mirror/mCaptcha
1
0
Fork 1
mirror of https://github.com/mCaptcha/mCaptcha.git synced 2026-02-12 02:25:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

server-side password validation

Browse Source
This commit is contained in:
realaravinth
2021-05-02 10:32:22 +05:30
parent a82d61ed27
commit c7bac9e623
6 changed files with 30 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
src/api/v1/auth.rs
View File

@@ -31,6 +31,7 @@ use crate::Data;
pub struct Register {
pub username: String,
pub password: String,
pub confirm_password: String,
pub email: Option<String>,
}
@@ -53,14 +54,12 @@ pub async fn signup(
if !crate::SETTINGS.server.allow_registration {
Err(ServiceError::ClosedForRegistration)?
}
if &payload.password != &payload.confirm_password {
return Err(ServiceError::PasswordsDontMatch);
}
let username = data.creds.username(&payload.username)?;
let hash = data.creds.password(&payload.password)?;
// let payload = payload.into_inner();
// let email = payload.email.clone();
// if payload.email.is_some() {
// let email = email.clone().unwrap();
// data.creds.email(Some(&email))?;
// }
if let Some(email) = &payload.email {
data.creds.email(&email)?;

19
src/api/v1/tests/auth.rs
View File

@@ -43,6 +43,7 @@ async fn auth_works() {
let msg = Register {
username: NAME.into(),
password: PASSWORD.into(),
confirm_password: PASSWORD.into(),
email: None,
};
let resp = test::call_service(&mut app, post_request!(&msg, SIGNUP).to_request()).await;
@@ -80,6 +81,7 @@ async fn auth_works() {
let msg = Register {
username: NAME.into(),
password: PASSWORD.into(),
confirm_password: PASSWORD.into(),
email: Some(EMAIL.into()),
};
bad_post_req_test(
@@ -136,12 +138,13 @@ async fn auth_works() {
}
#[actix_rt::test]
async fn email_udpate_and_del_userworks() {
async fn email_udpate_password_validation_del_userworks() {
const NAME: &str = "testuser2";
const PASSWORD: &str = "longpassword2";
const EMAIL: &str = "testuser1@a.com2";
const DEL_URL: &str = "/api/v1/account/delete";
const EMAIL_UPDATE: &str = "/api/v1/account/email/";
const SIGNUP: &str = "/api/v1/signup";
{
let data = Data::new().await;
@@ -178,6 +181,20 @@ async fn email_udpate_and_del_userworks() {
.await;
assert_eq!(delete_user_resp.status(), StatusCode::OK);
// checking to see if server-side password validation (password == password_config)
// works
let register_msg = Register {
username: NAME.into(),
password: PASSWORD.into(),
confirm_password: NAME.into(),
email: None,
};
let resp =
test::call_service(&mut app, post_request!(&register_msg, SIGNUP).to_request()).await;
assert_eq!(resp.status(), StatusCode::BAD_REQUEST);
let txt: ErrorToResponse = test::read_body_json(resp).await;
assert_eq!(txt.error, format!("{}", ServiceError::PasswordsDontMatch));
}
#[actix_rt::test]