mirror of
https://github.com/mCaptcha/mCaptcha.git
synced 2024-11-27 11:59:56 +03:00
server-side password validation
This commit is contained in:
realaravinth
parent
a82d61ed27
commit
c7bac9e623
6 changed files with 30 additions and 9 deletions
|
|
@ -31,6 +31,7 @@ use crate::Data;
|
|||
pub struct Register {
|
||||
pub username: String,
|
||||
pub password: String,
|
||||
pub confirm_password: String,
|
||||
pub email: Option<String>,
|
||||
}
|
||||
|
||||
|
|
@ -53,14 +54,12 @@ pub async fn signup(
|
|||
if !crate::SETTINGS.server.allow_registration {
|
||||
Err(ServiceError::ClosedForRegistration)?
|
||||
}
|
||||
|
||||
if &payload.password != &payload.confirm_password {
|
||||
return Err(ServiceError::PasswordsDontMatch);
|
||||
}
|
||||
let username = data.creds.username(&payload.username)?;
|
||||
let hash = data.creds.password(&payload.password)?;
|
||||
// let payload = payload.into_inner();
|
||||
// let email = payload.email.clone();
|
||||
// if payload.email.is_some() {
|
||||
// let email = email.clone().unwrap();
|
||||
// data.creds.email(Some(&email))?;
|
||||
// }
|
||||
|
||||
if let Some(email) = &payload.email {
|
||||
data.creds.email(&email)?;
|
||||
|
|
|
|||
|
|
@ -43,6 +43,7 @@ async fn auth_works() {
|
|||
let msg = Register {
|
||||
username: NAME.into(),
|
||||
password: PASSWORD.into(),
|
||||
confirm_password: PASSWORD.into(),
|
||||
email: None,
|
||||
};
|
||||
let resp = test::call_service(&mut app, post_request!(&msg, SIGNUP).to_request()).await;
|
||||
|
|
@ -80,6 +81,7 @@ async fn auth_works() {
|
|||
let msg = Register {
|
||||
username: NAME.into(),
|
||||
password: PASSWORD.into(),
|
||||
confirm_password: PASSWORD.into(),
|
||||
email: Some(EMAIL.into()),
|
||||
};
|
||||
bad_post_req_test(
|
||||
|
|
@ -136,12 +138,13 @@ async fn auth_works() {
|
|||
}
|
||||
|
||||
#[actix_rt::test]
|
||||
async fn email_udpate_and_del_userworks() {
|
||||
async fn email_udpate_password_validation_del_userworks() {
|
||||
const NAME: &str = "testuser2";
|
||||
const PASSWORD: &str = "longpassword2";
|
||||
const EMAIL: &str = "testuser1@a.com2";
|
||||
const DEL_URL: &str = "/api/v1/account/delete";
|
||||
const EMAIL_UPDATE: &str = "/api/v1/account/email/";
|
||||
const SIGNUP: &str = "/api/v1/signup";
|
||||
|
||||
{
|
||||
let data = Data::new().await;
|
||||
|
|
@ -178,6 +181,20 @@ async fn email_udpate_and_del_userworks() {
|
|||
.await;
|
||||
|
||||
assert_eq!(delete_user_resp.status(), StatusCode::OK);
|
||||
|
||||
// checking to see if server-side password validation (password == password_config)
|
||||
// works
|
||||
let register_msg = Register {
|
||||
username: NAME.into(),
|
||||
password: PASSWORD.into(),
|
||||
confirm_password: NAME.into(),
|
||||
email: None,
|
||||
};
|
||||
let resp =
|
||||
test::call_service(&mut app, post_request!(®ister_msg, SIGNUP).to_request()).await;
|
||||
assert_eq!(resp.status(), StatusCode::BAD_REQUEST);
|
||||
let txt: ErrorToResponse = test::read_body_json(resp).await;
|
||||
assert_eq!(txt.error, format!("{}", ServiceError::PasswordsDontMatch));
|
||||
}
|
||||
|
||||
#[actix_rt::test]
|
||||
|
|
|
|||
|
|
@ -70,6 +70,8 @@ pub enum ServiceError {
|
|||
PasswordTooShort,
|
||||
#[display(fmt = "Username too long")]
|
||||
PasswordTooLong,
|
||||
#[display(fmt = "Passwords don't match")]
|
||||
PasswordsDontMatch,
|
||||
|
||||
/// when the a username is already taken
|
||||
#[display(fmt = "Username not available")]
|
||||
|
|
@ -121,6 +123,7 @@ impl ResponseError for ServiceError {
|
|||
|
||||
ServiceError::PasswordTooShort => StatusCode::BAD_REQUEST,
|
||||
ServiceError::PasswordTooLong => StatusCode::BAD_REQUEST,
|
||||
ServiceError::PasswordsDontMatch => StatusCode::BAD_REQUEST,
|
||||
|
||||
ServiceError::UsernameTaken => StatusCode::BAD_REQUEST,
|
||||
ServiceError::EmailTaken => StatusCode::BAD_REQUEST,
|
||||
|
|
@ -164,8 +167,8 @@ impl From<ParseError> for ServiceError {
|
|||
}
|
||||
}
|
||||
|
||||
#[cfg(not(tarpaulin_include))]
|
||||
impl From<CaptchaError> for ServiceError {
|
||||
#[cfg(not(tarpaulin_include))]
|
||||
fn from(e: CaptchaError) -> ServiceError {
|
||||
ServiceError::CaptchaError(e)
|
||||
}
|
||||
|
|
|
|||
|
|
@ -76,6 +76,7 @@ pub async fn register<'a>(name: &'a str, email: &str, password: &str) {
|
|||
let msg = Register {
|
||||
username: name.into(),
|
||||
password: password.into(),
|
||||
confirm_password: password.into(),
|
||||
email: Some(email.into()),
|
||||
};
|
||||
let resp =
|
||||
|
|
|
|||
|
|
@ -64,6 +64,7 @@ const registerUser = async (e: Event) => {
|
|||
let payload = {
|
||||
username,
|
||||
password,
|
||||
confirm_password: passwordCheck,
|
||||
email,
|
||||
};
|
||||
|
||||
|
|
|
|||
|
|
@ -21,7 +21,7 @@ import * as login from './auth/login';
|
|||
import * as register from './auth/register';
|
||||
import * as panel from './panel/index';
|
||||
import * as addSiteKey from './panel/add-site-key/';
|
||||
//import './auth/forms.scss';
|
||||
import './auth/forms.scss';
|
||||
import './panel/main.scss';
|
||||
import VIEWS from './views/v1/routes';
|
||||
|
||||
|
|
|
|||
Loading…
Reference in a new issue