shockrah/freechat
shockrah/freechat
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

changed auth calls to use the new db api

Browse Source
This commit is contained in:
shockrah 2020-10-21 21:40:55 -07:00
parent 28dbbc4132
commit ec732dfd34
1 changed files with 11 additions and 19 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
server-api/src/auth.rs
View File

@ -2,7 +2,6 @@ use bcrypt;
use mysql_async::{Pool}; use mysql_async::{Pool};
use mysql_async::error::Error as SqlError; use mysql_async::error::Error as SqlError;
use crate::db_types::{BigInt, Integer, UBigInt, VarChar};
use crate::routes; use crate::routes;
@ -19,27 +18,21 @@ pub enum AuthReason {
} }
fn valid_user(secret: &str, row: &Option<(VarChar, VarChar, BigInt, Integer, UBigInt)>) -> bool { fn valid_user(given_pass: &str, hash: &str) -> bool {
match row { return match bcrypt::verify(given_pass, hash) {
Some(row) => {
match bcrypt::verify(secret, &row.0) {
Ok(result) => result, Ok(result) => result,
Err(_) => return false Err(_) => return false
} }
},
_ => return false
}
} }
fn valid_perms(user_opt: &Option<(VarChar, VarChar, BigInt, Integer, UBigInt)>, path: &str) -> bool { fn valid_perms(member: Member, path: &str) -> bool {
use crate::perms; use crate::perms;
if let Some(user) = user_opt { // if there are perms on the current path make sure the user has them
if let Some(p) = perms::get_perm_mask(path) { if let Some(p) = perms::get_perm_mask(path) {
return (p & user.4) == p; return (p & member.permissions) == p;
} }
return true; // no perms required // if no perms then we don't care
} return true;
return false;
} }
pub async fn wall_entry(path: &str, pool: &Pool, params: &serde_json::Value) -> Result<AuthReason, SqlError> { pub async fn wall_entry(path: &str, pool: &Pool, params: &serde_json::Value) -> Result<AuthReason, SqlError> {
@ -52,7 +45,6 @@ pub async fn wall_entry(path: &str, pool: &Pool, params: &serde_json::Value) ->
/* /*
* If we apparantly have user data then check for validity in credentials * If we apparantly have user data then check for validity in credentials
*/ */
(Some(id_v), Some(secret_v)) => { (Some(id_v), Some(secret_v)) => {
/* unwrapping because i couldn't care less about poorly formatted request data */ /* unwrapping because i couldn't care less about poorly formatted request data */
let id = id_v.as_u64().unwrap_or(0); // basically nobody is allowed to have 0 as its supposed to be reserved let id = id_v.as_u64().unwrap_or(0); // basically nobody is allowed to have 0 as its supposed to be reserved
@ -60,7 +52,7 @@ pub async fn wall_entry(path: &str, pool: &Pool, params: &serde_json::Value) ->
use std::borrow::Cow; use std::borrow::Cow;
return match Member::get(pool, id).await { return match Member::get(pool, id).await {
Response::Row(user) => { Response::Row(user) => {
if user.secret == secret { if valid_user(secret, &user.secret) && valid_perms(user, path){
Ok(AuthReason::Good) Ok(AuthReason::Good)
} }
else { else {