Some more authrequest changes

author: Daniel García <[email protected]> 2024-11-12 20:04:46 +0100
committer: Daniel García <[email protected]> 2024-11-12 20:12:55 +0100
commit: 71eaddf1bd45957431bf342b979e8d3235ae2ccc (patch)
tree: ca1d26cd5b85ad9f0dc49c5a765e591003939b1a /src/api/identity.rs
parent: e927b8aa5ec8f0352bfb2ff95a996a89389959ff (diff)
download: vaultwarden-71eaddf1bd45957431bf342b979e8d3235ae2ccc.tar.gz
vaultwarden-71eaddf1bd45957431bf342b979e8d3235ae2ccc.zip
1 files changed, 4 insertions, 0 deletions
diff --git a/src/api/identity.rs b/src/api/identity.rs
index f2618164..445d61fd 100644
--- a/src/api/identity.rs
+++ b/src/api/identity.rs
@@ -190,8 +190,12 @@ async fn _password_login(
             )
         };
 
+        let expiration_time = auth_request.creation_date + chrono::Duration::minutes(5);
+        let request_expired = Utc::now().naive_utc() >= expiration_time;
+
         if auth_request.user_uuid != user.uuid
             || !auth_request.approved.unwrap_or(false)
+            || request_expired
             || ip.ip.to_string() != auth_request.request_ip
             || !auth_request.check_access_code(password)
         {
author	Daniel García <[email protected]>	2024-11-12 20:04:46 +0100
committer	Daniel García <[email protected]>	2024-11-12 20:12:55 +0100
commit	71eaddf1bd45957431bf342b979e8d3235ae2ccc (patch)
tree	ca1d26cd5b85ad9f0dc49c5a765e591003939b1a /src/api/identity.rs
parent	e927b8aa5ec8f0352bfb2ff95a996a89389959ff (diff)
download	vaultwarden-71eaddf1bd45957431bf342b979e8d3235ae2ccc.tar.gz vaultwarden-71eaddf1bd45957431bf342b979e8d3235ae2ccc.zip