draft for permission framework

1 files changed, 14 insertions, 3 deletions

diff --git a/server/src/routes/ui/account/session/token.rs b/server/src/routes/ui/account/session/token.rs
index e5e4baf..baec665 100644
--- a/server/src/routes/ui/account/session/token.rs
+++ b/server/src/routes/ui/account/session/token.rs
@@ -12,6 +12,7 @@ use anyhow::anyhow;
 use base64::Engine;
 use chrono::{Duration, Utc};
 use jellybase::CONF;
+use jellycommon::user::User;
 use log::warn;
 use std::sync::LazyLock;
 
@@ -28,10 +29,11 @@ static SESSION_KEY: LazyLock<[u8; 32]> = LazyLock::new(|| {
     }
 });
 
-pub fn create(username: String, expire: Duration) -> String {
+pub fn create(user: &User, expire: Duration) -> String {
     let session_data = SessionData {
         expire: Utc::now() + expire,
-        username,
+        username: user.name.to_owned(),
+        permissions: user.permissions.clone(),
     };
     let mut plaintext =
         bincode::serde::encode_to_vec(&session_data, bincode::config::standard()).unwrap();
@@ -70,7 +72,16 @@ pub fn validate(token: &str) -> anyhow::Result<String> {
 
 #[test]
 fn test() {
-    let tok = create("blub".to_string(), Duration::days(1));
+    let tok = create(
+        &User {
+            name: "blub".to_string(),
+            display_name: "blub".to_owned(),
+            password: vec![],
+            admin: false,
+            permissions: jellycommon::user::PermissionSet::default(),
+        },
+        Duration::days(1),
+    );
     validate(&tok).unwrap();
 }