Environment Variables

Left over changes
2026-05-21 15:45:15 -07:00 · 2026-05-21 15:28:15 -07:00
2 changed files with 25 additions and 14 deletions
--- a/flake.nix
+++ b/flake.nix
@ -142,6 +142,8 @@
                                Environment = [
                                    "RUST_LOG=info"
                                    "SSL_CERT_FILE=${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt"
                                    "TAPO_USERNAME=mechemjack@gmail.com"
                                    "TAPO_PASSWORD=Jackkcaj123$"
                                ];
                                AmbientCapabilities = [ "CAP_DAC_READ_SEARCH" ];
                                CapabilityBoundingSet = [ "CAP_DAC_READ_SEARCH" ];
--- a/src/auth.rs
+++ b/src/auth.rs
@ -244,6 +244,8 @@ pub async fn post_login(
        }
    };
    println!("Authentication: {} credential(s) found for {}", stored.credentials.len(), username);
    let (rcr, auth_state) = match state
        .webauthn
        .start_securitykey_authentication(&stored.credentials)
@ -332,19 +334,11 @@ pub async fn post_register_start(
        return (StatusCode::UNAUTHORIZED, "Invalid credentials").into_response();
    }
-    let stored = load_credentials(&username);
+    let user_id = Uuid::new_v4();
    let user_id = stored.as_ref().map(|s| s.user_id).unwrap_or_else(Uuid::new_v4);
    let exclude: Option<Vec<CredentialID>> = stored.as_ref().map(|s| {
        s.credentials
            .iter()
            .map(|c| c.cred_id().clone())
            .collect()
    });
    let (ccr, reg_state) = match state
        .webauthn
-        .start_securitykey_registration(user_id, &username, &username, exclude, None, None)
+        .start_securitykey_registration(user_id, &username, &username, None, None, None)
    {
        Ok(r) => r,
        Err(e) => {
@ -404,12 +398,27 @@ pub async fn post_register_finish(
        }
    };
-    let mut stored = load_credentials(&username).unwrap_or(StoredCredentials {
+    let path = std::path::PathBuf::from(CREDENTIAL_DIR).join(format!("{}.json", username));
    let mut stored = if path.exists() {
        match load_credentials(&username) {
            Some(s) => {
                println!("Loaded {} existing credential(s) for {}", s.credentials.len(), username);
                s
            }
            None => {
                println!("ERROR: credential file exists for {} but could not be parsed — refusing to overwrite", username);
                return (StatusCode::INTERNAL_SERVER_ERROR, "Failed to read existing credentials").into_response();
            }
        }
    } else {
        StoredCredentials {
            user_id,
            credentials: vec![],
-    });
+        }
    };
    stored.credentials.push(passkey);
    println!("Saving {} credential(s) for {}", stored.credentials.len(), username);
    if let Err(e) = save_credentials(&username, &stored) {
        println!("Failed to save credentials: {}", e);
Author	SHA1	Message	Date
Jack Mechem	6012d432c8	Environment Variables	2026-05-21 15:45:15 -07:00
Jack Mechem	18ff7a1744	Left over changes	2026-05-21 15:28:15 -07:00