shockrah/freechat
shockrah/freechat
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
435 Commits 1 Branch 0 Tags 11 MiB
302cac2b51
Commit Graph

34 Commits

Author SHA1 Message Date
shockrah
6dfc6ed687 adding test for missing secret key 2020-08-20 20:39:26 -07:00
shockrah
5d1b95bec6 making routes::is_open behavior a lot more clear 
moved /join to be handled by the dynamic path handler
 2020-08-11 19:43:05 -07:00
shockrah
b3d603eecc verification of secrets now has clearer fallback 2020-08-08 00:30:35 -07:00
shockrah
90e6496786 Auth wall now uses id for lookups 
Secret is now checked against bcrypt, default cost now 13

New AuthReason::BadKey
	Meant to give us more specific auth responses but main isn't dealing w/ it yet
 2020-08-07 21:23:38 -07:00
shockrah
c1b50bd36a adding helper function to aid in creation of members as opt create owner requires 2020-08-06 16:31:18 -07:00
shockrah
45120330db Adding required deps for creating proper users 2020-08-05 22:49:11 -07:00
shockrah
000a75c81f user name+id now added to params and channels table now accepts channel_name 2020-07-30 23:50:03 -07:00
shockrah
362eb53650 tabs before some messages for clearer reasoning on what happen on each request 2020-07-29 19:44:52 -07:00
shockrah
73f69cec48 channels list route passing proper input pass 2020-07-13 20:35:04 -07:00
shockrah
0a0967d196 fixed auth module not using str version of the secret key 2020-07-13 20:31:14 -07:00
shockrah
1810e5ebc8 removing unused enum members 2020-07-13 19:42:13 -07:00
shockrah
5c2c4abd76 making auth wall a little bit more lenient for now until testing has some reasonable methodology 2020-07-13 19:40:13 -07:00
shockrah
0d9b945301 *Speccing the rows which wall_entry requests 
Generally more explicit behavior is provided
*NOTE: if this call succeeds then we have fully authenticated and subsequent calls should have acccess to "secret" in the serialized params structure, thus unwraps should be fine as they'll be proven via informal  induction
 2020-07-04 23:05:58 -07:00
shockrah
a47f4c4c46 ! admin update 
removing and ignoring old + new things respectively
 2020-07-04 19:39:04 -07:00
shockrah
e8e1a13d6d auth::wall_entry now uses &serde_json::Value's as a param 2020-06-18 22:31:15 -07:00
shockrah
b2a6da2561 auth::wall_entry now follows the same error system as invites module 
Result of function forwards to its caller so we dont deal w/ mysql so much
 2020-06-02 17:05:54 -07:00
shockrah
68aeb50175 checking for open routes which require no aut in wall_entry 2020-06-02 01:29:05 -07:00
shockrah
8360efced5 auth::wall_entry now verifies keys upon request 
We can now decide what kind of authorization result triggers what kind of responses to the users
Further more error handling has to happen closer to application logic which is the main trade-off of our architecture
 2020-06-02 00:32:15 -07:00
shockrah
e48720d6ac removing basically everything since almost nothing is going to translate over very easily from the auth module 
for now we're only going to use two methods to
auth::wall_entry is what allows to impose rate on a per user basic, not per route, although this feature can be configured later
 2020-06-01 22:28:06 -07:00
shockrah
97e6b026cc utils::new_key now has a larger entropy pool + is generally smaller/quicker 
encode params takes a &[u8] as parameter now instead of &str
utils::decode_params removed for now as it has not real use atm
 2020-05-20 02:05:06 -07:00
shockrah
40d4720977 Helper function in test::auth to quickly build fake users 
New test to verify correct behavior of '/auth/login' route
 2020-05-20 00:50:46 -07:00
shockrah
ab4fe70081 test::auth::mysql_conn helper function for mysql connections 
test::auth::feed_n_leave added form header and cleaned up post parameters
test::auth::dummy_leave standalone test for route => /auth/leave
 2020-05-19 21:48:13 -07:00
shockrah
84ccfff2aa auth::login now emites a url safe api session key 
models::_USER_ONLINE updated to suppress unused var warnings
 2020-05-19 20:15:53 -07:00
shockrah
895d7246f0 auth::create_new_session_key => impl not tested 
auth::login now generates a 500 on db insertion failure
auth::login returning single json value instead of full struct
 2020-05-19 20:13:56 -07:00
shockrah
b007f57dfe priv auth::blind_remove_session => impl not tested 
pub auth::login => impl not tested
 2020-05-19 19:36:29 -07:00
shockrah
dcb9e9641e Skeleton code for login route handler 
Helper functions to be written in next commits
 2020-05-17 16:15:53 -07:00
shockrah
68d864710a Finished a test for using an invite via the /invite/join/<code> route 2020-05-10 12:56:38 -07:00
shockrah
4703116e32 Verified that the join function is working as intended 2020-05-07 22:14:44 -07:00
shockrah
040d58a7ad Cleaned up some verbosity 2020-05-06 22:19:12 -07:00
shockrah
81e6fd0a13 Invite are now consumed via a path with two dynamic params 
/invite/join/<hash>/<name> is the real path to be used now but the app ui should this behavior in some clever way
 2020-05-06 02:51:26 -07:00
shockrah
220bc11ef0 Fixed all 35 compile time issues with new auth module 
Ready for testing
 2020-05-06 02:20:32 -07:00
shockrah
57dad692ae poc for a leave route for those that no longer want to be a part of a given server 2020-05-05 23:46:29 -07:00
shockrah
5652388f4c /join 'ing for new users code steramlined a bit 
*mostly a coding qol change
 2020-05-05 23:20:47 -07:00
shockrah
62204e52ca dumy commit as work will continue on new async branch 2020-05-05 17:09:18 -07:00