making auth wall a little bit more lenient for now until testing has some reasonable methodology

2020-07-13 19:40:13 -07:00 · 2020-07-13 19:40:13 -07:00 · 5c2c4abd76
commit 5c2c4abd76
parent 65ccf70091
2 changed files with 16 additions and 22 deletions
--- a/server/src/auth.rs
+++ b/server/src/auth.rs
@ -1,5 +1,6 @@
-use mysql_async::{Conn, Pool};
+use mysql_async::Pool;
 use mysql_async::prelude::{params, Queryable};
+use crate::db_types::{UBigInt, Integer, VarChar};

 use crate::routes;

@ -10,26 +11,10 @@ pub enum AuthReason {
    NoKey,
 }

-fn check_key_row(row: &Option<(i32, i32, u64)>) -> AuthReason {
-    // (limit, uses, _userid)
-    use self::AuthReason::*;
-    match row {
-        Some(data) => {
-            if data.1 > data.0 {
-                LimitPassed
-            }
-            else {
-                Good
-            }
-        },
-        None => NoKey
-    }
-}

 fn open_route(path: &str) -> bool {
    return path == routes::INVITE_JOIN
 }
-
 pub async fn wall_entry(path: &str, pool: &Pool, params: &serde_json::Value) -> Result<AuthReason, mysql_async::error::Error> {
    // Start by Checking if the api key is in our keystore
    if open_route(path) {
@ -39,12 +24,15 @@ pub async fn wall_entry(path: &str, pool: &Pool, params: &serde_json::Value) ->
        if let Some(key) = params.get("secret") {
            let conn = pool.get_conn().await?;
            // (id, name, secret)
-            let (_con, row): (Conn, Option<(i32, i32, u64)>) = conn
-                .first_exec(r"SELECT limit, uses, userid, FROM keys WHERE secret = :secret ", mysql_async::params!{ "secret" => key})
+            let (_con, row): (_, Option<(UBigInt, VarChar)>) = conn
+                .first_exec(r"SELECT userid, name FROM keys WHERE secret = :secret ", mysql_async::params!{ "secret" => key})
                .await?;
            
-            // Error case should probably have some kind of error checking
-            Ok(check_key_row(&row))
+            // yeayea i no
+            match row {
+                Some(_) => Ok(AuthReason::Good),
+                None => Ok(AuthReason::NoKey)
+            }
        }
        else {
            Ok(AuthReason::NoKey)
--- a/server/src/http_params.rs
+++ b/server/src/http_params.rs
@ -5,6 +5,12 @@ use std::u8;

 pub async fn parse_params(body_raw: &mut Body) -> Result<Value, serde_json::error::Error> {
    let bytes: &[u8] = &*to_bytes(body_raw).await.unwrap(); // rarely fails 
-    let values: Value = serde_json::from_slice(bytes)?;
+    let values: Value;
+    if bytes.len() == 0 {
+        values = serde_json::from_str("{}")?;
+    }
+    else {
+        values = serde_json::from_slice(bytes)?;
+    }
    Ok(values)
 }