I broke all :3

2024-03-22 19:41:12 +05:00 · 2024-03-22 19:41:12 +05:00 · 030dd43ddf
commit 030dd43ddf
parent b577904d75
2 changed files with 110 additions and 10 deletions
--- a/5
+++ b/5
@ -1,3 +1,8 @@
+############################
+### MAKE USER UUID TABLE ###
+############################
+
+
 Auth using tokens
 Auth using uniq id on device
 Auth using QR code
--- a/src/main.rs
+++ b/src/main.rs
@ -165,26 +165,121 @@ async fn handle_connection(req: Request<Incoming>, pool: DBPool, ip: String) ->

 	let cookies = get_cookies(req.headers().clone());
 	let token = cookies.get("token");
-	let token = match token.is_none() {
+	let mut token = match token.is_none() {
 		false => token.unwrap(),
 		_ => ""
 	};
+	let mut logged = false;

 	match <str as AsRef<str>>::as_ref(req.uri().path()) {
-		x if x.starts_with("/api/") => {}
-		_ => {
-//			println!("{}", token);
-
-			if token != "" && jwt_verify(pool.clone(), token)
-				.await?.claims.as_object().unwrap().len() == 0
-			{
-				println!("Invalid suka");
+		x if x.starts_with("/api/") => {},
+		_ => 'jwt_check: {
+//			if token == "" { break 'jwt_check; }
+/*			if token != "" {
 				parts.status = StatusCode::FOUND;
 				set_cookie(&mut headers, "token", "");
-				set_location(&mut headers, "/");
+				set_location(&mut headers, "/login");
 				parts.headers = headers;
 				return Ok(Response::from_parts(parts, Full::new(Bytes::new())));
+			}*/
+
+			let is_live = jwt_verify(pool.clone(), token)
+				.await?
+				.claims
+				.as_object()
+				.unwrap()
+				.len() != 0;
+
+			match is_live {
+				true => { logged = true; },
+				_ => 'ref_check: {
+					let reftoken = cookies.get("refresh");
+					let reftoken = match reftoken.is_none() {
+						false => reftoken.unwrap(),
+						_ => ""
+					};
+
+					if reftoken == "" { break 'ref_check; }
+
+					let ref_data: HashMap<String, Json> = jwt_verify(pool.clone(), reftoken)
+						.await?
+						.claims
+						.as_object()
+						.unwrap()
+						.clone()
+						.into_iter()
+						.collect();
+
+					if ref_data.clone().len() != 0 {
+						let mut con = pool.get().await.unwrap();
+
+						let tokenid = ref_data.get("uuid").unwrap().as_str().unwrap();
+						let newtok = format!("{}", uuid_v4().as_hyphenated());
+						let newref = format!("{}", uuid_v4().as_hyphenated());
+						let time = time();
+						println!("Penis1");
+						let (uuid,) = con.query_parse::<(String,)>(&query!(
+							r#"
+								SELECT uid
+								FROM bitauth.tokens
+								WHERE uuid = ?
+							"#,
+							tokenid
+						)).await?;
+						println!("Penis2");
+						let (login,) = con.query_parse::<(String,)>(&query!(
+							r#"
+								SELECT login
+								FROM bitauth.users
+								WHERE uuid = ?
+							"#,
+							uuid.clone()
+						)).await?;					
+						println!("Penis3");
+						let _ = con.query_parse::<()>(&query!(
+							r#"
+								UPDATE bitauth.tokens
+								SET uuid = ?, ref = ?, refend = ?
+								WHERE uuid = ?
+							"#,
+							newtok.clone(), newref.clone(), time + REFRESH_LIFETIME, tokenid
+						)).await;
+						println!("Penis4");
+
+						set_cookie(&mut headers, "token",
+							&jwt_sign(pool.clone(), json!({
+								"login": login.clone(),
+								"uuid": uuid.clone(),
+								"iat": time,
+								"exp": time + TOKEN_LIFETIME
+							})).await.unwrap()
+						);
+						set_cookie(&mut headers, "refresh",
+							&jwt_sign(pool.clone(), json!({
+								"uuid": newtok.clone(),
+								"iat": time,
+								"ref": newref.clone(),
+								"exp": time + REFRESH_LIFETIME
+							})).await.unwrap()
+						);
+						println!("Penis5");
+
+						logged = true;
+/*
+CREATE MODEL IF NOT EXISTS bitauth.tokens(
+	uuid: string,
+	uid: string,
+	sid: string,
+	ref: string,
+	refend: uint32
+)
+*/						
+					}
+				}
 			}
+
+//			if x == "/authorize" {
+//			}
 		}
 	}