From cf671670a076ae1e31fa28328efc8a0219691138 Mon Sep 17 00:00:00 2001
From: Dietmar Maurer <dietmar@proxmox.com>
Date: Tue, 29 Jan 2019 17:50:03 +0100
Subject: [PATCH] auth_helpers.rs: add timestamp to csrf token

---
 src/auth_helpers.rs | 9 +++++----
 1 file changed, 5 insertions(+), 4 deletions(-)

diff --git a/src/auth_helpers.rs b/src/auth_helpers.rs
index a55010b8..a2657a47 100644
--- a/src/auth_helpers.rs
+++ b/src/auth_helpers.rs
@@ -17,15 +17,16 @@ pub fn assemble_csrf_prevention_token(
     let epoch = std::time::SystemTime::now().duration_since(
         std::time::SystemTime::UNIX_EPOCH).unwrap().as_secs();
 
-    let stamp = format!("{:08X}:{}:", epoch, username);
+    let timestamp = format!("{:08X}", epoch);
 
     let mut hasher = sha::Sha256::new();
-    hasher.update(stamp.as_bytes());
+    let data = format!("{:08X}:{}:", epoch, username);
+    hasher.update(data.as_bytes());
     hasher.update(secret);
 
-    let digest = hasher.finish();
+    let digest = base64::encode_config(&hasher.finish(), base64::STANDARD_NO_PAD);
 
-    base64::encode_config(&digest, base64::STANDARD_NO_PAD)
+    format!("{:08X}:{}", epoch, digest)
 }
 
 pub fn generate_csrf_key() -> Result<(), Error> {