move config, add password check
All checks were successful
continuous-integration/drone/push Build is passing
All checks were successful
continuous-integration/drone/push Build is passing
This commit is contained in:
@ -1,6 +1,6 @@
|
||||
use std::{collections::HashMap, sync::Arc};
|
||||
|
||||
use argon2::{password_hash::SaltString, Argon2, PasswordHasher};
|
||||
use argon2::{password_hash::SaltString, Argon2, PasswordHash, PasswordHasher};
|
||||
use axum::{
|
||||
extract::Query,
|
||||
http::StatusCode,
|
||||
@ -50,12 +50,23 @@ async fn post_login(
|
||||
Extension(db): Extension<SqlitePool>,
|
||||
Json(body): Json<AuthenticationData>,
|
||||
) -> Result<Json<AuthenticationResponse>, ApiError> {
|
||||
let user = UserId::new("name", "server_name")
|
||||
.ok()
|
||||
.ok_or(AuthenticationError::InvalidUserId)?;
|
||||
let resp = AuthenticationSuccess::new("", "", &user);
|
||||
match body {
|
||||
AuthenticationData::Password(auth_data) => {
|
||||
let user = auth_data.user().unwrap();
|
||||
let user_id = UserId::new(&user, config.homeserver_name())
|
||||
.ok()
|
||||
.ok_or(AuthenticationError::InvalidUserId)?;
|
||||
|
||||
let user = User::find_by_user_id(&db, &user_id).await?;
|
||||
|
||||
Ok(Json(AuthenticationResponse::Success(resp)))
|
||||
user.password_correct(auth_data.password()).ok().ok_or(AuthenticationError::Forbidden)?;
|
||||
|
||||
todo!("find_or_create device for user and create a session");
|
||||
|
||||
let resp = AuthenticationSuccess::new("", "", &user_id);
|
||||
Ok(Json(AuthenticationResponse::Success(resp)))
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
#[tracing::instrument(skip_all)]
|
||||
@ -67,7 +78,7 @@ async fn get_username_available(
|
||||
let username = params
|
||||
.get("username")
|
||||
.ok_or(RegistrationError::MissingUserId)?;
|
||||
let user_id = UserId::new(username, &config.homeserver_name)
|
||||
let user_id = UserId::new(username, &config.homeserver_name())
|
||||
.ok()
|
||||
.ok_or(RegistrationError::InvalidUserId)?;
|
||||
let exists = User::exists(&db, &user_id).await?;
|
||||
@ -87,7 +98,7 @@ async fn post_register(
|
||||
let (user, device) = match &body.auth().expect("must be Some") {
|
||||
AuthenticationData::Password(auth_data) => {
|
||||
let username = body.username().ok_or(RegistrationError::MissingUserId)?;
|
||||
let user_id = UserId::new(username, &config.homeserver_name)
|
||||
let user_id = UserId::new(username, &config.homeserver_name())
|
||||
.ok()
|
||||
.ok_or(RegistrationError::InvalidUserId)?;
|
||||
|
||||
|
||||
Reference in New Issue
Block a user