From 9e63985b284e4529825b8ac9a41a27eb42153396 Mon Sep 17 00:00:00 2001
From: Jean-Christophe BEGUE <jc.begue@devisubox.com>
Date: Wed, 15 Aug 2018 17:25:59 +0200
Subject: [PATCH] Check email validity before using it for password hint
 sending

---
 Cargo.toml               | 1 +
 src/api/core/accounts.rs | 5 +++++
 src/mail.rs              | 3 +--
 src/main.rs              | 1 +
 4 files changed, 8 insertions(+), 2 deletions(-)

diff --git a/Cargo.toml b/Cargo.toml
index 537b4e1e..3a514738 100644
--- a/Cargo.toml
+++ b/Cargo.toml
@@ -61,6 +61,7 @@ num-derive = "0.2.2"
 lettre = "0.8.2"
 lettre_email = "0.8.2"
 native-tls = "0.1.5"
+fast_chemail = "0.9.5"
 
 [patch.crates-io]
  # Make jwt use ring 0.11, to match rocket
diff --git a/src/api/core/accounts.rs b/src/api/core/accounts.rs
index 1d6469c2..ffc76f3a 100644
--- a/src/api/core/accounts.rs
+++ b/src/api/core/accounts.rs
@@ -5,6 +5,7 @@ use db::models::*;
 
 use api::{PasswordData, JsonResult, EmptyResult, JsonUpcase, NumberOrString};
 use auth::Headers;
+use fast_chemail::is_valid_email;
 use mail;
 
 use CONFIG;
@@ -259,6 +260,10 @@ struct PasswordHintData {
 fn password_hint(data: JsonUpcase<PasswordHintData>, conn: DbConn) -> EmptyResult {
     let data: PasswordHintData = data.into_inner().data;
 
+    if !is_valid_email(&data.Email) {
+        return Ok(());
+    }
+
     let user = User::find_by_mail(&data.Email, &conn);
     if user.is_none() {
         return Ok(());
diff --git a/src/mail.rs b/src/mail.rs
index fef03c25..09409e94 100644
--- a/src/mail.rs
+++ b/src/mail.rs
@@ -1,6 +1,5 @@
 use std::error::Error;
-use native_tls::TlsConnector;
-use native_tls::{Protocol};
+use native_tls::{Protocol, TlsConnector};
 use lettre::{EmailTransport, SmtpTransport, ClientTlsParameters, ClientSecurity};
 use lettre::smtp::{ConnectionReuseParameters, SmtpTransportBuilder};
 use lettre::smtp::authentication::Credentials;
diff --git a/src/main.rs b/src/main.rs
index 9c0675e7..5fbefb0b 100644
--- a/src/main.rs
+++ b/src/main.rs
@@ -29,6 +29,7 @@ extern crate num_traits;
 extern crate lettre;
 extern crate lettre_email;
 extern crate native_tls;
+extern crate fast_chemail;
 
 use std::{env, path::Path, process::{exit, Command}};
 use rocket::Rocket;