mirror of
https://github.com/mCaptcha/mCaptcha.git
synced 2025-03-14 13:08:27 +03:00
feat: migrate get password to use db_* interface
This commit is contained in:
parent
5bcf7beddc
commit
f398c4b61c
3 changed files with 39 additions and 61 deletions
|
@ -523,6 +523,26 @@
|
|||
},
|
||||
"query": "SELECT name FROM mcaptcha_config \n WHERE key = $1 \n AND user_id = (\n SELECT user_id FROM mcaptcha_users WHERE NAME = $2)"
|
||||
},
|
||||
"a900d304a69809e98eedfc7d807bf6f4f88998763f914cd1ac3e98c6b755c2e2": {
|
||||
"describe": {
|
||||
"columns": [
|
||||
{
|
||||
"name": "password",
|
||||
"ordinal": 0,
|
||||
"type_info": "Text"
|
||||
}
|
||||
],
|
||||
"nullable": [
|
||||
false
|
||||
],
|
||||
"parameters": {
|
||||
"Left": [
|
||||
"Text"
|
||||
]
|
||||
}
|
||||
},
|
||||
"query": "SELECT password FROM mcaptcha_users WHERE email = ($1)"
|
||||
},
|
||||
"ad23588ee4bcbb13e208460ce21e2fa9f1373893934b530b339fea10360b34a8": {
|
||||
"describe": {
|
||||
"columns": [
|
||||
|
|
|
@ -17,6 +17,7 @@
|
|||
use actix_identity::Identity;
|
||||
use actix_web::{web, HttpResponse, Responder};
|
||||
use argon2_creds::Config;
|
||||
use db_core::Login;
|
||||
use serde::{Deserialize, Serialize};
|
||||
use sqlx::Error::RowNotFound;
|
||||
|
||||
|
@ -83,26 +84,15 @@ async fn update_user_password(
|
|||
|
||||
let username = id.identity().unwrap();
|
||||
|
||||
let rec = sqlx::query_as!(
|
||||
Password,
|
||||
r#"SELECT password FROM mcaptcha_users WHERE name = ($1)"#,
|
||||
&username,
|
||||
)
|
||||
.fetch_one(&data.db)
|
||||
.await;
|
||||
// TODO: verify behavior when account is not found
|
||||
let res = data.dblib.get_password(&Login::Username(&username)).await?;
|
||||
|
||||
match rec {
|
||||
Ok(s) => {
|
||||
if Config::verify(&s.password, &payload.password)? {
|
||||
let update: UpdatePassword = payload.into_inner().into();
|
||||
update_password_runner(&username, update, &data).await?;
|
||||
Ok(HttpResponse::Ok())
|
||||
} else {
|
||||
Err(ServiceError::WrongPassword)
|
||||
}
|
||||
}
|
||||
Err(RowNotFound) => Err(ServiceError::AccountNotFound),
|
||||
Err(_) => Err(ServiceError::InternalServerError),
|
||||
if Config::verify(&res.hash, &payload.password)? {
|
||||
let update: UpdatePassword = payload.into_inner().into();
|
||||
update_password_runner(&username, update, &data).await?;
|
||||
Ok(HttpResponse::Ok())
|
||||
} else {
|
||||
Err(ServiceError::WrongPassword)
|
||||
}
|
||||
}
|
||||
|
||||
|
|
|
@ -91,7 +91,6 @@ pub mod runners {
|
|||
/// returns Ok(()) when everything checks out and the user is authenticated. Erros otherwise
|
||||
pub async fn login_runner(payload: Login, data: &AppData) -> ServiceResult<String> {
|
||||
use argon2_creds::Config;
|
||||
use sqlx::Error::RowNotFound;
|
||||
|
||||
let verify = |stored: &str, received: &str| {
|
||||
if Config::verify(stored, received)? {
|
||||
|
@ -101,50 +100,19 @@ pub mod runners {
|
|||
}
|
||||
};
|
||||
|
||||
if payload.login.contains('@') {
|
||||
#[derive(Clone, Debug)]
|
||||
struct EmailLogin {
|
||||
name: String,
|
||||
password: String,
|
||||
}
|
||||
|
||||
let email_fut = sqlx::query_as!(
|
||||
EmailLogin,
|
||||
r#"SELECT name, password FROM mcaptcha_users WHERE email = ($1)"#,
|
||||
&payload.login,
|
||||
)
|
||||
.fetch_one(&data.db)
|
||||
.await;
|
||||
|
||||
match email_fut {
|
||||
Ok(s) => {
|
||||
verify(&s.password, &payload.password)?;
|
||||
Ok(s.name)
|
||||
}
|
||||
|
||||
Err(RowNotFound) => Err(ServiceError::AccountNotFound),
|
||||
Err(_) => Err(ServiceError::InternalServerError),
|
||||
}
|
||||
let s = if payload.login.contains('@') {
|
||||
data.dblib
|
||||
.get_password(&db_core::Login::Email(&payload.login))
|
||||
.await?
|
||||
} else {
|
||||
let username_fut = sqlx::query_as!(
|
||||
Password,
|
||||
r#"SELECT password FROM mcaptcha_users WHERE name = ($1)"#,
|
||||
&payload.login,
|
||||
)
|
||||
.fetch_one(&data.db)
|
||||
.await;
|
||||
data.dblib
|
||||
.get_password(&db_core::Login::Username(&payload.login))
|
||||
.await?
|
||||
};
|
||||
|
||||
match username_fut {
|
||||
Ok(s) => {
|
||||
verify(&s.password, &payload.password)?;
|
||||
Ok(payload.login)
|
||||
}
|
||||
Err(RowNotFound) => Err(ServiceError::AccountNotFound),
|
||||
Err(_) => Err(ServiceError::InternalServerError),
|
||||
}
|
||||
}
|
||||
verify(&s.hash, &payload.password)?;
|
||||
Ok(s.username)
|
||||
}
|
||||
|
||||
pub async fn register_runner(
|
||||
payload: &Register,
|
||||
data: &AppData,
|
||||
|
|
Loading…
Add table
Reference in a new issue