1  use serde::{Deserialize, Serialize};
 2  use time::serde::timestamp;
 3  use time::{Duration, OffsetDateTime};
 4  
 5  use radicle::crypto::PublicKey;
 6  use radicle::node::Alias;
 7  
 8  use crate::api::error::Error;
 9  use crate::api::Context;
10  
11  pub const UNAUTHORIZED_SESSIONS_EXPIRATION: Duration = Duration::seconds(60);
12  pub const AUTHORIZED_SESSIONS_EXPIRATION: Duration = Duration::weeks(1);
13  
14  #[derive(Clone, Debug, Deserialize, Serialize, PartialEq)]
15  #[serde(rename_all = "lowercase")]
16  pub enum AuthState {
17      Authorized,
18      Unauthorized,
19  }
20  
21  #[derive(Clone, Deserialize)]
22  #[serde(rename_all = "camelCase")]
23  pub struct Session {
24      pub status: AuthState,
25      pub public_key: PublicKey,
26      pub alias: Alias,
27      #[serde(with = "timestamp")]
28      pub issued_at: OffsetDateTime,
29      #[serde(with = "timestamp")]
30      pub expires_at: OffsetDateTime,
31  }
32  
33  pub async fn validate(ctx: &Context, token: &str) -> Result<(), Error> {
34      let sessions_store = ctx.sessions.read().await;
35      let session = sessions_store
36          .get(token)
37          .ok_or(Error::Auth("Unauthorized"))?;
38  
39      if session.status != AuthState::Authorized || session.expires_at <= OffsetDateTime::now_utc() {
40          return Err(Error::Auth("Unauthorized"));
41      }
42  
43      Ok(())
44  }