diff --git a/Cargo.lock b/Cargo.lock
index 8211a674977be47b2e3fbd91bc44b01991e7606d..873731d12418a70493769103ca8607748a0861d9 100644
--- a/Cargo.lock
+++ b/Cargo.lock
@@ -1283,6 +1283,7 @@ dependencies = [
"rustls 0.18.1",
"serde",
"serde_json",
+ "time 0.2.27",
"tokio",
"wither",
]
diff --git a/Cargo.toml b/Cargo.toml
index bd2a48e17e7360773d9478c23be401ff96576261..263edf058c92f7c0470ddc047ec57de062376369 100644
--- a/Cargo.toml
+++ b/Cargo.toml
@@ -2,23 +2,24 @@
name = "kuadrado_server"
version = "2.0.2"
authors = ["Pierre Jarriges <pierre.jarriges@tutanota.com>"]
-edition = "2018"
+edition = "2021"
license-file = "LICENSE"
# See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html
[dependencies]
-actix-web = { version = "3", features=["rustls"] }
+actix-web = { version = "3", features = ["rustls"] }
actix-web-middleware-redirect-https = "3.0.1"
-rustls="0.18.1"
-actix-files="0.5"
-futures="0.3.17"
-serde="1"
-serde_json="1"
-wither="0.9"
-magic-crypt="3.1.9"
-env_logger="0.9"
-chrono="0.4"
-rand="0.8"
-dotenv="0.15"
-tokio = { version = "0.2", features = ["full"] }
\ No newline at end of file
+rustls = "0.18.1"
+actix-files = "0.5"
+futures = "0.3.17"
+serde = "1"
+serde_json = "1"
+wither = "0.9"
+magic-crypt = "3.1.9"
+env_logger = "0.9"
+chrono = "0.4"
+rand = "0.8"
+dotenv = "0.15"
+time = "0.2.7"
+tokio = { version = "0.2", features = ["full"] }
diff --git a/Dockerfile b/Dockerfile
index 0fd99f773d2e9d9fb08fa5a056627d636302e6d8..b79ad1ca80187bab7fd252f4cb6006c15455463e 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,4 +1,4 @@
-FROM kuadsoft/rust-openssl:latest as builder
+FROM kuadsoft/rust-openssl:bullseye-slim as builder
WORKDIR /usr/src/kuadrado_server
COPY ./Cargo.toml ./Cargo.toml
@@ -6,6 +6,6 @@ COPY ./Cargo.lock ./Cargo.lock
COPY ./src ./src
RUN cargo install --locked --path .
-FROM kuadsoft/debian-openssl:buster-slim
+FROM kuadsoft/debian-openssl:bullseye-slim
COPY --from=builder /usr/local/cargo/bin/kuadrado_server /usr/local/bin/kuadrado_server
CMD ["kuadrado_server"]
\ No newline at end of file
diff --git a/dev.Dockerfile b/dev.Dockerfile
index ceb3f31715b343c3f0cfa92ca4e0be3c2c51f4aa..1adaa0f66ef36e3845a3bb73860e1e366f0379d9 100644
--- a/dev.Dockerfile
+++ b/dev.Dockerfile
@@ -1,4 +1,4 @@
-FROM kuadsoft/rust-openssl:latest
+FROM kuadsoft/rust-openssl:bullseye-slim
WORKDIR /usr/src/kuadrado_server
COPY ./Cargo.toml ./Cargo.toml
COPY ./Cargo.lock ./Cargo.lock
diff --git a/src/middleware.rs b/src/middleware.rs
index 1dde054b02d777b3c567627416f2001192bd3e19..ebd8b8758a66ae34f37f555934834259c2898ddb 100644
--- a/src/middleware.rs
+++ b/src/middleware.rs
@@ -8,14 +8,15 @@ use wither::{bson::doc, prelude::Model};
/// Returns a Secure actix_web::http::Cookie.
pub fn get_auth_cookie(name: &'static str, value: String) -> Cookie<'static> {
Cookie::build(name, value)
- .secure(true)
+ .path("/")
.http_only(true)
+ .max_age(time::Duration::days(7))
.same_site(SameSite::Strict)
- .path("/")
+ .secure(true)
.finish()
}
-/// This is not a real middleware as it is meant to be executed only after having processed the request and not before.
+/// This is not an actual middleware as it is meant to be executed in the endpoint service to perform a simple verification.
/// It must be registered in the actix App instance with app_data.
/// ```
/// App::new()
diff --git a/src/view_resource.rs b/src/view_resource.rs
index 8b53b495d62b7a12db6678c7c8c75cb45fd2fc05..0678220a212fa65d82cfdcc0d9116dfe4ae2df95 100644
--- a/src/view_resource.rs
+++ b/src/view_resource.rs
@@ -133,7 +133,6 @@ impl ViewResourceManager {
} else {
return HttpResponse::Ok()
.content_type("text/html")
- .cookie(auth_cookie.unwrap())
.body(&res.string_contents);
}
}