jackmechem/server-dash-api
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Fix nfc

Browse source
This commit is contained in:
Jack Mechem 2026-05-01 16:19:51 -07:00
parent 56c555d699
commit 05915aae30
1 changed files with 10 additions and 9 deletions
Download patch file Download diff file Expand all files Collapse all files

19
src/auth.rs
View file

@ -32,13 +32,13 @@ const RP_ORIGIN: &str = "https://dashboard.jackmechem.dev";
#[derive(Serialize, Deserialize)] #[derive(Serialize, Deserialize)]
struct StoredCredentials { struct StoredCredentials {
user_id: Uuid, user_id: Uuid,
credentials: Vec<Passkey>, credentials: Vec<SecurityKey>,
} }
pub struct AppState { pub struct AppState {
pub webauthn: Webauthn, pub webauthn: Webauthn,
pending_auth: Mutex<HashMap<String, (PasskeyAuthentication, Instant, String)>>, pending_auth: Mutex<HashMap<String, (SecurityKeyAuthentication, Instant, String)>>,
pending_reg: Mutex<HashMap<String, (PasskeyRegistration, Instant, String, Uuid)>>, pending_reg: Mutex<HashMap<String, (SecurityKeyRegistration, Instant, String, Uuid)>>,
} }
impl AppState { impl AppState {
@ -246,7 +246,7 @@ pub async fn post_login(
let (rcr, auth_state) = match state let (rcr, auth_state) = match state
.webauthn .webauthn
.start_passkey_authentication(&stored.credentials) .start_securitykey_authentication(&stored.credentials)
{ {
Ok(r) => r, Ok(r) => r,
Err(e) => { Err(e) => {
@ -258,7 +258,7 @@ pub async fn post_login(
let session_id = generate_session_id(); let session_id = generate_session_id();
{ {
let mut pending = state.pending_auth.lock().unwrap(); let mut pending = state.pending_auth.lock().unwrap();
pending.retain(|_, (_, created, _)| created.elapsed() < CHALLENGE_TTL); pending.retain(|_, (_, t, _)| t.elapsed() < CHALLENGE_TTL);
pending.insert(session_id.clone(), (auth_state, Instant::now(), username)); pending.insert(session_id.clone(), (auth_state, Instant::now(), username));
} }
@ -294,7 +294,7 @@ pub async fn post_verify(
let auth_result = match state let auth_result = match state
.webauthn .webauthn
.finish_passkey_authentication(&body.credential, &auth_state) .finish_securitykey_authentication(&body.credential, &auth_state)
{ {
Ok(r) => r, Ok(r) => r,
Err(e) => { Err(e) => {
@ -344,7 +344,7 @@ pub async fn post_register_start(
let (ccr, reg_state) = match state let (ccr, reg_state) = match state
.webauthn .webauthn
.start_passkey_registration(user_id, &username, &username, exclude) .start_securitykey_registration(user_id, &username, &username, exclude, None, None)
{ {
Ok(r) => r, Ok(r) => r,
Err(e) => { Err(e) => {
@ -356,7 +356,7 @@ pub async fn post_register_start(
let session_id = generate_session_id(); let session_id = generate_session_id();
{ {
let mut pending = state.pending_reg.lock().unwrap(); let mut pending = state.pending_reg.lock().unwrap();
pending.retain(|_, (_, created, _, _)| created.elapsed() < CHALLENGE_TTL); pending.retain(|_, (_, t, _, _)| t.elapsed() < CHALLENGE_TTL);
pending.insert( pending.insert(
session_id.clone(), session_id.clone(),
(reg_state, Instant::now(), username, user_id), (reg_state, Instant::now(), username, user_id),
@ -395,7 +395,7 @@ pub async fn post_register_finish(
let passkey = match state let passkey = match state
.webauthn .webauthn
.finish_passkey_registration(&body.credential, &reg_state) .finish_securitykey_registration(&body.credential, &reg_state)
{ {
Ok(p) => p, Ok(p) => p,
Err(e) => { Err(e) => {
@ -408,6 +408,7 @@ pub async fn post_register_finish(
user_id, user_id,
credentials: vec![], credentials: vec![],
}); });
stored.credentials.push(passkey); stored.credentials.push(passkey);
if let Err(e) = save_credentials(&username, &stored) { if let Err(e) = save_credentials(&username, &stored) {