Spiegel von
https://github.com/dani-garcia/vaultwarden.git
synchronisiert 2024-11-22 05:10:29 +01:00
Make sure TOTP codes can be both Numbers or Strings, fixes #30
Dieser Commit ist enthalten in:
Ursprung
ca01fa1419
Commit
2cf46e1a5f
2 geänderte Dateien mit 16 neuen und 6 gelöschten Zeilen
|
@ -6,7 +6,7 @@ use db::DbConn;
|
||||||
|
|
||||||
use crypto;
|
use crypto;
|
||||||
|
|
||||||
use api::{PasswordData, JsonResult};
|
use api::{PasswordData, JsonResult, NumberOrString};
|
||||||
use auth::Headers;
|
use auth::Headers;
|
||||||
|
|
||||||
#[get("/two-factor")]
|
#[get("/two-factor")]
|
||||||
|
@ -98,12 +98,12 @@ fn generate_authenticator(data: Json<PasswordData>, headers: Headers) -> JsonRes
|
||||||
})))
|
})))
|
||||||
}
|
}
|
||||||
|
|
||||||
#[derive(Deserialize)]
|
#[derive(Deserialize, Debug)]
|
||||||
#[allow(non_snake_case)]
|
#[allow(non_snake_case)]
|
||||||
struct EnableTwoFactorData {
|
struct EnableTwoFactorData {
|
||||||
masterPasswordHash: String,
|
masterPasswordHash: String,
|
||||||
key: String,
|
key: String,
|
||||||
token: u64,
|
token: NumberOrString,
|
||||||
}
|
}
|
||||||
|
|
||||||
#[post("/two-factor/authenticator", data = "<data>")]
|
#[post("/two-factor/authenticator", data = "<data>")]
|
||||||
|
@ -111,7 +111,10 @@ fn activate_authenticator(data: Json<EnableTwoFactorData>, headers: Headers, con
|
||||||
let data: EnableTwoFactorData = data.into_inner();
|
let data: EnableTwoFactorData = data.into_inner();
|
||||||
let password_hash = data.masterPasswordHash;
|
let password_hash = data.masterPasswordHash;
|
||||||
let key = data.key;
|
let key = data.key;
|
||||||
let token = data.token;
|
let token = match data.token.to_i32() {
|
||||||
|
Some(n) => n as u64,
|
||||||
|
None => err!("Malformed token")
|
||||||
|
};
|
||||||
|
|
||||||
if !headers.user.check_valid_password(&password_hash) {
|
if !headers.user.check_valid_password(&password_hash) {
|
||||||
err!("Invalid password");
|
err!("Invalid password");
|
||||||
|
@ -154,7 +157,7 @@ fn activate_authenticator(data: Json<EnableTwoFactorData>, headers: Headers, con
|
||||||
struct DisableTwoFactorData {
|
struct DisableTwoFactorData {
|
||||||
masterPasswordHash: String,
|
masterPasswordHash: String,
|
||||||
#[serde(rename = "type")]
|
#[serde(rename = "type")]
|
||||||
type_: u32,
|
type_: NumberOrString,
|
||||||
}
|
}
|
||||||
|
|
||||||
#[post("/two-factor/disable", data = "<data>")]
|
#[post("/two-factor/disable", data = "<data>")]
|
||||||
|
|
|
@ -22,7 +22,7 @@ struct PasswordData {
|
||||||
masterPasswordHash: String
|
masterPasswordHash: String
|
||||||
}
|
}
|
||||||
|
|
||||||
#[derive(Deserialize)]
|
#[derive(Deserialize, Debug)]
|
||||||
#[serde(untagged)]
|
#[serde(untagged)]
|
||||||
enum NumberOrString {
|
enum NumberOrString {
|
||||||
Number(i32),
|
Number(i32),
|
||||||
|
@ -36,4 +36,11 @@ impl NumberOrString {
|
||||||
NumberOrString::String(s) => s
|
NumberOrString::String(s) => s
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
fn to_i32(self) -> Option<i32> {
|
||||||
|
match self {
|
||||||
|
NumberOrString::Number(n) => Some(n),
|
||||||
|
NumberOrString::String(s) => s.parse().ok()
|
||||||
|
}
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
Laden …
In neuem Issue referenzieren