ZhenYi/gitdataai
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity

fix(auth): use explicit user_uid in login flow instead of context.user()
Some checks are pending
CI / Rust Lint & Check (push) Waiting to run
Details
CI / Rust Tests (push) Waiting to run
Details
CI / Frontend Lint & Type Check (push) Waiting to run
Details
CI / Frontend Build (push) Blocked by required conditions
Details

Browse Source 
The login function calls auth_2fa_status before set_user(user.uid), so
context.user() returns None and causes Unauthorized error on subsequent
logins after logout. Extracts auth_2fa_status_by_uid as an internal
helper accepting a Uuid, preserving the context-based wrapper for API
endpoints that require an authenticated user.
This commit is contained in:
ZhenYi 2026-04-19 00:03:18 +08:00
parent 2a2600859f
commit b693bd6beb
2 changed files with 13 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
libs/service/auth/login.rs
View File

@ -60,7 +60,7 @@ impl AppService {
return Err(AppError::InvalidTwoFactorCode); return Err(AppError::InvalidTwoFactorCode);
} }
} }
} else if !self.auth_2fa_status(&context).await?.is_enabled { } else if !self.auth_2fa_status_by_uid(user.uid).await?.is_enabled {
let user_uid = user.uid; let user_uid = user.uid;
let mut rng = rand::rng(); let mut rng = rand::rng();
let mut sha = sha1::Sha1::default(); let mut sha = sha1::Sha1::default();

16
libs/service/auth/totp.rs
View File

@ -216,12 +216,11 @@ impl AppService {
Ok(false) Ok(false)
} }
pub async fn auth_2fa_status( /// Look up 2FA status by explicit user_uid. Used in login flow where session.user is not set yet.
pub async fn auth_2fa_status_by_uid(
&self, &self,
context: &Session, user_uid: Uuid,
) -> Result<Get2FAStatusResponse, AppError> { ) -> Result<Get2FAStatusResponse, AppError> {
let user_uid = context.user().ok_or(AppError::Unauthorized)?;
let two_fa = user_2fa::Entity::find_by_id(user_uid).one(&self.db).await?; let two_fa = user_2fa::Entity::find_by_id(user_uid).one(&self.db).await?;
match two_fa { match two_fa {
@ -242,6 +241,15 @@ impl AppService {
} }
} }
/// Look up 2FA status from session context (requires authenticated user).
pub async fn auth_2fa_status(
&self,
context: &Session,
) -> Result<Get2FAStatusResponse, AppError> {
let user_uid = context.user().ok_or(AppError::Unauthorized)?;
self.auth_2fa_status_by_uid(user_uid).await
}
pub async fn auth_2fa_verify_login( pub async fn auth_2fa_verify_login(
&self, &self,
context: &Session, context: &Session,