server/rest.rs: verify auth cookie

2019-01-31 12:22:00 +01:00
parent f484eed3c2
commit b9903d6331
3 changed files with 55 additions and 3 deletions
--- a/src/api2/access.rs
+++ b/src/api2/access.rs
@ -29,7 +29,7 @@ fn create_ticket(
    match authenticate_user(username, password) {
        Ok(_) => {

-            let ticket = assemble_rsa_ticket( private_auth_key(), "PBS", None, None)?;
+            let ticket = assemble_rsa_ticket( private_auth_key(), "PBS", Some(username), None)?;

            let token = assemble_csrf_prevention_token(csrf_secret(), username);