diff options
Diffstat (limited to 'server/src/auth.rs')
| -rw-r--r-- | server/src/auth.rs | 42 |
1 files changed, 23 insertions, 19 deletions
diff --git a/server/src/auth.rs b/server/src/auth.rs index 4889f78..1b7ea89 100644 --- a/server/src/auth.rs +++ b/server/src/auth.rs @@ -74,7 +74,7 @@ struct LdapState { #[derive(Debug, Deserialize, Serialize)] pub struct Session { - pub user_id: u64, + pub user_id: String, session_id: u32, remote: String, } @@ -142,7 +142,7 @@ impl<'r> FromRequest<'r> for Session { fn new_session( sessions: &State<Sessions>, - user_id: u64, + user_id: String, remote: String, max_age: Duration, ) -> Session { @@ -209,17 +209,21 @@ async fn login( mut db: Connection<Db>, login: Form<Login<'_>>, ) -> Result<Json<api_model::StatusResponse>, Unauthorized<&'static str>> { - let (user_id, maybe_dn) = - sqlx::query!("SELECT id,dn FROM users WHERE username=?", login.username) - .fetch_one(&mut **db) - .map_ok(|r| (r.id, r.dn)) - .map_err(|_| Unauthorized("Unknown username or password")) - .await?; + let maybe_dn = sqlx::query!("SELECT dn FROM users WHERE id=?", login.username) + .fetch_one(&mut **db) + .map_ok(|r| r.dn) + .map_err(|_| Unauthorized("Unknown username or password")) + .await?; if let Some(dn) = maybe_dn { if authenticate(ldap_state, dn.as_str(), login.password).await { let max_age = Duration::days(i64::from(auth_config.session_max_age_days)); - let session = new_session(sessions, user_id, ipaddr.to_string(), max_age); + let session = new_session( + sessions, + login.username.to_string(), + ipaddr.to_string(), + max_age, + ); let cookie = Cookie::build((SESSION_COOKIE, json::to_string(&session).unwrap())) .path("/api") @@ -331,16 +335,16 @@ async fn sync_ldap( // TODO: Insert/Update name as well as dn. - let db_users = sqlx::query!("SELECT id,username,dn FROM users ORDER BY username") + let db_users = sqlx::query!("SELECT id,dn FROM users ORDER BY id") .fetch(&mut *tx) - .map_ok(|r| (r.id, r.username, r.dn)) + .map_ok(|r| (r.id, r.dn)) .try_collect::<Vec<_>>() .await .unwrap(); let mut new_users: Vec<(String, String)> = Vec::new(); - let mut updated_users: Vec<(u64, String)> = Vec::new(); - let mut old_users: Vec<u64> = Vec::new(); + let mut updated_users: Vec<(String, String)> = Vec::new(); + let mut old_users: Vec<String> = Vec::new(); let mut db_user = db_users.iter().peekable(); @@ -349,16 +353,16 @@ async fn sync_ldap( let uid = se.attrs.get("uid").unwrap().first().unwrap(); loop { if let Some(du) = db_user.peek() { - match du.1.cmp(uid) { + match du.0.cmp(uid) { Ordering::Equal => { - if du.2.as_ref().is_none_or(|x| *x != se.dn) { - updated_users.push((du.0, se.dn)); + if du.1.as_ref().is_none_or(|x| *x != se.dn) { + updated_users.push((du.0.clone(), se.dn)); } db_user.next(); break; } Ordering::Less => { - old_users.push(du.0); + old_users.push(du.0.clone()); db_user.next(); continue; } @@ -372,7 +376,7 @@ async fn sync_ldap( if !new_users.is_empty() { let mut query_builder: sqlx::QueryBuilder<sqlx::MySql> = - sqlx::QueryBuilder::new("INSERT INTO users (username,dn) VALUES"); + sqlx::QueryBuilder::new("INSERT INTO users (id,dn) VALUES"); let mut first = true; for pair in new_users { @@ -443,7 +447,7 @@ async fn run_import(rocket: Rocket<Build>) -> fairing::Result { async fn run_import(rocket: Rocket<Build>) -> fairing::Result { match Db::fetch(&rocket) { Some(db) => match sqlx::query!( - "INSERT IGNORE INTO users (username,dn) VALUES (?,?), (?,?)", + "INSERT IGNORE INTO users (id,dn) VALUES (?,?), (?,?)", "user", "user", "other", |