aboutsummaryrefslogtreecommitdiff
path: root/server/src/routes/ui/account/session
diff options
context:
space:
mode:
Diffstat (limited to 'server/src/routes/ui/account/session')
-rw-r--r--server/src/routes/ui/account/session/mod.rs3
-rw-r--r--server/src/routes/ui/account/session/token.rs17
2 files changed, 16 insertions, 4 deletions
diff --git a/server/src/routes/ui/account/session/mod.rs b/server/src/routes/ui/account/session/mod.rs
index b13f157..0de15c4 100644
--- a/server/src/routes/ui/account/session/mod.rs
+++ b/server/src/routes/ui/account/session/mod.rs
@@ -3,8 +3,8 @@
which is licensed under the GNU Affero General Public License (version 3); see /COPYING.
Copyright (C) 2023 metamuffin <metamuffin.org>
*/
-use crate::database::User;
use chrono::{DateTime, Utc};
+use jellycommon::user::{PermissionSet, User};
use serde::{Deserialize, Serialize};
pub mod guard;
@@ -20,4 +20,5 @@ pub struct AdminSession(pub Session);
pub struct SessionData {
username: String,
expire: DateTime<Utc>,
+ permissions: PermissionSet,
}
diff --git a/server/src/routes/ui/account/session/token.rs b/server/src/routes/ui/account/session/token.rs
index e5e4baf..baec665 100644
--- a/server/src/routes/ui/account/session/token.rs
+++ b/server/src/routes/ui/account/session/token.rs
@@ -12,6 +12,7 @@ use anyhow::anyhow;
use base64::Engine;
use chrono::{Duration, Utc};
use jellybase::CONF;
+use jellycommon::user::User;
use log::warn;
use std::sync::LazyLock;
@@ -28,10 +29,11 @@ static SESSION_KEY: LazyLock<[u8; 32]> = LazyLock::new(|| {
}
});
-pub fn create(username: String, expire: Duration) -> String {
+pub fn create(user: &User, expire: Duration) -> String {
let session_data = SessionData {
expire: Utc::now() + expire,
- username,
+ username: user.name.to_owned(),
+ permissions: user.permissions.clone(),
};
let mut plaintext =
bincode::serde::encode_to_vec(&session_data, bincode::config::standard()).unwrap();
@@ -70,7 +72,16 @@ pub fn validate(token: &str) -> anyhow::Result<String> {
#[test]
fn test() {
- let tok = create("blub".to_string(), Duration::days(1));
+ let tok = create(
+ &User {
+ name: "blub".to_string(),
+ display_name: "blub".to_owned(),
+ password: vec![],
+ admin: false,
+ permissions: jellycommon::user::PermissionSet::default(),
+ },
+ Duration::days(1),
+ );
validate(&tok).unwrap();
}
generated by cgit v1.2.3-70-g09d2 (git 2.51.0) at 2025-10-08 17:41:13 +0000