mirror of
https://github.com/nitnelave/lldap.git
synced 2023-04-12 14:25:13 +00:00
server: only add password reset routes if they are enabled
This commit is contained in:
parent
ea498df78b
commit
562ad524c4
@ -677,7 +677,7 @@ pub(crate) fn check_if_token_is_valid<Backend>(
|
|||||||
})
|
})
|
||||||
}
|
}
|
||||||
|
|
||||||
pub fn configure_server<Backend>(cfg: &mut web::ServiceConfig)
|
pub fn configure_server<Backend>(cfg: &mut web::ServiceConfig, enable_password_reset: bool)
|
||||||
where
|
where
|
||||||
Backend: TcpBackendHandler + LoginHandler + OpaqueHandler + BackendHandler + 'static,
|
Backend: TcpBackendHandler + LoginHandler + OpaqueHandler + BackendHandler + 'static,
|
||||||
{
|
{
|
||||||
@ -694,14 +694,6 @@ where
|
|||||||
web::resource("/simple/login").route(web::post().to(simple_login_handler::<Backend>)),
|
web::resource("/simple/login").route(web::post().to(simple_login_handler::<Backend>)),
|
||||||
)
|
)
|
||||||
.service(web::resource("/refresh").route(web::get().to(get_refresh_handler::<Backend>)))
|
.service(web::resource("/refresh").route(web::get().to(get_refresh_handler::<Backend>)))
|
||||||
.service(
|
|
||||||
web::resource("/reset/step1/{user_id}")
|
|
||||||
.route(web::get().to(get_password_reset_step1_handler::<Backend>)),
|
|
||||||
)
|
|
||||||
.service(
|
|
||||||
web::resource("/reset/step2/{token}")
|
|
||||||
.route(web::get().to(get_password_reset_step2_handler::<Backend>)),
|
|
||||||
)
|
|
||||||
.service(web::resource("/logout").route(web::get().to(get_logout_handler::<Backend>)))
|
.service(web::resource("/logout").route(web::get().to(get_logout_handler::<Backend>)))
|
||||||
.service(
|
.service(
|
||||||
web::scope("/opaque/register")
|
web::scope("/opaque/register")
|
||||||
@ -715,4 +707,14 @@ where
|
|||||||
.route(web::post().to(opaque_register_finish_handler::<Backend>)),
|
.route(web::post().to(opaque_register_finish_handler::<Backend>)),
|
||||||
),
|
),
|
||||||
);
|
);
|
||||||
|
if enable_password_reset {
|
||||||
|
cfg.service(
|
||||||
|
web::resource("/reset/step1/{user_id}")
|
||||||
|
.route(web::get().to(get_password_reset_step1_handler::<Backend>)),
|
||||||
|
)
|
||||||
|
.service(
|
||||||
|
web::resource("/reset/step2/{token}")
|
||||||
|
.route(web::get().to(get_password_reset_step2_handler::<Backend>)),
|
||||||
|
);
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
@ -73,6 +73,7 @@ fn http_config<Backend>(
|
|||||||
) where
|
) where
|
||||||
Backend: TcpBackendHandler + BackendHandler + LoginHandler + OpaqueHandler + Sync + 'static,
|
Backend: TcpBackendHandler + BackendHandler + LoginHandler + OpaqueHandler + Sync + 'static,
|
||||||
{
|
{
|
||||||
|
let enable_password_reset = mail_options.enable_password_reset;
|
||||||
cfg.app_data(web::Data::new(AppState::<Backend> {
|
cfg.app_data(web::Data::new(AppState::<Backend> {
|
||||||
backend_handler,
|
backend_handler,
|
||||||
jwt_key: Hmac::new_varkey(jwt_secret.unsecure().as_bytes()).unwrap(),
|
jwt_key: Hmac::new_varkey(jwt_secret.unsecure().as_bytes()).unwrap(),
|
||||||
@ -81,7 +82,10 @@ fn http_config<Backend>(
|
|||||||
mail_options,
|
mail_options,
|
||||||
}))
|
}))
|
||||||
.route("/health", web::get().to(|| HttpResponse::Ok().finish()))
|
.route("/health", web::get().to(|| HttpResponse::Ok().finish()))
|
||||||
.service(web::scope("/auth").configure(auth_service::configure_server::<Backend>))
|
.service(
|
||||||
|
web::scope("/auth")
|
||||||
|
.configure(|cfg| auth_service::configure_server::<Backend>(cfg, enable_password_reset)),
|
||||||
|
)
|
||||||
// API endpoint.
|
// API endpoint.
|
||||||
.service(
|
.service(
|
||||||
web::scope("/api")
|
web::scope("/api")
|
||||||
|
Loading…
Reference in New Issue
Block a user