From fc5e13ae525cb74e77a5bc51204f44476115cea9 Mon Sep 17 00:00:00 2001 From: metamuffin Date: Sun, 1 Oct 2023 00:38:29 +0200 Subject: draft for permission framework --- server/src/routes/ui/account/session/token.rs | 17 ++++++++++++++--- 1 file changed, 14 insertions(+), 3 deletions(-) (limited to 'server/src/routes/ui/account/session/token.rs') diff --git a/server/src/routes/ui/account/session/token.rs b/server/src/routes/ui/account/session/token.rs index e5e4baf..baec665 100644 --- a/server/src/routes/ui/account/session/token.rs +++ b/server/src/routes/ui/account/session/token.rs @@ -12,6 +12,7 @@ use anyhow::anyhow; use base64::Engine; use chrono::{Duration, Utc}; use jellybase::CONF; +use jellycommon::user::User; use log::warn; use std::sync::LazyLock; @@ -28,10 +29,11 @@ static SESSION_KEY: LazyLock<[u8; 32]> = LazyLock::new(|| { } }); -pub fn create(username: String, expire: Duration) -> String { +pub fn create(user: &User, expire: Duration) -> String { let session_data = SessionData { expire: Utc::now() + expire, - username, + username: user.name.to_owned(), + permissions: user.permissions.clone(), }; let mut plaintext = bincode::serde::encode_to_vec(&session_data, bincode::config::standard()).unwrap(); @@ -70,7 +72,16 @@ pub fn validate(token: &str) -> anyhow::Result { #[test] fn test() { - let tok = create("blub".to_string(), Duration::days(1)); + let tok = create( + &User { + name: "blub".to_string(), + display_name: "blub".to_owned(), + password: vec![], + admin: false, + permissions: jellycommon::user::PermissionSet::default(), + }, + Duration::days(1), + ); validate(&tok).unwrap(); } -- cgit v1.2.3-70-g09d2