Changeset View
Changeset View
Standalone View
Standalone View
services/identity/src/client_service.rs
| Show First 20 Lines • Show All 690 Lines • ▼ Show 20 Lines | ) -> Result<tonic::Response<AuthResponse>, tonic::Status> { | ||||
| let user_id = message.user_id; | let user_id = message.user_id; | ||||
| let device_id = flattened_device_key_upload.device_id_key.clone(); | let device_id = flattened_device_key_upload.device_id_key.clone(); | ||||
| let NonceChallenge { nonce } = | let NonceChallenge { nonce } = | ||||
| challenge_response.verify_and_get_message(&device_id)?; | challenge_response.verify_and_get_message(&device_id)?; | ||||
| self.verify_and_remove_nonce(&nonce).await?; | self.verify_and_remove_nonce(&nonce).await?; | ||||
| let user_identifier = self | |||||
| .client | |||||
| .get_user_identifier(&user_id) | |||||
| .await | |||||
| .map_err(handle_db_error)? | |||||
| .ok_or_else(|| tonic::Status::not_found("user not found"))?; | |||||
| let Some(device_list) = self | let Some(device_list) = self | ||||
| .client | .client | ||||
| .get_current_device_list(&user_id) | .get_current_device_list(&user_id) | ||||
| .await | .await | ||||
| .map_err(handle_db_error)? | .map_err(handle_db_error)? | ||||
| else { | else { | ||||
| warn!("User {} does not have valid device list. Secondary device auth impossible.", user_id); | warn!("User {} does not have valid device list. Secondary device auth impossible.", user_id); | ||||
| return Err(tonic::Status::aborted("device list error")); | return Err(tonic::Status::aborted("device list error")); | ||||
| }; | }; | ||||
| if !device_list.device_ids.contains(&device_id) { | if !device_list.device_ids.contains(&device_id) { | ||||
| return Err(tonic::Status::permission_denied( | return Err(tonic::Status::permission_denied( | ||||
| "device not in device list", | "device not in device list", | ||||
| )); | )); | ||||
| } | } | ||||
| let login_time = chrono::Utc::now(); | let login_time = chrono::Utc::now(); | ||||
| let user_identifier = self | |||||
| .client | |||||
| .get_user_identifier(&user_id) | |||||
| .await | |||||
| .map_err(handle_db_error)?; | |||||
| let token = AccessTokenData::with_created_time( | let token = AccessTokenData::with_created_time( | ||||
| user_id.clone(), | user_id.clone(), | ||||
| device_id, | device_id, | ||||
| login_time, | login_time, | ||||
| user_identifier.into(), | user_identifier.into(), | ||||
| &mut OsRng, | &mut OsRng, | ||||
| ); | ); | ||||
| let access_token = token.access_token.clone(); | let access_token = token.access_token.clone(); | ||||
| ▲ Show 20 Lines • Show All 371 Lines • Show Last 20 Lines | |||||