Arrelin/family_budget
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

mobile update #35

Merged
Arrelin merged 1 commits from bugfix/iro4ka into master 2026-03-10 14:45:19 +03:00
Conversation 0 Commits 1 Files Changed 4 +33 -7
4 changed files with 33 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
backend/Cargo.toml
View File

@@ -28,3 +28,5 @@ rand = "0.9.2"
uuid = { version = "1", features = ["v4"] }
sha2 = "0.10"
hex = "0.4"
tracing = "0.1"
tracing-subscriber = { version = "0.3", features = ["env-filter"] }

7
backend/src/main.rs
View File

@@ -3,6 +3,13 @@ use sea_orm::DbErr;
use sea_orm_migration::prelude::*;
#[tokio::main]
async fn main() -> Result<(), DbErr> {
tracing_subscriber::fmt()
.with_env_filter(
tracing_subscriber::EnvFilter::try_from_default_env()
.unwrap_or_else(|_| "family_budget=debug,info".parse().unwrap()),
)
.init();
let db = establish_connection().await?;
println!("Successfully connected to database!");

19
backend/src/routes/oauth.rs
View File

@@ -9,6 +9,7 @@ use sea_orm::{DatabaseConnection, EntityTrait};
use serde::{Deserialize, Serialize};
use sha2::{Digest, Sha256};
use tower_sessions::Session;
use tracing::{info, warn};
use utoipa::ToSchema;
use crate::auth::AuthBackend;
@@ -116,6 +117,7 @@ pub async fn google_auth(
let nonce = uuid::Uuid::new_v4().to_string();
let mobile_state = make_mobile_csrf_state(&nonce);
let auth_url = oauth_service.get_auth_url_with_state(mobile_state);
info!("mobile google_auth: generated signed state for nonce={}", nonce);
return Ok(Json(OAuthUrlResponse { url: auth_url }));
}
@@ -152,6 +154,7 @@ pub async fn google_callback(
Query(query): Query<GoogleCallbackQuery>,
) -> Result<Response, StatusCode> {
let is_mobile = verify_mobile_csrf_state(&query.state);
info!("google_callback: state={} is_mobile={}", &query.state[..query.state.len().min(20)], is_mobile);
if !is_mobile {
let session_csrf: Option<String> = session
@@ -162,7 +165,10 @@ pub async fn google_callback(
match session_csrf {
Some(csrf) if csrf == query.state => {}
_ => return Err(StatusCode::UNAUTHORIZED),
_ => {
warn!("google_callback: CSRF mismatch, session_csrf={:?}", session_csrf.as_deref().map(|s| &s[..s.len().min(10)]));
return Err(StatusCode::UNAUTHORIZED);
}
}
}
@@ -191,6 +197,7 @@ pub async fn google_callback(
if is_mobile {
let token = make_auth_token(user.id);
info!("google_callback: mobile auth for user_id={}, token_prefix={}", user.id, &token[..token.len().min(20)]);
let deep_link = format!("com.arrelin.family-budget-android://auth?token={}", token);
let html = format!(
r#"<!DOCTYPE html><html><head><meta http-equiv="refresh" content="0;url={0}"></head><body><script>window.location="{0}"</script></body></html>"#,
@@ -231,7 +238,15 @@ pub async fn mobile_callback(
State(db): State<DatabaseConnection>,
Query(query): Query<MobileCallbackQuery>,
) -> Result<Json<serde_json::Value>, StatusCode> {
let user_id = verify_auth_token(&query.token).ok_or(StatusCode::UNAUTHORIZED)?;
info!("mobile_callback: received token_prefix={}", &query.token[..query.token.len().min(20)]);
let user_id = match verify_auth_token(&query.token) {
Some(id) => id,
None => {
warn!("mobile_callback: token verification failed for token={}", &query.token[..query.token.len().min(40)]);
return Err(StatusCode::UNAUTHORIZED);
}
};
info!("mobile_callback: token valid for user_id={}", user_id);
let user = User::find_by_id(user_id)
.one(&db)

10
frontend/src/pages/Login.tsx
View File

@@ -30,18 +30,20 @@ export default function Login() {
try {
token = new URL(url).searchParams.get('token');
} catch {
setError(t('login.error'));
setError(t('login.authError'));
return;
}
if (!token) { setError(t('login.error')); return; }
if (!token) { setError(t('login.authError')); return; }
try {
setLoading(true);
await authApi.mobileCallback(token);
const me = await authApi.me();
setUser(me.data);
} catch {
setError(t('login.error'));
} catch (err: any) {
const status = err?.response?.status;
const msg = err?.response?.data ? JSON.stringify(err.response.data) : err?.message;
setError(`${status ?? 'network'}: ${msg}`);
setLoading(false);
}
});