From e2d6d1df02bb9b87340bf84aef74ec4ee75d087d Mon Sep 17 00:00:00 2001 From: Fu Zi Xiang Date: Thu, 9 Nov 2023 10:31:24 +0800 Subject: [PATCH] feat: use current token for go to app instead of refresh token --- admin_frontend/src/session.rs | 20 ++++++-------- admin_frontend/src/web_api.rs | 50 ++++++++++------------------------- admin_frontend/src/web_app.rs | 19 +++++++++---- 3 files changed, 36 insertions(+), 53 deletions(-) diff --git a/admin_frontend/src/session.rs b/admin_frontend/src/session.rs index 2557af8e..06a1f99a 100644 --- a/admin_frontend/src/session.rs +++ b/admin_frontend/src/session.rs @@ -8,6 +8,7 @@ use axum::{ }; use axum_extra::extract::CookieJar; use gotrue::grant::{Grant, RefreshTokenGrant}; +use gotrue_entity::dto::GotrueTokenResponse; use jwt::{Claims, Header}; use redis::{aio::ConnectionManager, AsyncCommands, FromRedisValue, ToRedisArgs}; use serde::{de::DeserializeOwned, Deserialize, Serialize}; @@ -66,17 +67,12 @@ impl SessionStorage { #[derive(Debug, Serialize, Deserialize)] pub struct UserSession { pub session_id: String, - pub access_token: String, - pub refresh_token: String, + pub token: GotrueTokenResponse, } impl UserSession { - pub fn new(session_id: String, access_token: String, refresh_token: String) -> Self { - Self { - session_id, - access_token, - refresh_token, - } + pub fn new(session_id: String, token: GotrueTokenResponse) -> Self { + Self { session_id, token } } } @@ -103,9 +99,9 @@ impl FromRequestParts for UserSession { .await .ok_or(SessionRejection::SessionNotFound)?; - if has_expired(session.access_token.as_str()) { + if has_expired(session.token.access_token.as_str()) { // Get new pair of access token and refresh token - let refresh_token = session.refresh_token; + let refresh_token = session.token.refresh_token; let new_token = state .gotrue_client .clone() @@ -113,8 +109,8 @@ impl FromRequestParts for UserSession { .await .map_err(|err| SessionRejection::RefreshTokenError(err.to_string()))?; - session.access_token = new_token.access_token; - session.refresh_token = new_token.refresh_token; + session.token.access_token = new_token.access_token; + session.token.refresh_token = new_token.refresh_token; // Update session in redis let _ = state diff --git a/admin_frontend/src/web_api.rs b/admin_frontend/src/web_api.rs index 9bc3cf7f..21c10815 100644 --- a/admin_frontend/src/web_api.rs +++ b/admin_frontend/src/web_api.rs @@ -14,7 +14,6 @@ use axum::Form; use axum::{extract::State, routing::post, Router}; use axum_extra::extract::cookie::Cookie; use axum_extra::extract::CookieJar; -use gotrue::grant::{Grant, RefreshTokenGrant}; use gotrue::params::{AdminDeleteUserParams, AdminUserParams, GenerateLinkParams, MagicLinkParams}; use gotrue_entity::dto::{UpdateGotrueUserParams, User}; @@ -43,27 +42,14 @@ pub fn router() -> Router { } // provide a link which when open in browser, opens the appflowy app -pub async fn open_app_handler( - State(state): State, - session: UserSession, -) -> Result> { - let access_token_resp = state - .gotrue_client - .token(&Grant::RefreshToken(RefreshTokenGrant { - refresh_token: session.refresh_token.to_owned(), - })) - .await?; - - // appflowy-flutter:// -> scheme that opens the Appflowy app - // login-callback -> agreed upon convention that frontend recognizes - // The rest are params that are passed to the app needed for login +pub async fn open_app_handler(session: UserSession) -> Result> { let app_sign_in_url = format!( "appflowy-flutter://login-callback#access_token={}&expires_at={}&expires_in={}&refresh_token={}&token_type={}", - access_token_resp.access_token, - access_token_resp.expires_at, - access_token_resp.expires_in, - access_token_resp.refresh_token, - access_token_resp.token_type, + session.token.access_token, + session.token.expires_at, + session.token.expires_in, + session.token.refresh_token, + session.token.token_type, ); Ok(htmx_redirect(&app_sign_in_url)) } @@ -78,7 +64,7 @@ pub async fn invite_handler( state .gotrue_client .magic_link( - &session.access_token, + &session.token.access_token, &MagicLinkParams { email: param.email, ..Default::default() @@ -102,7 +88,7 @@ pub async fn change_password_handler( let res = state .gotrue_client .update_user( - &session.access_token, + &session.token.access_token, &UpdateGotrueUserParams { password: Some(param.new_password), ..Default::default() @@ -147,7 +133,7 @@ pub async fn admin_update_user_handler( let res = state .gotrue_client .admin_update_user( - &session.access_token, + &session.token.access_token, &user_uuid, &AdminUserParams { password: Some(param.password.to_owned()), @@ -167,7 +153,7 @@ pub async fn post_user_generate_link_handler( let res = state .gotrue_client .admin_generate_link( - &session.access_token, + &session.token.access_token, &GenerateLinkParams { email, ..Default::default() @@ -185,7 +171,7 @@ pub async fn admin_delete_user_handler( state .gotrue_client .admin_delete_user( - &session.access_token, + &session.token.access_token, &user_uuid, &AdminDeleteUserParams { should_soft_delete: true, @@ -208,7 +194,7 @@ pub async fn admin_add_user_handler( }; let user = state .gotrue_client - .admin_add_user(&session.access_token, &add_user_params) + .admin_add_user(&session.token.access_token, &add_user_params) .await?; Ok(user.into()) } @@ -226,11 +212,7 @@ pub async fn login_refresh_handler( .await?; let new_session_id = uuid::Uuid::new_v4(); - let new_session = session::UserSession::new( - new_session_id.to_string(), - token.access_token.to_string(), - token.refresh_token.to_owned(), - ); + let new_session = session::UserSession::new(new_session_id.to_string(), token); state.session_store.put_user_session(&new_session).await?; let mut cookie = Cookie::new("session_id", new_session_id.to_string()); @@ -257,11 +239,7 @@ pub async fn login_handler( .await?; let new_session_id = uuid::Uuid::new_v4(); - let new_session = session::UserSession::new( - new_session_id.to_string(), - token.access_token.to_string(), - token.refresh_token.to_owned(), - ); + let new_session = session::UserSession::new(new_session_id.to_string(), token); state.session_store.put_user_session(&new_session).await?; Ok(( diff --git a/admin_frontend/src/web_app.rs b/admin_frontend/src/web_app.rs index 3bf90ec6..6c4b819c 100644 --- a/admin_frontend/src/web_app.rs +++ b/admin_frontend/src/web_app.rs @@ -57,7 +57,10 @@ pub async fn user_user_handler( State(state): State, session: UserSession, ) -> Result, WebAppError> { - let user = state.gotrue_client.user_info(&session.access_token).await?; + let user = state + .gotrue_client + .user_info(&session.token.access_token) + .await?; render_template(templates::UserDetails { user: &user }) } @@ -73,7 +76,10 @@ pub async fn home_handler( State(state): State, session: UserSession, ) -> Result, WebAppError> { - let user = state.gotrue_client.user_info(&session.access_token).await?; + let user = state + .gotrue_client + .user_info(&session.token.access_token) + .await?; render_template(templates::Home { user: &user, is_admin: is_admin(&user), @@ -84,7 +90,10 @@ pub async fn admin_home_handler( State(state): State, session: UserSession, ) -> Result, WebAppError> { - let user = state.gotrue_client.user_info(&session.access_token).await?; + let user = state + .gotrue_client + .user_info(&session.token.access_token) + .await?; render_template(templates::AdminHome { user: &user }) } @@ -94,7 +103,7 @@ pub async fn admin_users_handler( ) -> Result, WebAppError> { let users = state .gotrue_client - .admin_list_user(&session.access_token) + .admin_list_user(&session.token.access_token) .await .map_or_else( |err| { @@ -117,7 +126,7 @@ pub async fn admin_user_details_handler( ) -> Result, WebAppError> { let user = state .gotrue_client - .admin_user_details(&session.access_token, &user_id) + .admin_user_details(&session.token.access_token, &user_id) .await .unwrap(); // TODO: handle error