demo user

This commit is contained in:
realaravinth 2021-08-09 10:37:19 +05:30
parent a5558e4b6f
commit 3c72d27b36
No known key found for this signature in database
GPG key ID: AD9F0F08E855ED88
11 changed files with 123 additions and 85 deletions

View file

@ -1,6 +1,8 @@
debug = true
source_code = "https://github.com/mCaptcha/mCaptcha"
commercial = false
allow_demo = false
allow_registration = true
[server]
# Please set a unique value, your mCaptcha instance's security depends on this being
@ -13,7 +15,6 @@ port = 7000
ip= "0.0.0.0"
# enter your hostname, eg: example.com
domain = "localhost"
allow_registration = true
# Set true if you have setup TLS with a reverse proxy like Nginx.
# Does HTTPS redirect and sends additional headers that can only be used if
# HTTPS available to improve security

View file

@ -19,11 +19,13 @@ you will be overriding the values set in the configuration files.
### General
| Name | Value |
| ---------------------- | --------------------------------------------------------------------------------- |
| `MCAPTCHA_CONFIG` | Path to configuration file |
| `MCAPTCHA_COMMERCIAL` | Does this instance offer commercial plans? Please consider donating if it does :D |
| `MCAPTCHA_SOURCE_CODE` | Link to the source code of this instance |
| Name | Value |
| ----------------------------- | ----------------------------------------------------------------------------------------------------------------- |
| `MCAPTCHA_CONFIG` | Path to configuration file |
| `MCAPTCHA_COMMERCIAL` | Does this instance offer commercial plans? Please consider donating if it does :D |
| `MCAPTCHA_SOURCE_CODE` | Link to the source code of this instance |
| `MCAPTCHA_ALLOW_REGISTRATION` | Is registration allowed on this instance? |
| `MCAPTCHA_ALLOW_DEMO` | Allow demo access to the server? If registration(previous option) is disabled then demo users will not be allowed |
#### Database
@ -53,7 +55,6 @@ you will be overriding the values set in the configuration files.
| `MCAPTCHA_SERVER_IP` | The IP address on which you want mCaptcha to listen to |
| `MCAPTCHA_SERVER_DOMAIN` | Domain under which mCaptcha will be\* |
| `MCAPTCHA_SERVER_COOKIE_SECRET` | Cookie secret, must be long and random |
| `MCAPTCHA_SERVER_ALLOW_REGISTRATION` | `bool` that controls registration |
| `MCAPTCHA_SERVER_PROXY_HAS_TLS` | Is mCaptcha behind a proxy? If yes, mCaptcha can send additional headers like HSTS |
\* Authentication doesn't work without `MCAPTCHA_DOMAIN` set to the correct domain

View file

@ -1,19 +1,19 @@
/*
* Copyright (C) 2021 Aravinth Manivannan <realaravinth@batsense.net>
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as
* published by the Free Software Foundation, either version 3 of the
* License, or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <https://www.gnu.org/licenses/>.
*/
* Copyright (C) 2021 Aravinth Manivannan <realaravinth@batsense.net>
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as
* published by the Free Software Foundation, either version 3 of the
* License, or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <https://www.gnu.org/licenses/>.
*/
use serde::{Deserialize, Serialize};

View file

@ -25,24 +25,36 @@ async fn username_exists(
payload: web::Json<AccountCheckPayload>,
data: AppData,
) -> ServiceResult<impl Responder> {
let res = sqlx::query!(
"SELECT EXISTS (SELECT 1 from mcaptcha_users WHERE name = $1)",
&payload.val,
)
.fetch_one(&data.db)
.await?;
let mut resp = AccountCheckResp { exists: false };
if let Some(x) = res.exists {
if x {
resp.exists = true;
}
}
let resp = runners::username_exists(&payload, &data).await?;
Ok(HttpResponse::Ok().json(resp))
}
pub mod runners {
use super::*;
pub async fn username_exists(
payload: &AccountCheckPayload,
data: &AppData,
) -> ServiceResult<AccountCheckResp> {
let res = sqlx::query!(
"SELECT EXISTS (SELECT 1 from mcaptcha_users WHERE name = $1)",
&payload.val,
)
.fetch_one(&data.db)
.await?;
let mut resp = AccountCheckResp { exists: false };
if let Some(x) = res.exists {
if x {
resp.exists = true;
}
}
Ok(resp)
}
}
pub fn services(cfg: &mut actix_web::web::ServiceConfig) {
cfg.service(username_exists);
}

View file

@ -1,30 +1,34 @@
/*
* Copyright (C) 2021 Aravinth Manivannan <realaravinth@batsense.net>
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as
* published by the Free Software Foundation, either version 3 of the
* License, or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <https://www.gnu.org/licenses/>.
*/
* Copyright (C) 2021 Aravinth Manivannan <realaravinth@batsense.net>
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as
* published by the Free Software Foundation, either version 3 of the
* License, or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <https://www.gnu.org/licenses/>.
*/
use actix_identity::Identity;
use actix_web::http::header;
use actix_web::{web, HttpResponse, Responder};
use serde::{Deserialize, Serialize};
//use futures::{future::TryFutureExt, join};
use super::mcaptcha::get_random;
use crate::errors::*;
use crate::AppData;
/// Demo username
pub const DEMO_USER: &str = "aaronsw";
/// Demo password
pub const DEMO_PASSWORD: &str = "password";
pub mod routes {
pub struct Auth {
pub logout: &'static str,
@ -133,7 +137,7 @@ pub mod runners {
payload: &Register,
data: &AppData,
) -> ServiceResult<()> {
if !crate::SETTINGS.server.allow_registration {
if !crate::SETTINGS.allow_registration {
return Err(ServiceError::ClosedForRegistration);
}
@ -195,6 +199,21 @@ pub mod runners {
}
Ok(())
}
/// register demo user runner
pub async fn register_demo_user(data: &AppData) -> ServiceResult<()> {
let payload = runners::Register {
username: DEMO_USER.into(),
password: DEMO_PASSWORD.into(),
confirm_password: DEMO_PASSWORD.into(),
email: None,
};
match register_runner(&payload, data).await {
Err(ServiceError::UsernameTaken) | Ok(_) => Ok(()),
Err(e) => Err(e),
}
}
}
pub fn services(cfg: &mut web::ServiceConfig) {

View file

@ -1,24 +1,28 @@
/*
* Copyright (C) 2021 Aravinth Manivannan <realaravinth@batsense.net>
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as
* published by the Free Software Foundation, either version 3 of the
* License, or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <https://www.gnu.org/licenses/>.
*/
* Copyright (C) 2021 Aravinth Manivannan <realaravinth@batsense.net>
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as
* published by the Free Software Foundation, either version 3 of the
* License, or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <https://www.gnu.org/licenses/>.
*/
use actix_web::http::{header, StatusCode};
use actix_web::test;
use crate::api::v1::auth::runners::{Login, Register};
use crate::api::v1::account::{username::runners::username_exists, AccountCheckPayload};
use crate::api::v1::auth::{
runners::{register_demo_user, Login, Register},
DEMO_PASSWORD, DEMO_USER,
};
use crate::api::v1::ROUTES;
use crate::data::Data;
use crate::errors::*;
@ -163,3 +167,17 @@ async fn serverside_password_validation_works() {
let txt: ErrorToResponse = test::read_body_json(resp).await;
assert_eq!(txt.error, format!("{}", ServiceError::PasswordsDontMatch));
}
#[actix_rt::test]
async fn demo_account() {
let data = AppData::new(Data::new().await);
let _ = register_demo_user(&data).await.unwrap();
let payload = AccountCheckPayload {
val: DEMO_USER.into(),
};
assert!(username_exists(&payload, &data).await.unwrap().exists);
signin(DEMO_USER, DEMO_PASSWORD).await;
}

View file

@ -10,7 +10,6 @@
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <https://www.gnu.org/licenses/>.
*/
@ -38,9 +37,7 @@ use libmcaptcha::{
pow::PoWConfig,
pow::Work,
system::{System, SystemBuilder},
// master::messages::AddSite,
};
use sqlx::postgres::PgPoolOptions;
use sqlx::PgPool;

View file

@ -24,7 +24,6 @@ use url::Url;
#[derive(Debug, Clone, Deserialize)]
pub struct Server {
pub allow_registration: bool,
pub port: u32,
pub domain: String,
pub cookie_secret: String,
@ -106,6 +105,8 @@ pub struct Settings {
pub pow: Captcha,
pub source_code: String,
pub smtp: Option<Smtp>,
pub allow_registration: bool,
pub allow_demo: bool,
}
#[cfg(not(tarpaulin_include))]

View file

@ -1,6 +0,0 @@
FROM rustembedded/cross:aarch64-unknown-linux-musl
RUN dpkg --add-architecture arm64 && \
apt-get update && \
DEBIAN_FRONTEND=noninteractive \
apt-get install --assume-yes postgresql

View file

@ -1 +0,0 @@
RUN dpkg --add-architecture arm64 && apt-get update && apt-get install --assume-yes postgresql:arm64 postgresql-devel

View file

@ -1,4 +0,0 @@
FROM rustembedded/cross:x86_64-unknown-linux-musl
RUN dpkg --add-architecture arm64 && \
apt-get update &&
apt-get install --assume-yes postgresql-13:x86_64