Skip to content

Commit

Permalink
vingo: use env vars for zauth auth
Browse files Browse the repository at this point in the history
  • Loading branch information
hannes-dev committed Oct 4, 2024
1 parent a6ee476 commit 1269ecd
Show file tree
Hide file tree
Showing 2 changed files with 13 additions and 2 deletions.
3 changes: 3 additions & 0 deletions vingo/dev.env
Original file line number Diff line number Diff line change
Expand Up @@ -5,3 +5,6 @@ POSTGRES_CONNECTION_STRING="postgres://postgres:[email protected]/zess?s
ZAUTH_URL="https://zauth.zeus.gent/"
ZAUTH_CALLBACK_PATH="http://localhost:4000/api/auth/callback"
FRONTEND_URL="http://localhost:5173/"

ZAUTH_CLIENT_ID="tomtest"
ZAUTH_CLIENT_SECRET="blargh"
12 changes: 10 additions & 2 deletions vingo/src/routes/auth.rs
Original file line number Diff line number Diff line change
Expand Up @@ -25,6 +25,10 @@ const CALLBACK_URL: LazyLock<String> =
LazyLock::new(|| env::var("ZAUTH_CALLBACK_PATH").expect("ZAUTH_CALLBACK_PATH not present"));
const FRONTEND_URL: LazyLock<String> =
LazyLock::new(|| env::var("FRONTEND_URL").expect("FRONTEND_URL not present"));
const ZAUTH_CLIENT_ID: LazyLock<String> =
LazyLock::new(|| env::var("ZAUTH_CLIENT_ID").expect("ZAUTH_CLIENT_ID not present"));
const ZAUTH_CLIENT_SECRET: LazyLock<String> =
LazyLock::new(|| env::var("ZAUTH_CLIENT_SECRET").expect("ZAUTH_CLIENT_SECRET not present"));

pub async fn current_user(session: Session) -> ResponseResult<Json<Model>> {
let user = get_user(&session).await?;
Expand All @@ -41,7 +45,8 @@ pub async fn login(session: Session) -> ResponseResult<Redirect> {
// redirect to zauth to authenticate
let zauth_url = ZAUTH_URL.to_string();
let callback_url = CALLBACK_URL.to_string();
Ok(Redirect::to(&format!("{zauth_url}/oauth/authorize?client_id=tomtest&response_type=code&state={state}&redirect_uri={callback_url}")))
let zauth_client_id = ZAUTH_CLIENT_ID.to_string();
Ok(Redirect::to(&format!("{zauth_url}/oauth/authorize?client_id={zauth_client_id}&response_type=code&state={state}&redirect_uri={callback_url}")))
}

pub async fn logout(session: Session) -> ResponseResult<Json<bool>> {
Expand Down Expand Up @@ -94,7 +99,10 @@ pub async fn callback(
// get token from zauth with code
let token = client
.post(&format!("{zauth_url}/oauth/token"))
.basic_auth("tomtest", Some("blargh"))
.basic_auth(
ZAUTH_CLIENT_ID.to_string(),
Some(ZAUTH_CLIENT_SECRET.to_string()),
)
.form(&form)
.send()
.await
Expand Down

0 comments on commit 1269ecd

Please sign in to comment.