federation possible but inconvinient

2 files changed, 4 insertions, 3 deletions

diff --git a/server/src/routes/ui/account/mod.rs b/server/src/routes/ui/account/mod.rs
index f1b243c..1d36cd8 100644
--- a/server/src/routes/ui/account/mod.rs
+++ b/server/src/routes/ui/account/mod.rs
@@ -65,6 +65,8 @@ pub struct LoginForm {
     pub username: String,
     #[field(validate = len(..64))]
     pub password: String,
+    #[field(default = 604800)] // one week
+    pub expire: u64,
 }
 
 #[get("/account/login")]
diff --git a/server/src/routes/ui/account/session/token.rs b/server/src/routes/ui/account/session/token.rs
index d4546aa..f82b475 100644
--- a/server/src/routes/ui/account/session/token.rs
+++ b/server/src/routes/ui/account/session/token.rs
@@ -24,17 +24,16 @@ pub fn create(username: String, expire: Duration) -> String {
 
     let cipher = aes_gcm_siv::Aes256GcmSiv::new_from_slice(&*SESSION_KEY).unwrap();
     let nonce = [(); 12].map(|_| rand::random());
-    eprintln!("SESSION_KEY={SESSION_KEY:?}");
     let mut ciphertext = cipher
         .encrypt(&GenericArray::from(nonce), plaintext.as_slice())
         .unwrap();
     ciphertext.extend(nonce);
 
-    base64::engine::general_purpose::STANDARD.encode(&ciphertext)
+    base64::engine::general_purpose::URL_SAFE.encode(&ciphertext)
 }
 
 pub fn validate(token: &str) -> anyhow::Result<String> {
-    let ciphertext = base64::engine::general_purpose::STANDARD.decode(token)?;
+    let ciphertext = base64::engine::general_purpose::URL_SAFE.decode(token)?;
     let cipher = aes_gcm_siv::Aes256GcmSiv::new_from_slice(&*SESSION_KEY).unwrap();
     let (ciphertext, nonce) = ciphertext.split_at(ciphertext.len() - 12);
     let plaintext = cipher