server: only add password reset routes if they are enabled

This commit is contained in:
Valentin Tolmer 2023-02-13 18:56:39 +01:00 committed by nitnelave
parent ea498df78b
commit 562ad524c4
2 changed files with 16 additions and 10 deletions

View File

@ -677,7 +677,7 @@ pub(crate) fn check_if_token_is_valid<Backend>(
})
}
pub fn configure_server<Backend>(cfg: &mut web::ServiceConfig)
pub fn configure_server<Backend>(cfg: &mut web::ServiceConfig, enable_password_reset: bool)
where
Backend: TcpBackendHandler + LoginHandler + OpaqueHandler + BackendHandler + 'static,
{
@ -694,14 +694,6 @@ where
web::resource("/simple/login").route(web::post().to(simple_login_handler::<Backend>)),
)
.service(web::resource("/refresh").route(web::get().to(get_refresh_handler::<Backend>)))
.service(
web::resource("/reset/step1/{user_id}")
.route(web::get().to(get_password_reset_step1_handler::<Backend>)),
)
.service(
web::resource("/reset/step2/{token}")
.route(web::get().to(get_password_reset_step2_handler::<Backend>)),
)
.service(web::resource("/logout").route(web::get().to(get_logout_handler::<Backend>)))
.service(
web::scope("/opaque/register")
@ -715,4 +707,14 @@ where
.route(web::post().to(opaque_register_finish_handler::<Backend>)),
),
);
if enable_password_reset {
cfg.service(
web::resource("/reset/step1/{user_id}")
.route(web::get().to(get_password_reset_step1_handler::<Backend>)),
)
.service(
web::resource("/reset/step2/{token}")
.route(web::get().to(get_password_reset_step2_handler::<Backend>)),
);
}
}

View File

@ -73,6 +73,7 @@ fn http_config<Backend>(
) where
Backend: TcpBackendHandler + BackendHandler + LoginHandler + OpaqueHandler + Sync + 'static,
{
let enable_password_reset = mail_options.enable_password_reset;
cfg.app_data(web::Data::new(AppState::<Backend> {
backend_handler,
jwt_key: Hmac::new_varkey(jwt_secret.unsecure().as_bytes()).unwrap(),
@ -81,7 +82,10 @@ fn http_config<Backend>(
mail_options,
}))
.route("/health", web::get().to(|| HttpResponse::Ok().finish()))
.service(web::scope("/auth").configure(auth_service::configure_server::<Backend>))
.service(
web::scope("/auth")
.configure(|cfg| auth_service::configure_server::<Backend>(cfg, enable_password_reset)),
)
// API endpoint.
.service(
web::scope("/api")