Kirisame/dzura
1
0
Fork 0
Code Issues 4 Pull Requests Packages Projects 1 Releases Wiki Activity

Fail login on password reset.

Browse Source
This commit is contained in:
yukirij 2024-10-01 12:40:30 -07:00
parent 53a16a7c2e
commit f153498bf4
1 changed files with 38 additions and 37 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

73
server/src/manager/data.rs
View File

@ -225,6 +225,7 @@ pub async fn thread_system(mut app:App, bus:Bus<protocol::QRPacket>)
// [TEMPORARY] WORKAROUND FOR PASSWORD RESET // [TEMPORARY] WORKAROUND FOR PASSWORD RESET
if user.secret.is_empty() { if user.secret.is_empty() {
println!("Password reset: {}", user.handle);
if let Ok(secret) = argon2::hash_raw(&request.secret.as_bytes(), &salt, &argon_config) { if let Ok(secret) = argon2::hash_raw(&request.secret.as_bytes(), &salt, &argon_config) {
user.secret = secret; user.secret = secret;
if if let Some(app_user) = app.users.get_mut(tuid) { if if let Some(app_user) = app.users.get_mut(tuid) {
@ -234,53 +235,53 @@ pub async fn thread_system(mut app:App, bus:Bus<protocol::QRPacket>)
app.filesystem.user_update(uid, &user).ok(); app.filesystem.user_update(uid, &user).ok();
} }
} }
} } else {
// Verify salted secret against user data
if argon2::verify_raw(&request.secret.as_bytes(), &salt, &user.secret, &argon_config).unwrap_or(false) {
println!("Authenticated user '{}' id {}", user.handle, uid);
// Verify salted secret against user data // Generate authentication token and secret
if argon2::verify_raw(&request.secret.as_bytes(), &salt, &user.secret, &argon_config).unwrap_or(false) { response.status = STATUS_OK;
println!("Authenticated user '{}' id {}", user.handle, uid); rng.fill(&mut response.secret).ok();
loop {
rng.fill(&mut response.token).ok();
// Generate authentication token and secret if app.auths.get(&response.token).is_none() {
response.status = STATUS_OK; app.auths.set(&response.token, Authentication {
rng.fill(&mut response.secret).ok(); key:response.token,
loop { secret:response.secret,
rng.fill(&mut response.token).ok(); user:uid,
});
if app.auths.get(&response.token).is_none() { break;
app.auths.set(&response.token, Authentication { }
key:response.token,
secret:response.secret,
user:uid,
});
break;
} }
}
// Mark send status. // Mark send status.
send_user_status.push(uid); send_user_status.push(uid);
// Attach authentication to connection. // Attach authentication to connection.
if let Some(conn) = app.connections.get_mut(qr.id as usize) { if let Some(conn) = app.connections.get_mut(qr.id as usize) {
conn.auth = Some(response.token); conn.auth = Some(response.token);
if let Some(cid) = user.connection { if let Some(cid) = user.connection {
conn.prev = cid; conn.prev = cid;
}
} }
}
// Add connection to chain. // Add connection to chain.
if let Some(user_cid) = user.connection { if let Some(user_cid) = user.connection {
if let Some(existing) = app.connections.get(user_cid as usize).cloned() { if let Some(existing) = app.connections.get(user_cid as usize).cloned() {
if let Some(conn) = app.connections.get_mut(qr.id as usize) { if let Some(conn) = app.connections.get_mut(qr.id as usize) {
conn.next = existing.next; conn.next = existing.next;
}
}
} else {
if let Some(user) = app.users.get_mut(tuid) {
user.connection = Some(qr.id);
} }
} }
} else { } else {
if let Some(user) = app.users.get_mut(tuid) { println!("notice: password verification failed.");
user.connection = Some(qr.id);
}
} }
} else {
println!("notice: password verification failed.");
} }
} else { } else {
println!("error: user salt id '{}' not found.", user.na_key); println!("error: user salt id '{}' not found.", user.na_key);