Lowercase all incoming names
parent
fd0a363293
commit
d5be76624c
|
@ -0,0 +1,17 @@
|
|||
[development]
|
||||
address = "localhost"
|
||||
port = 8000
|
||||
keep_alive = 5
|
||||
read_timeout = 5
|
||||
write_timeout = 5
|
||||
log = "normal"
|
||||
limits = { forms = 32768 }
|
||||
|
||||
[production]
|
||||
address = "0.0.0.0"
|
||||
port = 8080
|
||||
keep_alive = 5
|
||||
read_timeout = 5
|
||||
write_timeout = 5
|
||||
log = "critical"
|
||||
limits = { forms = 32768 }
|
19
src/auth.rs
19
src/auth.rs
|
@ -10,7 +10,7 @@ extern crate sha1;
|
|||
#[post("/register", format = "json", data = "<data>")]
|
||||
pub fn register(data: Json<RegisterEvent>) -> JsonValue {
|
||||
// check if the user exists
|
||||
if let Some(_user) = db_read_user(&data.name).ok().flatten() {
|
||||
if let Some(_user) = db_read_user(&data.name.to_lowercase()).ok().flatten() {
|
||||
warn!("Cannot create user {}! User is already in system.", data.name);
|
||||
return json!({
|
||||
"status": "fail",
|
||||
|
@ -41,26 +41,21 @@ pub fn register(data: Json<RegisterEvent>) -> JsonValue {
|
|||
}
|
||||
}
|
||||
|
||||
fn create_token(name: String, mut user: User) -> String {
|
||||
fn create_token(mut user: User) -> String {
|
||||
let charset = "1234567890abcdefghijklmnopqrstuvwxyz";
|
||||
|
||||
if user.name == name {
|
||||
user.session_token = generate(12, charset);
|
||||
db_add(&user);
|
||||
info!("succesfully created token for user {}", name);
|
||||
info!("succesfully created token for user {}", user.name);
|
||||
let token = user.session_token.clone();
|
||||
return token;
|
||||
};
|
||||
|
||||
warn!("something bad happened while creating a token and idk what");
|
||||
return "NULL".to_string();
|
||||
}
|
||||
|
||||
// Check if user is properly logged in
|
||||
#[get("/token/<name>")]
|
||||
pub fn check_token(name: String, mut cookies: Cookies) -> JsonValue {
|
||||
// check if the user is in the system
|
||||
if let Some(user) = db_read_user(&name).ok().flatten() {
|
||||
if let Some(user) = db_read_user(&name.to_lowercase()).ok().flatten() {
|
||||
// get the token from the cookie
|
||||
let token = match cookies.get_private("token") {
|
||||
None => {
|
||||
|
@ -157,7 +152,7 @@ pub fn login(data: Json<LoginEvent>, mut cookies: Cookies) -> JsonValue {
|
|||
info!("pin correct for user {}", &user.name);
|
||||
|
||||
// Create token for user & set a cookie
|
||||
let token = create_token(user.name.clone(), user);
|
||||
let token = create_token(user);
|
||||
let cookie = Cookie::build("token", token)
|
||||
.path("/")
|
||||
.finish();
|
||||
|
@ -215,7 +210,7 @@ pub fn change_info(input: Json<ChangeEvent>, mut cookies: Cookies) -> JsonValue
|
|||
}
|
||||
|
||||
// find the user
|
||||
if let Some(mut user) = db_read_user(&input.name).ok().flatten() {
|
||||
if let Some(mut user) = db_read_user(&input.name.to_lowercase()).ok().flatten() {
|
||||
if token.value() == user.session_token { // & if token matches:
|
||||
match input.changed_event {
|
||||
ChangeEventType::Name => {
|
||||
|
@ -274,7 +269,7 @@ pub fn get_user(name: String) -> JsonValue {
|
|||
return json!({
|
||||
"status":"ok",
|
||||
"user": {
|
||||
"name": user.name,
|
||||
"name": user.name.to_lowercase(),
|
||||
"pronouns": user.pronouns,
|
||||
"role": user.role,
|
||||
},
|
||||
|
|
|
@ -33,7 +33,7 @@ fn create_message(message: Json<MessageInput>, user: &User) -> JsonValue {
|
|||
let message_obj: Message = Message {
|
||||
id: Uuid::new_v4(),
|
||||
event_type,
|
||||
user: user.name.to_owned(),
|
||||
user: user.name.to_lowercase().to_owned(),
|
||||
body: message.body.to_string(),
|
||||
created_at: Utc::now(),
|
||||
};
|
||||
|
|
Loading…
Reference in New Issue