spacebar/account
6
0
Fork 0
Code Issues 1 Pull requests 7 Projects Releases Packages 1 Wiki Activity Actions

Redo cert request guard

Browse source
This commit is contained in:
red binder 2026-04-27 18:24:37 +02:00
commit c0fdc1445d
2 changed files with 68 additions and 66 deletions
Download patch file Download diff file Expand all files Collapse all files

6
src/nnid/oauth/generate_token.rs
View file

@ -2,7 +2,7 @@
use rocket::{post, FromForm, State};
use rocket::form::Form;
use serde::{Serialize};
use crate::account::account::User;
use crate::account::account::{Auth, DeviceCert, User, link_certificate_to_pid};
use crate::error::{Error, Errors};
use crate::nnid::agreements::{CFIP, EVIL_AGREEMENT_THING};
use crate::nnid::oauth::generate_token::token_type::{AUTH_REFRESH_TOKEN, AUTH_TOKEN};
@ -101,7 +101,7 @@ pub struct TokenRequestReturnData{
}
#[post("/v1/api/oauth20/access_token/generate", data="<data>")]
pub async fn generate_token(pool: &State<Pool>, data: Form<TokenRequestData<'_>>, ip: CFIP) -> Result<Xml<TokenRequestReturnData>, Option<Errors<'static>>>{
pub async fn generate_token(pool: &State<Pool>, data: Form<TokenRequestData<'_>>, ip: CFIP, cert: DeviceCert) -> Result<Xml<TokenRequestReturnData>, Option<Errors<'static>>>{
let pool = pool.inner();
let user = User::get_by_username(data.user_id, pool).await
@ -123,6 +123,8 @@ pub async fn generate_token(pool: &State<Pool>, data: Form<TokenRequestData<'_>>
return Err(Some(ACCOUNT_BANNED_ERRORS));
}
link_certificate_to_pid(&pool, &cert.0, user.pid).await?;
let access_token = TokenReturnData::new(user.pid, pool).await;
Ok(Xml(TokenRequestReturnData{