shockrah/freechat
shockrah/freechat
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
627 Commits 1 Branch 0 Tags 11 MiB
b917483dac
Commit Graph

59 Commits

Author SHA1 Message Date
shockrah
2fb24ee45e New server meta endpoint to help out clients remember stuff about that server 2020-12-30 01:47:12 -08:00
shockrah
dfe53b323e /messages/send now correctyl tells the user they're wrong about sendingmessages to a non-existant channel 2020-12-30 01:00:47 -08:00
shockrah
ab12283507 + Computing encoding key once in a lazy_static 
+ unit test verifying is extremely sus.jpg but it looks like it passes
! bs detectors on max rn so i'll keep this under close watch for now
 2020-12-29 23:57:11 -08:00
shockrah
549c69f668 + Added Response::RestrictedInput to db-lib 
Should make it more dsecriptive with really weird input and prevent even more confusing 500 responses to the client

+ db-lib::Channels::add now also potentially returns this new RestrictedInput variant
 2020-12-29 23:50:57 -08:00
shockrah
b7209c000c Changed token in user params to jwt since token was way too vague 2020-12-28 23:05:31 -08:00
shockrah
7263ae0980 Preventing outsiders from refreshing someone else's token 
! Unless their id/secret combo is robbed in which case they're screwed anyway /shrug
 2020-12-28 22:16:55 -08:00
shockrah
5366ba9690 * Refactored secret_value generation to be behind an easy to use helper 
* Refactored serde facing puller functions to be more clear
- Removing incorrect commentary
* Changed login handler to start using mysql based api
! Further refactoring in the previous to be more readable
 2020-12-28 22:00:59 -08:00
shockrah
9d01912670 Adding hook for getting jwt from login 
Also missed a lazy_static removal in db-lib
 2020-12-28 21:57:47 -08:00
shockrah
11251fe6d3 1. adding hmac_secret as a private lazy_static variable 
This is only initialized once and is read only after the fact so it should be fine

2. Adding a Claim struct that all JWT's will use for their structure. A helpful .new() function is provided

3. AuthReason::ServerIssue(String) is a now a thing

Should help the auth module be more clear in what's  going on

4. fn get_jwt_json -> renamed from get_jwt to indicate we're getting something from json payload. Nothing more

5. async fn valid_jwt: Attempts to decode the given token, if successful it then looks if that user has given us an active jwt budget-session-key if (returns boolean)

6. wall_entry now returns an AuthReason without the sql wrapping, since thats db-lib's problem anyway

Also we're collecting all data upfront then verifying it as we go.

7. async fn login_get_jwt::ROUTE

On login_auth here we simply create a JWT for the user, store it in cache, then give it back to the user to use.
Tokens take a week to expire

8. Removed busted tests that weren't doing anything useful for the time being
 2020-12-22 21:51:23 -08:00
shockrah
02e6c4145e now hanlding server issues with auth(since those sometimes happen) 
also renamed some vars to be more clear
 2020-12-22 21:29:43 -08:00
shockrah
5a5ecfad26 Optimizations for buidling memcacache for our tokens 2020-12-20 19:43:27 -08:00
shockrah
88f6e5b532 skeleton code for jwt things 2020-12-18 13:03:30 -08:00
shockrah
4ac696820e Removing dynamic routes altogether 2020-12-12 14:45:43 -08:00
shockrah
201297f4c1 Checking for valid channel.kind on /channels/create 2020-12-12 13:51:43 -08:00
shockrah
13eb58ec06 * Owner perms were not being calculated correctly, this is now fixed 2020-11-21 19:18:40 -08:00
shockrah
063f2c7c48 --create-owner flag now correctly gives back the actual secret value instead of the encrypted value 2020-11-21 19:06:23 -08:00
shockrah
8661bcabe7 Removed redudancies and loud error messages 2020-11-21 19:05:44 -08:00
shockrah
1c1bb5f3cd * -c now uses the name parameter given to it 
* new branch for failure of secret generation
 2020-11-21 13:21:44 -08:00
shockrah
c80a1dab40 * clearer branching and some descriptive comments 2020-11-21 13:20:27 -08:00
shockrah
ea5162d185 + Better secret generation 
+ Helper function to clearly encrypt generated secrets
+ New test for auth::valid_secret as a sanity check
! routes::is_open is no longer retarded and behaves as expected
 2020-11-21 13:19:52 -08:00
shockrah
cd9d676a1e Removal of unused test 2020-11-17 23:46:40 -08:00
shockrah
eaec922693 New dependancies 
Fixing a bunch of things that cargo complains about but that really has no effect on me as a person
 2020-11-17 23:46:03 -08:00
shockrah
8b7684c0a7 + Fixed issue with /channels/delete return 200 on db-lib failure 2020-11-17 22:31:33 -08:00
shockrah
5d8ecdfdb7 userland::admin.rs: now uses db-lib to update permissions 
Also removed a ton of code in general
$ makes it much easier to read/debug
 2020-11-17 22:30:58 -08:00
shockrah
77f6850c52 l a r g e visual cleanup 2020-11-17 00:09:03 -08:00
shockrah
751b947bef db/src/channels.rs/ : Clerical error fix in Response::Other<String> message 
src/channels.rs/ : simple log of sql error to stderr
main.rs : swapped secret and name parameters as they were backwards somehow (tfw cant type)
src/messages.sr : more clerical shit(mispelled parameter name) and logging sql to stderr
 2020-11-17 00:08:13 -08:00
shockrah
474696eb4b Visual cleanup of routes.rs since it was basically just... awful, more cleanup one day 2020-11-16 23:12:32 -08:00
shockrah
75fcd5aef5 -c now uses db-lib as its backend 
also updated the error messages to help out server owners a bit
 2020-11-16 23:04:09 -08:00
shockrah
c6d8e3d360 userland invites endpoint now uses db::members::add as its intended 2020-11-16 22:59:28 -08:00
shockrah
f0f0272c32 Removal of unused uses or random code that was dead anyway 2020-11-16 22:58:58 -08:00
shockrah
aa9c515b95 invites::valid_invite now uses proper db-lib function calls 2020-11-16 22:18:37 -08:00
shockrah
2448e1b200 get_online_members now uses db-lib for its back end 
This means we've removed a ton of old raw sql code
 2020-11-16 20:20:37 -08:00
shockrah
b966c61c20 Finally the change over to db::messages::Messages::send in userland code 
- removed old helper function which is no longer needed
* cleaned up responses for empty,other, and _ in /channels/create endpoint handler
 2020-11-12 13:18:43 -08:00
shockrah
06a76b26df Fixed content-type in channels::create + list response header 2020-11-07 21:01:09 -08:00
shockrah
c8a6aa204d User API changes to now use the new behavior for adding channels 2020-11-07 18:27:14 -08:00
shockrah
700da3695f Removing whats left of db_types references 
Finally relying on db library crate for database types
 2020-11-07 18:20:34 -08:00
shockrah
cb69d8b945 moving away from db_types in the members api module 2020-11-07 13:26:37 -08:00
shockrah
4d85c094cc removing errors for the sake of testing 2020-11-04 00:19:50 -08:00
shockrah
f9bc6b3dc9 channels modules have newly updated list endpoints 
/channels/create requires a rework however
 2020-11-03 23:16:24 -08:00
shockrah
7a093c1fbc new delete_channel endpoint handler 
* to be tested
 2020-11-02 00:12:16 -08:00
shockrah
06c81ce2f2 Removal of unused code or things that were trivial to switch to the library like db types 2020-11-02 00:11:15 -08:00
shockrah
ec732dfd34 changed auth calls to use the new db api 2020-10-21 21:40:55 -07:00
shockrah
90b131c60a channels delete is now based on http deletes 2020-10-10 23:08:00 -07:00
shockrah
dfc9f88e66 first sampling of what the lib migration interactions will look like 2020-10-10 19:53:13 -07:00
shockrah
41c28cc845 dummy commit before mass library migration 2020-10-10 14:44:00 -07:00
shockrah
9f3e734b0b moar warning removals 2020-10-02 13:24:45 -07:00
shockrah
b897e07273 removing frivolous sql select(why was this even here tho) 2020-10-02 13:24:23 -07:00
shockrah
e58d4abb28 removed some more warnings until these vars are used 2020-10-01 20:14:56 -07:00
shockrah
04dca141b5 base for querying online users 2020-10-01 19:50:57 -07:00
shockrah
fa04d2d722 removed dead code 2020-09-30 22:42:28 -07:00