async fn csrf_checker(
mut res: Response<Body>,
req_info: RequestInfo,
) -> Result<Response<Body>, Infallible> {
let mut state = req_info.data::<Config>().unwrap();
let prev_csrf_token: Option<[u8; 64]> = req_info.headers().get("csrf_token").map(|x|x.as_bytes().clone());
let prev_csrf_cookie = req_info.headers().get("csrf_cookie").map(|x|x.as_bytes().clone());
let protect = AesGcmCsrfProtection::from_key(state.csrf_key.as_bytes().try_into().unwrap());
let (csrf_token, csrf_cookie) = protect.generate_token_pair(prev_csrf_token.clone(), 3600).unwrap();
res.headers_mut().insert("csrf_token", HeaderValue::from_static(&csrf_token.b64_string())).unwrap();
res.headers_mut().insert("csrf_cookie", HeaderValue::from_static(&csrf_cookie.b64_string())).unwrap();
if req_info.uri().path().clone() == "/api/csrf" {
//res.headers_mut().insert("csrf_token", )
return Ok(res);
}
if let (Some(prev_csrf_cookie), Some(prev_csrf_token)) = (prev_csrf_cookie, prev_csrf_token) {
let parsed_csrf_cookie = protect.parse_cookie(prev_csrf_cookie);
let parsed_csrf_token = protect.parse_token(prev_csrf_token);
if let (Some(parsed_csrf_cookie), Some(parsed_csrf_token)) = (parsed_csrf_cookie, parsed_csrf_token) { }
protect.verify_token_pair(, )
}
Ok(res)
}