ntr/mnml
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge branch 'release/0.2.0'

Browse Source
This commit is contained in:
ntr 2019-07-30 15:56:54 +10:00
commit 33c04d9d29
2 changed files with 8 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
server/src/net.rs
View File

@ -11,14 +11,13 @@ use persistent::Read;
use router::Router; use router::Router;
use serde::{Serialize, Deserialize}; use serde::{Serialize, Deserialize};
// use warden::{warden};
// use events::{pg_listen};
// use ws::{connect};
use account; use account;
use pg::PgPool; use pg::PgPool;
use payments::{stripe}; use payments::{stripe};
pub const TOKEN_HEADER: &str = "x-auth-token"; pub const TOKEN_HEADER: &str = "x-auth-token";
pub const AUTH_CLEAR: &str =
"x-auth-token=; HttpOnly; SameSite=Strict; Max-Age=-1;";
#[derive(Clone, Copy, Fail, Debug, Serialize, Deserialize)] #[derive(Clone, Copy, Fail, Debug, Serialize, Deserialize)]
pub enum MnmlHttpError { pub enum MnmlHttpError {
@ -142,9 +141,6 @@ impl BeforeMiddleware for AuthMiddleware {
} }
} }
const AUTH_CLEAR: &str =
"x-auth-token=; HttpOnly; SameSite=Strict; Max-Age=-1;";
struct ErrorHandler; struct ErrorHandler;
impl AfterMiddleware for ErrorHandler { impl AfterMiddleware for ErrorHandler {
fn catch(&self, _: &mut Request, mut err: IronError) -> IronResult<Response> { fn catch(&self, _: &mut Request, mut err: IronError) -> IronResult<Response> {

8
server/src/rpc.rs
View File

@ -26,7 +26,7 @@ use pg::{Db};
use pg::{PgPool}; use pg::{PgPool};
use skill::{Skill, dev_resolve, Resolutions}; use skill::{Skill, dev_resolve, Resolutions};
use vbox::{vbox_accept, vbox_apply, vbox_discard, vbox_combine, vbox_reclaim, vbox_unequip}; use vbox::{vbox_accept, vbox_apply, vbox_discard, vbox_combine, vbox_reclaim, vbox_unequip};
use net::TOKEN_HEADER; use net::{AUTH_CLEAR, TOKEN_HEADER};
#[derive(Debug,Clone,Serialize,Deserialize)] #[derive(Debug,Clone,Serialize,Deserialize)]
pub enum RpcMessage { pub enum RpcMessage {
@ -289,7 +289,11 @@ impl Handler for Connection {
let res = Response::from_request(req)?; let res = Response::from_request(req)?;
if let Some(cl) = req.header("Cookie") { if let Some(cl) = req.header("Cookie") {
let unauth = || Ok(Response::new(401, "Unauthorized", b"401 - Unauthorized".to_vec())); let unauth = || {
let mut res = Response::new(401, "Unauthorized", b"401 - Unauthorized".to_vec());
res.headers_mut().push(("Set-Cookie".into(), AUTH_CLEAR.into()));
Ok(res)
};
let cookie_list = match str::from_utf8(cl) { let cookie_list = match str::from_utf8(cl) {
Ok(cl) => cl, Ok(cl) => cl,
Err(_) => return unauth(), Err(_) => return unauth(),