aboutsummaryrefslogtreecommitdiff
path: root/src/api/identity.rs
diff options
context:
space:
mode:
authorDaniel GarcĂ­a <[email protected]>2024-11-15 11:26:06 +0100
committerGitHub <[email protected]>2024-11-15 11:26:06 +0100
commit548db625615175df8030968212dae617fb20e969 (patch)
tree8f9ce3878429eafb3890adbe053e948cc07c84c4 /src/api/identity.rs
parentf819e6c728dcbf9a3a27fb603c76e8ea7697953d (diff)
parent0d16b38a68c702e7f300a64f9e55d897916ae238 (diff)
downloadvaultwarden-ssh_keys.tar.gz
vaultwarden-ssh_keys.zip
Merge branch 'main' into ssh_keysssh_keys
Diffstat (limited to 'src/api/identity.rs')
-rw-r--r--src/api/identity.rs4
1 files changed, 4 insertions, 0 deletions
diff --git a/src/api/identity.rs b/src/api/identity.rs
index f2618164..445d61fd 100644
--- a/src/api/identity.rs
+++ b/src/api/identity.rs
@@ -190,8 +190,12 @@ async fn _password_login(
)
};
+ let expiration_time = auth_request.creation_date + chrono::Duration::minutes(5);
+ let request_expired = Utc::now().naive_utc() >= expiration_time;
+
if auth_request.user_uuid != user.uuid
|| !auth_request.approved.unwrap_or(false)
+ || request_expired
|| ip.ip.to_string() != auth_request.request_ip
|| !auth_request.check_access_code(password)
{