aboutsummaryrefslogtreecommitdiff
path: root/src/utils
diff options
context:
space:
mode:
authorJoris2023-08-12 22:20:23 +0200
committerJoris2023-08-12 22:51:07 +0200
commit273bed103c37c81d477998a46873437733ffc16e (patch)
tree38476ed04c58d49207f5b4b61c651c1b72188a8a /src/utils
parent8c689db1c8fa06ddb9119e626e7b1149f3493905 (diff)
Generate crypto random token instead of uuid
Diffstat (limited to 'src/utils')
-rw-r--r--src/utils/cookie.rs15
1 files changed, 12 insertions, 3 deletions
diff --git a/src/utils/cookie.rs b/src/utils/cookie.rs
index c716936..826efa9 100644
--- a/src/utils/cookie.rs
+++ b/src/utils/cookie.rs
@@ -1,10 +1,13 @@
-use uuid::Uuid;
+use hex;
+use rand_core::{OsRng, RngCore};
use crate::crypto::signed;
use crate::model::config::Config;
-pub fn login(config: &Config, token: Uuid) -> Result<String, String> {
- let signed_token = signed::sign(&config.auth_secret, &token.to_string())?;
+const TOKEN_BYTES: usize = 20;
+
+pub fn login(config: &Config, token: &str) -> Result<String, String> {
+ let signed_token = signed::sign(&config.auth_secret, token)?;
Ok(cookie(config, &signed_token, 24 * 60 * 60))
}
@@ -19,6 +22,12 @@ pub fn extract_token(config: &Config, cookie: &str) -> Result<String, String> {
signed::verify(&config.auth_secret, signed_cookie)
}
+pub fn generate_token() -> String {
+ let mut token = [0u8; TOKEN_BYTES];
+ OsRng.fill_bytes(&mut token);
+ hex::encode(token)
+}
+
fn cookie(config: &Config, token: &str, max_age_seconds: i32) -> String {
let mut xs = vec![
format!("TOKEN={token}"),