add: better profile settings mobile ui

add: allow Atto-Grant cookie to act auth token for oauth grants
2025-06-13 10:32:09 -04:00 · 2025-06-13 10:32:09 -04:00 · ca8f510a3a
commit ca8f510a3a
parent 5844d23399
4 changed files with 90 additions and 38 deletions
--- a/crates/app/src/macros.rs
+++ b/crates/app/src/macros.rs
@ -77,7 +77,26 @@ macro_rules! create_dir_if_not_exists {
 #[macro_export]
 macro_rules! get_user_from_token {
    ($jar:ident, $db:expr) => {{
-        if let Some(token) = $jar.get("__Secure-atto-token") {
+        if let Some(token) = $jar.get("Atto-Grant") {
+            // this allows us to ALSO authenticate with a grant token...
+            // TODO: require macro to pass a required AppScope to check permission
+            // TODO: check token verifier
+            match $db
+                .get_user_by_grant_token(&tetratto_shared::hash::hash(
+                    token.to_string().replace("Atto-Grant=", ""),
+                ))
+                .await
+            {
+                Ok((_, ua)) => {
+                    if ua.permissions.check_banned() {
+                        Some(tetratto_core::model::auth::User::banned())
+                    } else {
+                        Some(ua)
+                    }
+                }
+                Err(_) => None,
+            }
+        } else if let Some(token) = $jar.get("__Secure-atto-token") {
            match $db
                .get_user_by_token(&tetratto_shared::hash::hash(
                    token.to_string().replace("__Secure-atto-token=", ""),