fuckwit/neo
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

fix registering when clients dont use UIAA
All checks were successful
continuous-integration/drone/push Build is passing
Details

Browse Source
This commit is contained in:
Patrick Michl
2022-06-26 22:45:05 +02:00
parent 29093c51e3
commit 8ada363a92
6 changed files with 331 additions and 45 deletions
Download Patch File Download Diff File Expand all files Collapse all files

80
src/api/client_server/r0/auth.rs
View File

@ -14,6 +14,7 @@ use crate::{
},
models::{devices::Device, sessions::Session, users::User},
ruma_wrapper::{RumaRequest, RumaResponse},
types::user_id::UserId,
Config,
};
@ -40,6 +41,7 @@ async fn get_login() -> Result<RumaResponse<session::get_login_types::v3::Respon
#[tracing::instrument(skip_all)]
async fn post_login(
Extension(config): Extension<Arc<Config>>,
Extension(db): Extension<SqlitePool>,
RumaRequest(req): RumaRequest<session::login::v3::IncomingRequest>,
) -> Result<RumaResponse<session::login::v3::Response>, ApiError> {
@ -51,16 +53,18 @@ async fn post_login(
let user_id = if let IncomingUserIdentifier::UserIdOrLocalpart(user_id) =
incoming_password.identifier
{
ruma::UserId::parse(user_id).map_err(|e| anyhow::anyhow!(e))?
let user_id = UserId::new(&user_id, config.server_name())?;
ruma::UserId::parse(user_id.to_string())
.map_err(|_| AuthenticationError::InvalidUserId)?
} else {
return Err(AuthenticationError::InvalidUserId.into())
return Err(AuthenticationError::InvalidUserId.into());
};
let db_user = User::find_by_user_id(&db, user_id.as_str()).await?;
db_user
.password_correct(&password)
.ok()
.ok_or(AuthenticationError::Forbidden)?;
.map_err(|_| AuthenticationError::Forbidden)?;
let device = if let Some(device_id) = req.device_id {
Device::find_for_user(&db, &db_user, device_id.as_str()).await?
@ -81,7 +85,7 @@ async fn post_login(
ruma::OwnedDeviceId::from(device.device_id),
);
return Ok(RumaResponse(response));
Ok(RumaResponse(response))
}
_ => todo!(),
}
@ -94,11 +98,14 @@ async fn get_username_available(
Query(params): Query<HashMap<String, String>>,
) -> Result<RumaResponse<account::get_username_availability::v3::Response>, ApiError> {
use account::get_username_availability::v3::*;
tracing::debug!("username_available hit");
let username = params
.get("username")
.ok_or(RegistrationError::MissingUserId)?;
let user_id = ruma::UserId::parse(username).map_err(|_| RegistrationError::InvalidUserId)?;
let user_id = UserId::new(username, config.server_name())?;
let user_id =
ruma::UserId::parse(user_id.to_string()).map_err(|_| RegistrationError::InvalidUserId)?;
let exists = User::exists(&db, &user_id).await?;
Ok(RumaResponse(Response::new(!exists)))
@ -111,6 +118,7 @@ async fn post_register(
RumaRequest(req): RumaRequest<account::register::v3::IncomingRequest>,
) -> Result<RumaResponse<account::register::v3::Response>, ApiError> {
use account::register::v3::*;
tracing::debug!("Register hit");
config
.enable_registration()
@ -124,9 +132,12 @@ async fn post_register(
let user_id = if let IncomingUserIdentifier::UserIdOrLocalpart(user_id) =
incoming_password.identifier
{
ruma::UserId::parse(user_id).map_err(|e| anyhow::anyhow!(e))?
let user_id = UserId::new(&user_id, config.server_name())?;
ruma::UserId::parse(user_id.to_string())
.map_err(|_| AuthenticationError::InvalidUserId)?
} else {
Err(AuthenticationError::InvalidUserId)?
return Err(AuthenticationError::InvalidUserId.into());
};
if User::exists(&db, &user_id).await? {
@ -156,14 +167,57 @@ async fn post_register(
response.access_token = Some(session.key);
}
if !req.inhibit_login {
response.device_id = Some(ruma::OwnedDeviceId::from(device.device_id));
response.device_id = Some(device.device_id.into());
}
return Ok(RumaResponse(response));
Ok(RumaResponse(response))
}
_ => todo!(),
},
None => Err(RegistrationError::AdditionalAuthenticationInformation)?,
};
unreachable!()
// For clients not following using UIAA
None => {
let password = req
.password
.ok_or("password missing")
.map_err(|e| anyhow::anyhow!(e))?;
let user_id = if let Some(username) = req.username {
let user_id = UserId::new(&username, config.server_name())?;
ruma::UserId::parse(user_id.to_string()).map_err(|e| anyhow::anyhow!(e))?
} else {
return Err(AuthenticationError::InvalidUserId.into());
};
if User::exists(&db, &user_id).await? {
return Err(RegistrationError::UserIdTaken.into());
}
let display_name = req
.initial_device_display_name
.unwrap_or_else(|| "Random Display Name".into());
let user = User::new(&user_id, &user_id.to_string(), &password)?
.create(&db)
.await?;
let device = Device::new(
&user,
uuid::Uuid::new_v4().to_string().as_ref(),
&display_name,
)?
.create(&db)
.await?;
let mut response =
Response::new(ruma::UserId::parse(&user.user_id).map_err(|e| anyhow::anyhow!(e))?);
if !req.inhibit_login {
let session = Session::new(&device)?.create(&db).await?;
response.access_token = Some(session.key);
}
if !req.inhibit_login {
response.device_id = Some(ruma::OwnedDeviceId::from(device.device_id));
}
Ok(RumaResponse(response))
}
}
}

7
src/api/client_server/versions.rs
View File

@ -12,5 +12,10 @@ use ruma::api::client::discovery;
async fn get_client_versions() -> RumaResponse<discovery::get_supported_versions::Response> {
use discovery::get_supported_versions::*;
RumaResponse(Response::new(vec!["v1.2".into()]))
RumaResponse(Response::new(vec![
"r0.5.0".to_owned(),
"r0.6.0".to_owned(),
"v1.1".to_owned(),
"v1.2".to_owned(),
]))
}