Kirisame/dzura
1
0
Fork 0
Code Issues 4 Pull Requests Packages Projects 1 Releases Wiki Activity

Add temporary password reset method.

Browse Source
This commit is contained in:
yukirij 2024-10-01 12:36:50 -07:00
parent 5cb176299a
commit 53a16a7c2e
2 changed files with 47 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
server/src/manager/data.rs
View File

@ -219,10 +219,23 @@ pub async fn thread_system(mut app:App, bus:Bus<protocol::QRPacket>)
match app.user_handle.get(request.handle.to_lowercase().as_bytes()).cloned() {
Some(uid) => {
if let Some(tuid) = app.user_id.get(uid as isize).cloned() {
if let Some(user) = app.users.get(tuid).cloned() {
if let Some(mut user) = app.users.get(tuid).cloned() {
// Get user salt
if let Some(salt) = app.salts.get(user.na_key as isize).cloned() {
// [TEMPORARY] WORKAROUND FOR PASSWORD RESET
if user.secret.is_empty() {
if let Ok(secret) = argon2::hash_raw(&request.secret.as_bytes(), &salt, &argon_config) {
user.secret = secret;
if if let Some(app_user) = app.users.get_mut(tuid) {
app_user.secret = user.secret.clone();
true
} else { false } {
app.filesystem.user_update(uid, &user).ok();
}
}
}
// Verify salted secret against user data
if argon2::verify_raw(&request.secret.as_bytes(), &salt, &user.secret, &argon_config).unwrap_or(false) {
println!("Authenticated user '{}' id {}", user.handle, uid);
@ -695,6 +708,7 @@ pub async fn thread_system(mut app:App, bus:Bus<protocol::QRPacket>)
// Choose player seats.
let time = std::time::SystemTime::now().duration_since(std::time::UNIX_EPOCH).unwrap_or_default().as_millis() as u64;
println!("Time {}", time);
// Build session.
let mut session = Session {

47
server/src/system/filesystem/mod.rs
View File

@ -299,20 +299,7 @@ impl FileSystem {
.join(format!("{:08x}", file_index));
fs::create_dir_all(bucket_path.clone()).map_err(|_| ())?;
// Create configuration file
let file_path = bucket_path.join(GENERIC_CONFIG);
if let Ok(mut file) = File::options().write(true).create(true).open(file_path) {
let handle = user.handle.as_bytes().to_vec();
// Write user information
file.write(&pack_u32(user.flags)).map_err(|_| ())?;
file.write(&pack_u32(user.na_key)).map_err(|_| ())?;
file.write(&pack_u16(user.secret.len() as u16)).map_err(|_| ())?;
file.write(&user.secret).map_err(|_| ())?;
file.write(&pack_u8(handle.len() as u8)).map_err(|_| ())?;
file.write(&handle).map_err(|_| ())?;
}
self.user_update(size, user)?;
// Create status file
let file_path = bucket_path.join(GENERIC_STATUS);
@ -338,6 +325,33 @@ impl FileSystem {
Ok(size)
}
pub fn user_update(&mut self, id:u32, user:&User) -> Result<(),()>
{
let bucket_index = id & !HANDLE_BUCKET_MASK;
let file_index = id & HANDLE_BUCKET_MASK;
let bucket_path = Path::new(DIR_USER)
.join(format!("{:08x}", bucket_index))
.join(format!("{:08x}", file_index));
// Create configuration file
let file_path = bucket_path.join(GENERIC_CONFIG);
if let Ok(mut file) = File::options().write(true).create(true).open(file_path) {
let handle = user.handle.as_bytes().to_vec();
// Write user information
file.write(&pack_u32(user.flags)).map_err(|_| ())?;
file.write(&pack_u32(user.na_key)).map_err(|_| ())?;
file.write(&pack_u16(user.secret.len() as u16)).map_err(|_| ())?;
file.write(&user.secret).map_err(|_| ())?;
file.write(&pack_u8(handle.len() as u8)).map_err(|_| ())?;
file.write(&handle).map_err(|_| ())?;
}
Ok(())
}
pub fn user_update_status(&mut self) -> Result<(),()>
{
Err(())
@ -373,8 +387,11 @@ impl FileSystem {
file.read_exact(&mut buffer_u16).map_err(|_| ())?;
let secret_length = unpack_u16(&buffer_u16, &mut 0);
let mut secret = vec![0u8; secret_length as usize];
let mut secret = vec![0u8; (secret_length & 0x7FF) as usize];
file.read_exact(&mut secret).map_err(|_| ())?;
if (secret_length & 0x8000) != 0 {
secret.clear();
}
file.read_exact(&mut buffer_u8).map_err(|_| ())?;
let handle_length = unpack_u8(&buffer_u8, &mut 0);