diff options
author | Joris | 2023-08-12 22:20:23 +0200 |
---|---|---|
committer | Joris | 2023-08-12 22:51:07 +0200 |
commit | 273bed103c37c81d477998a46873437733ffc16e (patch) | |
tree | 38476ed04c58d49207f5b4b61c651c1b72188a8a /src/utils | |
parent | 8c689db1c8fa06ddb9119e626e7b1149f3493905 (diff) |
Generate crypto random token instead of uuid
Diffstat (limited to 'src/utils')
-rw-r--r-- | src/utils/cookie.rs | 15 |
1 files changed, 12 insertions, 3 deletions
diff --git a/src/utils/cookie.rs b/src/utils/cookie.rs index c716936..826efa9 100644 --- a/src/utils/cookie.rs +++ b/src/utils/cookie.rs @@ -1,10 +1,13 @@ -use uuid::Uuid; +use hex; +use rand_core::{OsRng, RngCore}; use crate::crypto::signed; use crate::model::config::Config; -pub fn login(config: &Config, token: Uuid) -> Result<String, String> { - let signed_token = signed::sign(&config.auth_secret, &token.to_string())?; +const TOKEN_BYTES: usize = 20; + +pub fn login(config: &Config, token: &str) -> Result<String, String> { + let signed_token = signed::sign(&config.auth_secret, token)?; Ok(cookie(config, &signed_token, 24 * 60 * 60)) } @@ -19,6 +22,12 @@ pub fn extract_token(config: &Config, cookie: &str) -> Result<String, String> { signed::verify(&config.auth_secret, signed_cookie) } +pub fn generate_token() -> String { + let mut token = [0u8; TOKEN_BYTES]; + OsRng.fill_bytes(&mut token); + hex::encode(token) +} + fn cookie(config: &Config, token: &str, max_age_seconds: i32) -> String { let mut xs = vec![ format!("TOKEN={token}"), |