From 030dd43ddfb04de36361091788b8d58264393791 Mon Sep 17 00:00:00 2001 From: BitHeaven Date: Fri, 22 Mar 2024 19:41:12 +0500 Subject: [PATCH] I broke all :3 --- TODO | 5 +++ src/main.rs | 115 +++++++++++++++++++++++++++++++++++++++++++++++----- 2 files changed, 110 insertions(+), 10 deletions(-) diff --git a/TODO b/TODO index 2a7d9dc..1c44175 100644 --- a/TODO +++ b/TODO @@ -1,3 +1,8 @@ +############################ +### MAKE USER UUID TABLE ### +############################ + + Auth using tokens Auth using uniq id on device Auth using QR code diff --git a/src/main.rs b/src/main.rs index 79f6715..c060e05 100644 --- a/src/main.rs +++ b/src/main.rs @@ -165,26 +165,121 @@ async fn handle_connection(req: Request, pool: DBPool, ip: String) -> let cookies = get_cookies(req.headers().clone()); let token = cookies.get("token"); - let token = match token.is_none() { + let mut token = match token.is_none() { false => token.unwrap(), _ => "" }; + let mut logged = false; match >::as_ref(req.uri().path()) { - x if x.starts_with("/api/") => {} - _ => { -// println!("{}", token); - - if token != "" && jwt_verify(pool.clone(), token) - .await?.claims.as_object().unwrap().len() == 0 - { - println!("Invalid suka"); + x if x.starts_with("/api/") => {}, + _ => 'jwt_check: { +// if token == "" { break 'jwt_check; } +/* if token != "" { parts.status = StatusCode::FOUND; set_cookie(&mut headers, "token", ""); - set_location(&mut headers, "/"); + set_location(&mut headers, "/login"); parts.headers = headers; return Ok(Response::from_parts(parts, Full::new(Bytes::new()))); + }*/ + + let is_live = jwt_verify(pool.clone(), token) + .await? + .claims + .as_object() + .unwrap() + .len() != 0; + + match is_live { + true => { logged = true; }, + _ => 'ref_check: { + let reftoken = cookies.get("refresh"); + let reftoken = match reftoken.is_none() { + false => reftoken.unwrap(), + _ => "" + }; + + if reftoken == "" { break 'ref_check; } + + let ref_data: HashMap = jwt_verify(pool.clone(), reftoken) + .await? + .claims + .as_object() + .unwrap() + .clone() + .into_iter() + .collect(); + + if ref_data.clone().len() != 0 { + let mut con = pool.get().await.unwrap(); + + let tokenid = ref_data.get("uuid").unwrap().as_str().unwrap(); + let newtok = format!("{}", uuid_v4().as_hyphenated()); + let newref = format!("{}", uuid_v4().as_hyphenated()); + let time = time(); + println!("Penis1"); + let (uuid,) = con.query_parse::<(String,)>(&query!( + r#" + SELECT uid + FROM bitauth.tokens + WHERE uuid = ? + "#, + tokenid + )).await?; + println!("Penis2"); + let (login,) = con.query_parse::<(String,)>(&query!( + r#" + SELECT login + FROM bitauth.users + WHERE uuid = ? + "#, + uuid.clone() + )).await?; + println!("Penis3"); + let _ = con.query_parse::<()>(&query!( + r#" + UPDATE bitauth.tokens + SET uuid = ?, ref = ?, refend = ? + WHERE uuid = ? + "#, + newtok.clone(), newref.clone(), time + REFRESH_LIFETIME, tokenid + )).await; + println!("Penis4"); + + set_cookie(&mut headers, "token", + &jwt_sign(pool.clone(), json!({ + "login": login.clone(), + "uuid": uuid.clone(), + "iat": time, + "exp": time + TOKEN_LIFETIME + })).await.unwrap() + ); + set_cookie(&mut headers, "refresh", + &jwt_sign(pool.clone(), json!({ + "uuid": newtok.clone(), + "iat": time, + "ref": newref.clone(), + "exp": time + REFRESH_LIFETIME + })).await.unwrap() + ); + println!("Penis5"); + + logged = true; +/* +CREATE MODEL IF NOT EXISTS bitauth.tokens( + uuid: string, + uid: string, + sid: string, + ref: string, + refend: uint32 +) +*/ + } + } } + +// if x == "/authorize" { +// } } }