diff options
-rw-r--r-- | Cargo.lock | 2 | ||||
-rw-r--r-- | Cargo.toml | 2 | ||||
-rw-r--r-- | src/handlers/auth.rs | 4 | ||||
-rw-r--r-- | src/main.rs | 6 |
4 files changed, 9 insertions, 5 deletions
@@ -430,8 +430,10 @@ checksum = "94d4706de1b0fa5b132270cddffa8585166037822e260a944fe161acd137ca05" dependencies = [ "aes-gcm", "base64", + "hmac 0.12.1", "percent-encoding", "rand", + "sha2 0.10.2", "subtle", "time 0.3.11", "version_check", @@ -9,7 +9,7 @@ build = "src/build.rs" [dependencies] axum = { version = "0.5.13", features = ["json", "tower-log"] } -axum-extra = { version = "0.3.6", features = ["spa", "cookie", "cookie-private"] } +axum-extra = { version = "0.3.6", features = ["spa", "cookie", "cookie-private", "cookie-signed"] } color-eyre = "0.6.2" hyper = { version = "0.14.20", features = ["full"] } serde = { version = "1.0.139", features = ["derive"] } diff --git a/src/handlers/auth.rs b/src/handlers/auth.rs index 7e2642c..c00fb8d 100644 --- a/src/handlers/auth.rs +++ b/src/handlers/auth.rs @@ -43,7 +43,9 @@ pub async fn login_post(Form(login): Form<LoginForm>, state: Extension<Arc<State .execute(&mut conn) .await?; - let updated_jar = jar.add(Cookie::new("user-id", user.id.clone())); + let updated_jar = jar.add(Cookie::build("user-id", user.id.clone()) + .path("/") + .finish()); Ok((updated_jar, Redirect::to("/"))) } else { diff --git a/src/main.rs b/src/main.rs index acc9f9f..ab03fb3 100644 --- a/src/main.rs +++ b/src/main.rs @@ -9,14 +9,14 @@ use axum::body; use axum::extract::Path; use axum::{error_handling::HandleErrorLayer, routing::get, BoxError, Extension, Router}; use axum::response::{Html, IntoResponse, Response}; -use axum_extra::extract::PrivateCookieJar; +use axum_extra::extract::{PrivateCookieJar, SignedCookieJar}; use axum_extra::extract::cookie::Key; use errors::{StringResult, HtmlResult}; use hyper::StatusCode; use sqlx::{PgPool, postgres::PgPoolOptions}; use tower::ServiceBuilder; use tower_http::trace::TraceLayer; -use tracing::{error, info, debug}; +use tracing::{error, info, debug, trace}; use crate::errors::ServiceError; use tracing_subscriber::prelude::*; use crate::models::DbUser; @@ -117,7 +117,7 @@ async fn index(state: Extension<Arc<State>>, jar: PrivateCookieJar) -> HtmlResul async fn statics(Path(name): Path<String>) -> Result<Response, ServiceError> { for s in templates::statics::STATICS { - debug!("Name: {}\nContents:\n{:?}\n\n", s.name, s.content); + trace!("Name: {}\nContents:\n{:?}\n\n", s.name, s.content); } match templates::statics::StaticFile::get(&name) { |