mirror of
https://github.com/mCaptcha/mCaptcha.git
synced 2026-02-13 11:05:40 +00:00
feat: migrate get password to use db_* interface
This commit is contained in:
realaravinth
@@ -523,6 +523,26 @@
|
|||||||
},
|
},
|
||||||
"query": "SELECT name FROM mcaptcha_config \n WHERE key = $1 \n AND user_id = (\n SELECT user_id FROM mcaptcha_users WHERE NAME = $2)"
|
"query": "SELECT name FROM mcaptcha_config \n WHERE key = $1 \n AND user_id = (\n SELECT user_id FROM mcaptcha_users WHERE NAME = $2)"
|
||||||
},
|
},
|
||||||
|
"a900d304a69809e98eedfc7d807bf6f4f88998763f914cd1ac3e98c6b755c2e2": {
|
||||||
|
"describe": {
|
||||||
|
"columns": [
|
||||||
|
{
|
||||||
|
"name": "password",
|
||||||
|
"ordinal": 0,
|
||||||
|
"type_info": "Text"
|
||||||
|
}
|
||||||
|
],
|
||||||
|
"nullable": [
|
||||||
|
false
|
||||||
|
],
|
||||||
|
"parameters": {
|
||||||
|
"Left": [
|
||||||
|
"Text"
|
||||||
|
]
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"query": "SELECT password FROM mcaptcha_users WHERE email = ($1)"
|
||||||
|
},
|
||||||
"ad23588ee4bcbb13e208460ce21e2fa9f1373893934b530b339fea10360b34a8": {
|
"ad23588ee4bcbb13e208460ce21e2fa9f1373893934b530b339fea10360b34a8": {
|
||||||
"describe": {
|
"describe": {
|
||||||
"columns": [
|
"columns": [
|
||||||
|
|||||||
@@ -17,6 +17,7 @@
|
|||||||
use actix_identity::Identity;
|
use actix_identity::Identity;
|
||||||
use actix_web::{web, HttpResponse, Responder};
|
use actix_web::{web, HttpResponse, Responder};
|
||||||
use argon2_creds::Config;
|
use argon2_creds::Config;
|
||||||
|
use db_core::Login;
|
||||||
use serde::{Deserialize, Serialize};
|
use serde::{Deserialize, Serialize};
|
||||||
use sqlx::Error::RowNotFound;
|
use sqlx::Error::RowNotFound;
|
||||||
|
|
||||||
@@ -83,26 +84,15 @@ async fn update_user_password(
|
|||||||
|
|
||||||
let username = id.identity().unwrap();
|
let username = id.identity().unwrap();
|
||||||
|
|
||||||
let rec = sqlx::query_as!(
|
// TODO: verify behavior when account is not found
|
||||||
Password,
|
let res = data.dblib.get_password(&Login::Username(&username)).await?;
|
||||||
r#"SELECT password FROM mcaptcha_users WHERE name = ($1)"#,
|
|
||||||
&username,
|
|
||||||
)
|
|
||||||
.fetch_one(&data.db)
|
|
||||||
.await;
|
|
||||||
|
|
||||||
match rec {
|
if Config::verify(&res.hash, &payload.password)? {
|
||||||
Ok(s) => {
|
let update: UpdatePassword = payload.into_inner().into();
|
||||||
if Config::verify(&s.password, &payload.password)? {
|
update_password_runner(&username, update, &data).await?;
|
||||||
let update: UpdatePassword = payload.into_inner().into();
|
Ok(HttpResponse::Ok())
|
||||||
update_password_runner(&username, update, &data).await?;
|
} else {
|
||||||
Ok(HttpResponse::Ok())
|
Err(ServiceError::WrongPassword)
|
||||||
} else {
|
|
||||||
Err(ServiceError::WrongPassword)
|
|
||||||
}
|
|
||||||
}
|
|
||||||
Err(RowNotFound) => Err(ServiceError::AccountNotFound),
|
|
||||||
Err(_) => Err(ServiceError::InternalServerError),
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
@@ -91,7 +91,6 @@ pub mod runners {
|
|||||||
/// returns Ok(()) when everything checks out and the user is authenticated. Erros otherwise
|
/// returns Ok(()) when everything checks out and the user is authenticated. Erros otherwise
|
||||||
pub async fn login_runner(payload: Login, data: &AppData) -> ServiceResult<String> {
|
pub async fn login_runner(payload: Login, data: &AppData) -> ServiceResult<String> {
|
||||||
use argon2_creds::Config;
|
use argon2_creds::Config;
|
||||||
use sqlx::Error::RowNotFound;
|
|
||||||
|
|
||||||
let verify = |stored: &str, received: &str| {
|
let verify = |stored: &str, received: &str| {
|
||||||
if Config::verify(stored, received)? {
|
if Config::verify(stored, received)? {
|
||||||
@@ -101,50 +100,19 @@ pub mod runners {
|
|||||||
}
|
}
|
||||||
};
|
};
|
||||||
|
|
||||||
if payload.login.contains('@') {
|
let s = if payload.login.contains('@') {
|
||||||
#[derive(Clone, Debug)]
|
data.dblib
|
||||||
struct EmailLogin {
|
.get_password(&db_core::Login::Email(&payload.login))
|
||||||
name: String,
|
.await?
|
||||||
password: String,
|
|
||||||
}
|
|
||||||
|
|
||||||
let email_fut = sqlx::query_as!(
|
|
||||||
EmailLogin,
|
|
||||||
r#"SELECT name, password FROM mcaptcha_users WHERE email = ($1)"#,
|
|
||||||
&payload.login,
|
|
||||||
)
|
|
||||||
.fetch_one(&data.db)
|
|
||||||
.await;
|
|
||||||
|
|
||||||
match email_fut {
|
|
||||||
Ok(s) => {
|
|
||||||
verify(&s.password, &payload.password)?;
|
|
||||||
Ok(s.name)
|
|
||||||
}
|
|
||||||
|
|
||||||
Err(RowNotFound) => Err(ServiceError::AccountNotFound),
|
|
||||||
Err(_) => Err(ServiceError::InternalServerError),
|
|
||||||
}
|
|
||||||
} else {
|
} else {
|
||||||
let username_fut = sqlx::query_as!(
|
data.dblib
|
||||||
Password,
|
.get_password(&db_core::Login::Username(&payload.login))
|
||||||
r#"SELECT password FROM mcaptcha_users WHERE name = ($1)"#,
|
.await?
|
||||||
&payload.login,
|
};
|
||||||
)
|
|
||||||
.fetch_one(&data.db)
|
|
||||||
.await;
|
|
||||||
|
|
||||||
match username_fut {
|
verify(&s.hash, &payload.password)?;
|
||||||
Ok(s) => {
|
Ok(s.username)
|
||||||
verify(&s.password, &payload.password)?;
|
|
||||||
Ok(payload.login)
|
|
||||||
}
|
|
||||||
Err(RowNotFound) => Err(ServiceError::AccountNotFound),
|
|
||||||
Err(_) => Err(ServiceError::InternalServerError),
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
||||||
pub async fn register_runner(
|
pub async fn register_runner(
|
||||||
payload: &Register,
|
payload: &Register,
|
||||||
data: &AppData,
|
data: &AppData,
|
||||||
|
|||||||
Reference in New Issue
Block a user