axum-login credential-checking and user session creation #29
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
…equiring auth, /organizations/* as requiring auth, and makes /login available for GET and POST
…some user data using an upsert method.
…ks to protect the orrganization routes
jhodapp
added
feature work
…endpoints again until the user logs back in
calebbourg
reviewed
Jan 18, 2024
…lso removes the unnecessary get_login() method in user_session_controller
jhodapp
changed the title
jhodapp
changed the title
jhodapp
commented
Jan 24, 2024
jhodapp
commented
Jan 24, 2024
|
@calebbourg expressed that this looks like a solid enough base to not just use as a PoC but to actually land this code. So the main thing that needs to be done before landing is to update the failing tests so that they're able to work with the login/session system. And perhaps add a new blackbox test or two for the new login/user session endpoints. |
The original intention of initializing an AppState with database_connection being an Option was so that we could call AppState::new prior to having a database connection. I think this new way is fine as well since we are not accessing things like config.database_uri directly outside of the apps top-level main function. This change allows us to remove a bunch of unwrap()s
… redirecting to /
jhodapp
force-pushed
the
experimental_axum_login
branch
2 times, most recently
from
f33c69c
to
218ff4a
Compare
… redirecting to /
jhodapp
force-pushed
the
experimental_axum_login
branch
from
218ff4a
to
79741fc
Compare
jhodapp
changed the title
|
Approving despite CI failure. Issue tracked in #32 |
calebbourg
approved these changes
Feb 9, 2024
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Description
Adds axum-login based credential-checking and user session creation/checking/deletion available at two specific new endpoints:
/login/logoutGitHub Issue: None
Changes
Userentity. Make sure to rerun DB migrations.tower_sessions/sessionsTesting Strategy
curl -v --header "Content-Type: application/x-www-form-urlencoded" --data "username=james.hodapp@gmail.com&password=password1&next=organizations" http://localhost:4000/logincurl -v --header "Cookie: id=<session_id>" --request GET http://localhost:4000/organizationscurl -v --header "Cookie: id=<session_id>" --request GET http://localhost:4000/logoutConcerns