From 06f10d659bfdc969b857cd22b9872b1090ca6efc Mon Sep 17 00:00:00 2001
From: Emil Monrad Laursen <emla21@student.aau.dk>
Date: Tue, 14 Nov 2023 09:39:48 +0100
Subject: [PATCH] Adds documentation for multiple auth methods

---
 src/api/auth.rs | 10 +++++++++-
 1 file changed, 9 insertions(+), 1 deletion(-)

diff --git a/src/api/auth.rs b/src/api/auth.rs
index 5fcab01..cb63a95 100644
--- a/src/api/auth.rs
+++ b/src/api/auth.rs
@@ -14,6 +14,8 @@ pub struct Claims {
     exp: usize,
 }
 
+/// This method is used to create a new access token based on the uid.
+/// The token is valid for 20 minutes.
 pub fn create_access_token(uid: &str) -> Result<String, Error> {
     let secret = env::var("ACCESS_TOKEN_HS512_SECRET")
         .expect("Expected ACCESS_TOKEN_HS512_SECRET to be set.");
@@ -37,6 +39,8 @@ pub fn create_access_token(uid: &str) -> Result<String, Error> {
     .map_err(|_| ErrorKind::InvalidToken.into())
 }
 
+/// This method is used to create a new refresh token based on the uid.
+/// The token is valid for 90 days.
 pub fn create_refresh_token(uid: &str) -> Result<String, Error> {
     let secret = env::var("REFRESH_TOKEN_HS512_SECRET")
         .expect("Expected REFRESH_TOKEN_HS512_SECRET to be set.");
@@ -60,6 +64,7 @@ pub fn create_refresh_token(uid: &str) -> Result<String, Error> {
     .map_err(|_| ErrorKind::InvalidToken.into())
 }
 
+/// This method is used to validate the access token (not refresh).
 pub fn validation_interceptor(mut req: Request<()>) -> Result<Request<()>, Status> {
     let token = match get_token_from_request(&req) {
         Ok(token) => token,
@@ -78,6 +83,7 @@ pub fn validation_interceptor(mut req: Request<()>) -> Result<Request<()>, Statu
     }
 }
 
+/// This method is used to get a token (access or refresh) from the request metadata.
 pub fn get_token_from_request<T>(req: &Request<T>) -> Result<String, Status> {
     let token = match req.metadata().get("authorization") {
         Some(token) => token.to_str(),
@@ -93,6 +99,8 @@ pub fn get_token_from_request<T>(req: &Request<T>) -> Result<String, Status> {
     }
 }
 
+/// This method is used to validate a token (access or refresh).
+/// It returns the token data if the token is valid.
 pub fn validate_token(token: String, is_refresh_token: bool) -> Result<TokenData<Claims>, Status> {
     let secret: String;
 
@@ -104,7 +112,7 @@ pub fn validate_token(token: String, is_refresh_token: bool) -> Result<TokenData
 
     let mut validation = Validation::new(Algorithm::HS512);
 
-    validation.validate_exp = true;
+    validation.validate_exp = true; // This might be redundant as this should be defualt, however, it doesn't seem to work without it.
 
     match decode::<Claims>(
         &token,