From 375fc45f310476a0a49fc48054f6563c8e02e2f6 Mon Sep 17 00:00:00 2001 From: Akshay Date: Sun, 20 Dec 2020 17:48:31 +0530 Subject: fix cookies/cors, more logging --- src/bin/server.rs | 17 ++++++++++++++++- src/handlers/rating.rs | 1 + src/handlers/users.rs | 4 ++++ 3 files changed, 21 insertions(+), 1 deletion(-) (limited to 'src') diff --git a/src/bin/server.rs b/src/bin/server.rs index 5af3135..7c67e4f 100644 --- a/src/bin/server.rs +++ b/src/bin/server.rs @@ -24,9 +24,24 @@ async fn main() -> std::io::Result<()> { .wrap(IdentityService::new( CookieIdentityPolicy::new(&private_key) .name("user-login") + .domain("127.0.0.1") + .path("/") + .same_site(actix_web::cookie::SameSite::None) + .http_only(true) .secure(false), )) - .wrap(Cors::new().supports_credentials().finish()) + .wrap( + Cors::default() + .allowed_origin("http://127.0.0.1:8000") + .allowed_origin("http://localhost:8000") + .allow_any_method() + .allow_any_header(), + ) + .wrap( + middleware::DefaultHeaders::new() + .header("Access-Control-Allow-Credentials", "true") + .header("Access-Control-Expose-Headers", "set-cookie"), + ) .wrap(middleware::Logger::default()) .data(pool.clone()) .service( diff --git a/src/handlers/rating.rs b/src/handlers/rating.rs index 309c2c6..dfbeb3e 100644 --- a/src/handlers/rating.rs +++ b/src/handlers/rating.rs @@ -22,6 +22,7 @@ pub async fn add_rating( pool: web::Data, ) -> impl Responder { info!("Add rating hit: {:?}", rating_details.product_id); + info!("{:?}", cookie.identity()); let conn = pool.get().unwrap(); if let Some(uname) = cookie.identity() { let selected_user = customer diff --git a/src/handlers/users.rs b/src/handlers/users.rs index bff532c..73fca84 100644 --- a/src/handlers/users.rs +++ b/src/handlers/users.rs @@ -57,6 +57,10 @@ pub async fn login( login_details: web::Json, ) -> impl Responder { info!("Login hit"); + if let Some(uname) = cookie.identity() { + info!("Found existing cookie: {:?}", cookie.identity()); + return HttpResponse::Ok().finish(); + } let conn = pool.get().unwrap(); let entered_pass = &login_details.password; let selected_user = customer -- cgit v1.2.3