Auth fixes (#664)

* Auth fixes * destroy flows after use * fix comp err * add bearer err msg
2023-08-04 16:22:15 -07:00 · 2023-08-04 16:22:15 -07:00 · ca0468b8d5
commit ca0468b8d5
parent 039d26feeb
6 changed files with 19 additions and 7 deletions
--- a/src/auth/flows.rs
+++ b/src/auth/flows.rs
@ -1197,6 +1197,7 @@ pub async fn login_from_minecraft(
        access_token: token,
    }) = flow
    {
+        Flow::remove(&login.flow, &redis).await?;
        let provider = AuthProvider::Microsoft;
        let oauth_user = provider.get_user(&token).await?;
        let user_id_opt = provider.get_user_id(&oauth_user.id, &**client).await?;
--- a/src/auth/minecraft/auth.rs
+++ b/src/auth/minecraft/auth.rs
@ -64,6 +64,12 @@ pub async fn route(
        x.value_mut().clone()
    };

+    ws_conn_try!(
+        "Removing login flow" StatusCode::INTERNAL_SERVER_ERROR,
+        Flow::remove(code, &redis).await
+        => ws_conn
+    );
+
    let access_token = ws_conn_try!(
        "OAuth token exchange" StatusCode::INTERNAL_SERVER_ERROR,
        stages::access_token::fetch_token(
@ -122,7 +128,7 @@ pub async fn route(
            let flow = &ws_conn_try!(
                "Error creating microsoft login request flow." StatusCode::INTERNAL_SERVER_ERROR,
                Flow::MicrosoftLogin {
-                    access_token: bearer_token.clone(),
+                    access_token: access_token.access_token.clone(),
                }
                .insert(Duration::hours(1), &redis)
                .await
--- a/src/auth/minecraft/stages/bearer_token.rs
+++ b/src/auth/minecraft/stages/bearer_token.rs
@ -22,6 +22,6 @@ pub async fn fetch_bearer(token: &str, uhs: &str) -> Result<String, Authenticati
        .and_then(serde_json::Value::as_str)
        .map(String::from)
        .ok_or(AuthenticationError::Custom(
-            "Response didn't contain valid bearer token".to_string(),
+            format!("Response didn't contain valid bearer token. body: {body}"),
        ))
 }
--- a/src/main.rs
+++ b/src/main.rs
@ -9,7 +9,6 @@ use crate::ratelimit::memory::{MemoryStore, MemoryStoreActor};
 use crate::ratelimit::middleware::RateLimiter;
 use crate::util::cors::default_cors;
 use crate::util::env::{parse_strings_from_var, parse_var};
-use actix_files::Files;
 use actix_web::{web, App, HttpServer};
 use chrono::{DateTime, Utc};
 use deadpool_redis::{Config, Runtime};
@ -414,10 +413,9 @@ async fn main() -> std::io::Result<()> {
            .app_data(web::Data::new(clickhouse.clone()))
            .app_data(web::Data::new(reader.clone()))
            .app_data(active_sockets.clone())
-            .configure(routes::root_config)
            .configure(routes::v2::config)
            .configure(routes::v3::config)
-            .service(Files::new("/", "assets/"))
+            .configure(routes::root_config)
            .default_service(web::get().wrap(default_cors()).to(routes::not_found))
    })
    .bind(dotenvy::var("BIND_ADDR").unwrap())?
--- a/src/routes/index.rs
+++ b/src/routes/index.rs
@ -1,6 +1,7 @@
-use actix_web::HttpResponse;
+use actix_web::{get, HttpResponse};
 use serde_json::json;

+#[get("/")]
 pub async fn index_get() -> HttpResponse {
    let data = json!({
        "name": "modrinth-labrinth",
--- a/src/routes/mod.rs
+++ b/src/routes/mod.rs
@ -1,5 +1,6 @@
 use crate::file_hosting::FileHostingError;
 use crate::util::cors::default_cors;
+use actix_files::Files;
 use actix_web::http::StatusCode;
 use actix_web::{web, HttpResponse};
 use futures::FutureExt;
@ -15,7 +16,6 @@ mod updates;
 pub use self::not_found::not_found;

 pub fn root_config(cfg: &mut web::ServiceConfig) {
-    cfg.route("", web::get().wrap(default_cors()).to(index::index_get));
    cfg.service(
        web::scope("maven")
            .wrap(default_cors())
@ -39,6 +39,12 @@ pub fn root_config(cfg: &mut web::ServiceConfig) {
            }.boxed_local()
        })
    );
+    cfg.service(
+        web::scope("")
+            .wrap(default_cors())
+            .service(index::index_get)
+            .service(Files::new("/", "assets/")),
+    );
 }

 #[derive(thiserror::Error, Debug)]