- add: session_id to the validate token response
- add: session_id to the jwt generated token
This commit is contained in:
@@ -26,16 +26,14 @@ impl AuthService for MyAuthService {
|
|||||||
|
|
||||||
info!("Login attempt for username: {}", req.username);
|
info!("Login attempt for username: {}", req.username);
|
||||||
|
|
||||||
if let Some(user_id) = verify_user(self.db_client.as_ref().clone(), &req.username, &req.password).await {
|
if let Some(user) = verify_user(self.db_client.as_ref().clone(), &req.username, &req.password).await {
|
||||||
let token = generate_token(&user_id, vec!["user".to_string()])
|
let user_id = user.user_id.to_string();
|
||||||
.map_err(|_| Status::internal("Token generation failed"))?;
|
|
||||||
|
|
||||||
let session_id = uuid::Uuid::new_v4().to_string();
|
let session_id = uuid::Uuid::new_v4().to_string();
|
||||||
let response = self
|
let response = self
|
||||||
.session_client.as_ref().clone()
|
.session_client.as_ref().clone()
|
||||||
.create_session(CreateSessionRequest {
|
.create_session(CreateSessionRequest {
|
||||||
session_id: session_id.clone(),
|
session_id: session_id.clone(),
|
||||||
user_id: user_id.parse().unwrap(),
|
user_id: user.user_id,
|
||||||
username: req.username.to_string(),
|
username: req.username.to_string(),
|
||||||
character_id: 0,
|
character_id: 0,
|
||||||
ip_address: req.ip_address.to_string(),
|
ip_address: req.ip_address.to_string(),
|
||||||
@@ -48,6 +46,9 @@ impl AuthService for MyAuthService {
|
|||||||
};
|
};
|
||||||
let session_id = session.into_inner().session_id;
|
let session_id = session.into_inner().session_id;
|
||||||
|
|
||||||
|
let token = generate_token(&user_id, &&session_id.clone(), user.roles)
|
||||||
|
.map_err(|_| Status::internal("Token generation failed"))?;
|
||||||
|
|
||||||
info!("Login successful for username: {}", req.username);
|
info!("Login successful for username: {}", req.username);
|
||||||
Ok(Response::new(LoginResponse { token, user_id, session_id }))
|
Ok(Response::new(LoginResponse { token, user_id, session_id }))
|
||||||
} else {
|
} else {
|
||||||
@@ -77,13 +78,15 @@ impl AuthService for MyAuthService {
|
|||||||
let req = request.into_inner();
|
let req = request.into_inner();
|
||||||
|
|
||||||
match validate_token(&req.token) {
|
match validate_token(&req.token) {
|
||||||
Ok(user_id) => Ok(Response::new(ValidateTokenResponse {
|
Ok(user_data) => Ok(Response::new(ValidateTokenResponse {
|
||||||
valid: true,
|
valid: true,
|
||||||
user_id,
|
user_id: user_data.0,
|
||||||
|
session_id: user_data.1,
|
||||||
})),
|
})),
|
||||||
Err(_) => Ok(Response::new(ValidateTokenResponse {
|
Err(_) => Ok(Response::new(ValidateTokenResponse {
|
||||||
valid: false,
|
valid: false,
|
||||||
user_id: "".to_string(),
|
user_id: "".to_string(),
|
||||||
|
session_id: "".to_string(),
|
||||||
})),
|
})),
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -5,11 +5,12 @@ use std::env;
|
|||||||
#[derive(Debug, Serialize, Deserialize)]
|
#[derive(Debug, Serialize, Deserialize)]
|
||||||
struct Claims {
|
struct Claims {
|
||||||
sub: String, // Subject (user ID)
|
sub: String, // Subject (user ID)
|
||||||
|
session_id: String, // Session ID
|
||||||
roles: Vec<String>, // Roles/permissions
|
roles: Vec<String>, // Roles/permissions
|
||||||
exp: usize, // Expiration time
|
exp: usize, // Expiration time
|
||||||
}
|
}
|
||||||
|
|
||||||
pub fn generate_token(user_id: &str, roles: Vec<String>) -> Result<String, jsonwebtoken::errors::Error> {
|
pub fn generate_token(user_id: &str, session_id: &str, roles: Vec<String>) -> Result<String, jsonwebtoken::errors::Error> {
|
||||||
let secret = env::var("JWT_SECRET").expect("JWT_SECRET must be set");
|
let secret = env::var("JWT_SECRET").expect("JWT_SECRET must be set");
|
||||||
let expiration = chrono::Utc::now()
|
let expiration = chrono::Utc::now()
|
||||||
.checked_add_signed(chrono::Duration::days(1))
|
.checked_add_signed(chrono::Duration::days(1))
|
||||||
@@ -18,6 +19,7 @@ pub fn generate_token(user_id: &str, roles: Vec<String>) -> Result<String, jsonw
|
|||||||
|
|
||||||
let claims = Claims {
|
let claims = Claims {
|
||||||
sub: user_id.to_owned(),
|
sub: user_id.to_owned(),
|
||||||
|
session_id: session_id.to_owned(),
|
||||||
roles,
|
roles,
|
||||||
exp: expiration,
|
exp: expiration,
|
||||||
};
|
};
|
||||||
@@ -25,12 +27,12 @@ pub fn generate_token(user_id: &str, roles: Vec<String>) -> Result<String, jsonw
|
|||||||
encode(&Header::default(), &claims, &EncodingKey::from_secret(secret.as_ref()))
|
encode(&Header::default(), &claims, &EncodingKey::from_secret(secret.as_ref()))
|
||||||
}
|
}
|
||||||
|
|
||||||
pub fn validate_token(token: &str) -> Result<String, jsonwebtoken::errors::Error> {
|
pub fn validate_token(token: &str) -> Result<(String, String), jsonwebtoken::errors::Error> {
|
||||||
let secret = env::var("JWT_SECRET").expect("JWT_SECRET must be set");
|
let secret = env::var("JWT_SECRET").expect("JWT_SECRET must be set");
|
||||||
let token_data = decode::<Claims>(
|
let token_data = decode::<Claims>(
|
||||||
token,
|
token,
|
||||||
&DecodingKey::from_secret(secret.as_ref()),
|
&DecodingKey::from_secret(secret.as_ref()),
|
||||||
&Validation::default(),
|
&Validation::default(),
|
||||||
)?;
|
)?;
|
||||||
Ok(token_data.claims.sub)
|
Ok((token_data.claims.sub, token_data.claims.session_id))
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -1,4 +1,5 @@
|
|||||||
use crate::database_client::DatabaseClientTrait;
|
use crate::database_client::DatabaseClientTrait;
|
||||||
|
use crate::database::GetUserResponse;
|
||||||
|
|
||||||
use argon2::{
|
use argon2::{
|
||||||
password_hash::{
|
password_hash::{
|
||||||
@@ -20,11 +21,11 @@ pub fn verify_password(password: &str, hash: &str) -> bool {
|
|||||||
}
|
}
|
||||||
|
|
||||||
pub async fn verify_user<T: DatabaseClientTrait>(mut db_client: T,
|
pub async fn verify_user<T: DatabaseClientTrait>(mut db_client: T,
|
||||||
username: &str, password: &str) -> Option<String> {
|
username: &str, password: &str) -> Option<GetUserResponse> {
|
||||||
let user = db_client.get_user_by_username(username).await.ok()?;
|
let user = db_client.get_user_by_username(username).await.ok()?;
|
||||||
|
|
||||||
if verify_password(password, &user.hashed_password) {
|
if verify_password(password, &user.hashed_password) {
|
||||||
Some(user.user_id.to_string())
|
Some(user)
|
||||||
} else {
|
} else {
|
||||||
None
|
None
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -35,6 +35,7 @@ message ValidateTokenRequest {
|
|||||||
message ValidateTokenResponse {
|
message ValidateTokenResponse {
|
||||||
bool valid = 1;
|
bool valid = 1;
|
||||||
string user_id = 2;
|
string user_id = 2;
|
||||||
|
string session_id = 3;
|
||||||
}
|
}
|
||||||
|
|
||||||
message ValidateSessionRequest {
|
message ValidateSessionRequest {
|
||||||
|
|||||||
Reference in New Issue
Block a user