Kirisame/dzura
1
0
Fork 0
Code Issues 4 Pull Requests Packages Projects 1 Releases Wiki Activity

Fail login on password reset.

Browse Source
This commit is contained in:
yukirij 2024-10-01 12:40:30 -07:00
parent 53a16a7c2e
commit f153498bf4
1 changed files with 38 additions and 37 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
server/src/manager/data.rs
View File

@ -225,6 +225,7 @@ pub async fn thread_system(mut app:App, bus:Bus<protocol::QRPacket>)
// [TEMPORARY] WORKAROUND FOR PASSWORD RESET
if user.secret.is_empty() {
println!("Password reset: {}", user.handle);
if let Ok(secret) = argon2::hash_raw(&request.secret.as_bytes(), &salt, &argon_config) {
user.secret = secret;
if if let Some(app_user) = app.users.get_mut(tuid) {
@ -234,8 +235,7 @@ pub async fn thread_system(mut app:App, bus:Bus<protocol::QRPacket>)
app.filesystem.user_update(uid, &user).ok();
}
}
}
} else {
// Verify salted secret against user data
if argon2::verify_raw(&request.secret.as_bytes(), &salt, &user.secret, &argon_config).unwrap_or(false) {
println!("Authenticated user '{}' id {}", user.handle, uid);
@ -282,6 +282,7 @@ pub async fn thread_system(mut app:App, bus:Bus<protocol::QRPacket>)
} else {
println!("notice: password verification failed.");
}
}
} else {
println!("error: user salt id '{}' not found.", user.na_key);
}