From 1d103ea31207655fbc82246463bff44e11105007 Mon Sep 17 00:00:00 2001 From: Lennart <18233294+lennart-k@users.noreply.github.com> Date: Sun, 9 Feb 2025 17:28:15 +0100 Subject: [PATCH] user: Add name to app token --- README.md | 2 +- crates/store/src/auth/toml_user_store.rs | 2 +- crates/store/src/auth/user.rs | 8 +++++++- 3 files changed, 9 insertions(+), 3 deletions(-) diff --git a/README.md b/README.md index a1a60d1..4376cf7 100644 --- a/README.md +++ b/README.md @@ -55,7 +55,7 @@ id = "user" displayname = "User" password = "$argon2id$......." app_tokens = [ - "$pbkdf2-sha256$........" + {name = "Token", token = "$pbkdf2-sha256$........"}, ] memberships = ["group:amazing_group"] diff --git a/crates/store/src/auth/toml_user_store.rs b/crates/store/src/auth/toml_user_store.rs index b3004f8..e849b4a 100644 --- a/crates/store/src/auth/toml_user_store.rs +++ b/crates/store/src/auth/toml_user_store.rs @@ -54,7 +54,7 @@ impl AuthenticationProvider for TomlPrincipalStore { // Try app tokens first since they are cheaper to calculate // They can afford less iterations since they can be generated with high entropy for app_token in &user.app_tokens { - if password_auth::verify_password(token, app_token).is_ok() { + if password_auth::verify_password(token, &app_token.token).is_ok() { return Ok(Some(user)); } } diff --git a/crates/store/src/auth/user.rs b/crates/store/src/auth/user.rs index 4ee773e..cde05f2 100644 --- a/crates/store/src/auth/user.rs +++ b/crates/store/src/auth/user.rs @@ -34,6 +34,12 @@ impl ValueSerialize for PrincipalType { } } +#[derive(Debug, Clone, Deserialize, Serialize)] +pub struct AppToken { + pub name: String, + pub token: String, +} + #[derive(Debug, Clone, Deserialize, Serialize)] #[serde(deny_unknown_fields)] // TODO: Rename this to Principal @@ -44,7 +50,7 @@ pub struct User { pub principal_type: PrincipalType, pub password: Option, #[serde(default)] - pub app_tokens: Vec, + pub app_tokens: Vec, #[serde(default)] pub memberships: Vec, }