update tower_sessions, allow insecure cookies

This commit is contained in:
Joe Ardent 2023-12-30 13:33:14 -08:00
parent c30cf86986
commit 64474c8673
4 changed files with 17 additions and 15 deletions

24
Cargo.lock generated
View file

@ -332,12 +332,13 @@ dependencies = [
[[package]] [[package]]
name = "axum-login" name = "axum-login"
version = "0.10.2" version = "0.11.2"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "61b018d073eea48729e2309c8ecd7198e1eea90e132d99a5e1cc7e952053c8d6" checksum = "6f10f9f96befdaed5ba6668b1d428824ef2ddde2a0d8e3f640b8100c486679fa"
dependencies = [ dependencies = [
"async-trait", "async-trait",
"axum", "axum",
"form_urlencoded",
"ring", "ring",
"serde", "serde",
"thiserror", "thiserror",
@ -2553,9 +2554,9 @@ checksum = "b6bc1c9ce2b5135ac7f93c72918fc37feb872bdc6a5533a8b85eb4b86bfdae52"
[[package]] [[package]]
name = "tower-sessions" name = "tower-sessions"
version = "0.7.0" version = "0.8.2"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "ce23a9827d593712d471a19d3cb1334e57a97e5b34a9f02b4eef2114b7405dcd" checksum = "645170f7fa7975a65ccb4a14ba2271c4df9598afc2755c2bfe05f294cda3a556"
dependencies = [ dependencies = [
"tower-sessions-core", "tower-sessions-core",
"tower-sessions-memory-store", "tower-sessions-memory-store",
@ -2564,9 +2565,9 @@ dependencies = [
[[package]] [[package]]
name = "tower-sessions-core" name = "tower-sessions-core"
version = "0.7.0" version = "0.8.2"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "b1d733b3ae4a6a4cb80cd585e87ffe1a1a7011174581785039c83c4cd63ee61c" checksum = "2f01972091af543726f9a48afb73efcd6b142699f1bc743975c774117db4bba2"
dependencies = [ dependencies = [
"async-trait", "async-trait",
"axum-core", "axum-core",
@ -2577,6 +2578,7 @@ dependencies = [
"serde_json", "serde_json",
"thiserror", "thiserror",
"time 0.3.31", "time 0.3.31",
"tokio",
"tower-cookies", "tower-cookies",
"tower-layer", "tower-layer",
"tower-service", "tower-service",
@ -2586,21 +2588,21 @@ dependencies = [
[[package]] [[package]]
name = "tower-sessions-memory-store" name = "tower-sessions-memory-store"
version = "0.7.0" version = "0.8.2"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "78d855ef8feaef2382c6df2cf4c4b6651dce890019ceaf0ec70c8af2516a1ce9" checksum = "2a09281f8b4d3a847b9479658bafc2dab1224f76f03e877c8eca354ed42fb2c3"
dependencies = [ dependencies = [
"async-trait", "async-trait",
"parking_lot",
"time 0.3.31", "time 0.3.31",
"tokio",
"tower-sessions-core", "tower-sessions-core",
] ]
[[package]] [[package]]
name = "tower-sessions-sqlx-store" name = "tower-sessions-sqlx-store"
version = "0.7.0" version = "0.8.2"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "301af43dd82426f36ac20e3b7217cc350d581e3b4cf1f40118d76d7e533ad51f" checksum = "df50c47fa6b79ebc4c54ca814f087469f47293fb08025b7822597f9a55a39304"
dependencies = [ dependencies = [
"async-trait", "async-trait",
"rmp-serde", "rmp-serde",

View file

@ -16,7 +16,7 @@ async-session = "3"
async-trait = "0.1.74" async-trait = "0.1.74"
axum = { version = "0.7", features = ["macros"] } axum = { version = "0.7", features = ["macros"] }
axum-htmx = "0.5" axum-htmx = "0.5"
axum-login = "0.10" axum-login = "0.11"
axum-macros = "0.4" axum-macros = "0.4"
chrono = { version = "0.4", default-features = false, features = ["std", "clock"] } chrono = { version = "0.4", default-features = false, features = ["std", "clock"] }
clap = { version = "4", features = ["derive", "env", "unicode", "suggestions", "usage"] } clap = { version = "4", features = ["derive", "env", "unicode", "suggestions", "usage"] }
@ -36,7 +36,7 @@ tokio-retry = "0.3"
tokio-stream = "0.1" tokio-stream = "0.1"
tower = { version = "0.4", features = ["util", "timeout"], default-features = false } tower = { version = "0.4", features = ["util", "timeout"], default-features = false }
tower-http = { version = "0.5", features = ["add-extension", "trace", "tracing", "fs"], default-features = false } tower-http = { version = "0.5", features = ["add-extension", "trace", "tracing", "fs"], default-features = false }
tower-sessions = { version = "0.7", default-features = false, features = ["sqlite-store"] } tower-sessions = { version = "0.8", default-features = false, features = ["sqlite-store"] }
tracing = "0.1" tracing = "0.1"
tracing-subscriber = { version = "0.3", features = ["env-filter"] } tracing-subscriber = { version = "0.3", features = ["env-filter"] }
unicode-segmentation = "1" unicode-segmentation = "1"

View file

@ -85,6 +85,6 @@ pub async fn session_layer(pool: SqlitePool) -> SessionManagerLayer<SqliteStore>
.expect("Calling `migrate()` should be reliable, is the DB gone?"); .expect("Calling `migrate()` should be reliable, is the DB gone?");
SessionManagerLayer::new(store) SessionManagerLayer::new(store)
.with_secure(true) .with_secure(false)
.with_expiry(Expiry::OnInactivity(SESSION_TTL)) .with_expiry(Expiry::OnInactivity(SESSION_TTL))
} }

View file

@ -81,7 +81,7 @@ pub async fn get_logout() -> impl IntoResponse {
} }
pub async fn post_logout(mut auth: AuthSession) -> impl IntoResponse { pub async fn post_logout(mut auth: AuthSession) -> impl IntoResponse {
match auth.logout() { match auth.logout().await {
Ok(_) => LogoutSuccessPage.into_response(), Ok(_) => LogoutSuccessPage.into_response(),
Err(e) => { Err(e) => {
tracing::debug!("{e}"); tracing::debug!("{e}");