,
axum::Json(response),
)
}
}
} else {
response.message = String::from("Invalid token type");
(axum::http::StatusCode::NOT_FOUND, axum::Json(response))
}
} else {
response.message = String::from("Could not verify token");
(axum::http::StatusCode::BAD_REQUEST, axum::Json(response))
}
}
}