feat: random tokens, sessions, guest usernames and device ids

2020-04-06 22:57:58 +02:00 · 2020-04-06 22:57:58 +02:00 · ddcd423e6f
commit ddcd423e6f
parent 64223b8812
4 changed files with 38 additions and 13 deletions
--- a/Cargo.lock
+++ b/Cargo.lock
@ -607,6 +607,7 @@ dependencies = [
 "js_int",
 "log",
 "pretty_env_logger",
+ "rand",
 "rocket",
 "ruma-api",
 "ruma-client-api",
@ -1051,7 +1052,7 @@ dependencies = [
 [[package]]
 name = "ruma-client-api"
 version = "0.7.2"
-source = "git+https://github.com/ruma/ruma-client-api.git#fe92c2940a2db80509e9a9f162c0f68f3ec3d0a4"
+source = "git+https://github.com/ruma/ruma-client-api.git#dc582758e4f846b3751d84d21eb321e8eb4faf51"
 dependencies = [
 "http",
 "js_int",
--- a/Cargo.toml
+++ b/Cargo.toml
@ -23,3 +23,4 @@ ruma-signatures = { git = "https://github.com/ruma/ruma-signatures.git" }
 ruma-federation-api = "0.0.1"
 serde = "1.0.106"
 tokio = "0.2.16"
+rand = "0.7.3"
--- a/src/main.rs
+++ b/src/main.rs
@ -19,7 +19,7 @@ use ruma_client_api::{
        membership::join_room_by_id,
        message::create_message_event,
        room::create_room,
-        session::login,
+        session::{get_login_types, login},
        state::{create_state_event_for_empty_key, create_state_event_for_key},
        sync::sync_events,
    },
@ -31,6 +31,11 @@ use ruma_wrapper::{MatrixResult, Ruma};
 use serde_json::json;
 use std::{collections::HashMap, convert::TryInto, path::PathBuf};

+const DEVICE_ID_LENGTH: usize = 16;
+const SESSION_ID_LENGTH: usize = 16;
+const TOKEN_LENGTH: usize = 16;
+const GUEST_NAME_LENGTH: usize = 16;
+
 #[get("/_matrix/client/versions")]
 fn get_supported_versions_route() -> MatrixResult<get_supported_versions::Response> {
    MatrixResult(Ok(get_supported_versions::Response {
@ -47,14 +52,14 @@ fn register_route(
    if body.auth.is_none() {
        return MatrixResult(Err(Error {
            kind: ErrorKind::InvalidUsername,
-            message: serde_json::to_string(&json!({
+            message: json!({
                "flows": [
                    { "stages": [ "m.login.dummy" ] },
                ],
                "params": {},
-                "session": "TODO:randomsessionid",
-            }))
-            .unwrap(),
+                "session": utils::random_string(SESSION_ID_LENGTH),
+            })
+            .to_string(),
            status_code: http::StatusCode::UNAUTHORIZED,
        }));
    }
@ -62,7 +67,9 @@ fn register_route(
    // Validate user id
    let user_id: UserId = match (*format!(
        "@{}:{}",
-        body.username.clone().unwrap_or("randomname".to_owned()),
+        body.username
+            .clone()
+            .unwrap_or_else(|| utils::random_string(GUEST_NAME_LENGTH)),
        data.hostname()
    ))
    .try_into()
@ -95,13 +102,13 @@ fn register_route(
    let device_id = body
        .device_id
        .clone()
-        .unwrap_or_else(|| "TODO:randomdeviceid".to_owned());
+        .unwrap_or_else(|| utils::random_string(DEVICE_ID_LENGTH));

    // Add device
    data.device_add(&user_id, &device_id);

    // Generate new token for the device
-    let token = "TODO:randomtoken".to_owned();
+    let token = utils::random_string(TOKEN_LENGTH);
    data.token_replace(&user_id, &device_id, token.clone());

    MatrixResult(Ok(register::Response {
@ -112,6 +119,13 @@ fn register_route(
    }))
 }

+#[get("/_matrix/client/r0/login", data = "<_body>")]
+fn get_login_route(_body: Ruma<login::Request>) -> MatrixResult<get_login_types::Response> {
+    MatrixResult(Ok(get_login_types::Response {
+        flows: vec![get_login_types::LoginType::Password],
+    }))
+}
+
 #[post("/_matrix/client/r0/login", data = "<body>")]
 fn login_route(data: State<Data>, body: Ruma<login::Request>) -> MatrixResult<login::Response> {
    // Validate login method
@ -167,22 +181,22 @@ fn login_route(data: State<Data>, body: Ruma<login::Request>) -> MatrixResult<lo
    let device_id = body
        .device_id
        .clone()
-        .unwrap_or("TODO:randomdeviceid".to_owned());
+        .unwrap_or_else(|| utils::random_string(DEVICE_ID_LENGTH));

    // Add device
    data.device_add(&user_id, &device_id);

    // Generate a new token for the device
-    let token = "TODO:randomtoken".to_owned();
+    let token = utils::random_string(TOKEN_LENGTH);
    data.token_replace(&user_id, &device_id, token.clone());

-    return MatrixResult(Ok(login::Response {
+    MatrixResult(Ok(login::Response {
        user_id,
        access_token: token,
        home_server: Some(data.hostname().to_owned()),
        device_id,
        well_known: None,
-    }));
+    }))
 }

 #[post("/_matrix/client/r0/createRoom", data = "<body>")]
@ -388,6 +402,7 @@ fn main() {
            routes![
                get_supported_versions_route,
                register_route,
+                get_login_route,
                login_route,
                create_room_route,
                get_alias_route,
--- a/src/utils.rs
+++ b/src/utils.rs
@ -1,3 +1,4 @@
+use rand::prelude::*;
 use std::{
    convert::TryInto,
    time::{SystemTime, UNIX_EPOCH},
@ -32,3 +33,10 @@ pub fn u64_from_bytes(bytes: &[u8]) -> u64 {
 pub fn string_from_bytes(bytes: &[u8]) -> String {
    String::from_utf8(bytes.to_vec()).expect("bytes are valid utf8")
 }
+
+pub fn random_string(length: usize) -> String {
+    thread_rng()
+        .sample_iter(&rand::distributions::Alphanumeric)
+        .take(length)
+        .collect()
+}