mirror of
https://git.42l.fr/neil/sncf.git
synced 2024-06-15 22:15:00 +02:00
now force login on /admin/<token> route, partial fix for #27
This commit is contained in:
parent
05a15b1680
commit
9612086790
|
@ -149,13 +149,6 @@ pub async fn forward_login(
|
||||||
client: web::Data<Client>,
|
client: web::Data<Client>,
|
||||||
dbpool: web::Data<DbPool>,
|
dbpool: web::Data<DbPool>,
|
||||||
) -> Result<HttpResponse, TrainCrash> {
|
) -> Result<HttpResponse, TrainCrash> {
|
||||||
// if the user is already logged in, redirect to the Forms app
|
|
||||||
if is_logged_in(&req).is_some() {
|
|
||||||
return Ok(web_redir("/apps/forms").await.map_err(|e| {
|
|
||||||
eprintln!("error_redirect (1:/apps/forms/): {}", e);
|
|
||||||
crash(get_lang(&req), "error_redirect")
|
|
||||||
})?);
|
|
||||||
}
|
|
||||||
|
|
||||||
// check if the provided token seems valid. If not, early return.
|
// check if the provided token seems valid. If not, early return.
|
||||||
if !check_token(¶ms.token) {
|
if !check_token(¶ms.token) {
|
||||||
|
@ -177,11 +170,23 @@ pub async fn forward_login(
|
||||||
crash(get_lang(&req), "error_forwardlogin_db_get")
|
crash(get_lang(&req), "error_forwardlogin_db_get")
|
||||||
})?
|
})?
|
||||||
.ok_or_else(|| {
|
.ok_or_else(|| {
|
||||||
debug("Token not found.");
|
debug("error: Token not found.");
|
||||||
crash(get_lang(&req), "error_forwardlogin_notfound")
|
crash(get_lang(&req), "error_forwardlogin_notfound")
|
||||||
})?;
|
})?;
|
||||||
|
|
||||||
// else, try to log the user in with DB data, then redirect.
|
// if the user is already logged in, skip the login process
|
||||||
|
// we don't care if someone edits their cookies, Nextcloud will properly
|
||||||
|
// check them anyway
|
||||||
|
if let Some(nc_username) = is_logged_in(&req) {
|
||||||
|
if nc_username.contains(&format!("nc_username={}", formdata.nc_username)) {
|
||||||
|
return Ok(web_redir("/apps/forms").await.map_err(|e| {
|
||||||
|
eprintln!("error_redirect (1:/apps/forms/): {}", e);
|
||||||
|
crash(get_lang(&req), "error_redirect")
|
||||||
|
})?);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
// try to log the user in with DB data, then redirect.
|
||||||
login(&client, &req, &formdata.nc_username, &formdata.nc_password).await
|
login(&client, &req, &formdata.nc_username, &formdata.nc_password).await
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue