1
0
Fork 1
Spiegel von https://github.com/dani-garcia/vaultwarden.git synchronisiert 2024-11-26 05:50:29 +01:00
Dieser Commit ist enthalten in:
Daniel García 2019-12-06 22:12:41 +01:00
Ursprung a5aa4d9b54
Commit 912e1f93b7
Es konnte kein GPG-Schlüssel zu dieser Signatur gefunden werden
GPG-Schlüssel-ID: FC8A7D14C3CD543A
2 geänderte Dateien mit 14 neuen und 17 gelöschten Zeilen

Datei anzeigen

@ -1,13 +1,13 @@
use rocket_contrib::json::Json;
use chrono::Utc; use chrono::Utc;
use rocket_contrib::json::Json;
use crate::db::models::*; use crate::db::models::*;
use crate::db::DbConn; use crate::db::DbConn;
use crate::api::{EmptyResult, JsonResult, JsonUpcase, Notify, NumberOrString, PasswordData, UpdateType}; use crate::api::{EmptyResult, JsonResult, JsonUpcase, Notify, NumberOrString, PasswordData, UpdateType};
use crate::auth::{decode_invite, decode_delete, decode_verify_email, Headers}; use crate::auth::{decode_delete, decode_invite, decode_verify_email, Headers};
use crate::mail;
use crate::crypto; use crate::crypto;
use crate::mail;
use crate::CONFIG; use crate::CONFIG;
@ -414,20 +414,21 @@ fn post_email(data: JsonUpcase<ChangeEmailData>, headers: Headers, conn: DbConn)
match user.email_new { match user.email_new {
Some(ref val) => { Some(ref val) => {
if *val != data.NewEmail.to_string() { if val != &data.NewEmail {
err!("Email change mismatch"); err!("Email change mismatch");
} }
}, }
None => err!("No email change pending"), None => err!("No email change pending"),
} }
if CONFIG.mail_enabled() { if CONFIG.mail_enabled() {
// Only check the token if we sent out an email... // Only check the token if we sent out an email...
match user.email_new_token { match user.email_new_token {
Some(ref val) => Some(ref val) => {
if *val != data.Token.into_string() { if *val != data.Token.into_string() {
err!("Token mismatch"); err!("Token mismatch");
} }
}
None => err!("No email change pending"), None => err!("No email change pending"),
} }
user.verified_at = Some(Utc::now().naive_utc()); user.verified_at = Some(Utc::now().naive_utc());
@ -480,11 +481,9 @@ fn post_verify_email_token(data: JsonUpcase<VerifyEmailTokenData>, conn: DbConn)
Ok(claims) => claims, Ok(claims) => claims,
Err(_) => err!("Invalid claim"), Err(_) => err!("Invalid claim"),
}; };
if claims.sub != user.uuid { if claims.sub != user.uuid {
err!("Invalid claim"); err!("Invalid claim");
} }
user.verified_at = Some(Utc::now().naive_utc()); user.verified_at = Some(Utc::now().naive_utc());
user.last_verifying_at = None; user.last_verifying_at = None;
user.login_verify_count = 0; user.login_verify_count = 0;
@ -543,11 +542,9 @@ fn post_delete_recover_token(data: JsonUpcase<DeleteRecoverTokenData>, conn: DbC
Ok(claims) => claims, Ok(claims) => claims,
Err(_) => err!("Invalid claim"), Err(_) => err!("Invalid claim"),
}; };
if claims.sub != user.uuid { if claims.sub != user.uuid {
err!("Invalid claim"); err!("Invalid claim");
} }
user.delete(&conn) user.delete(&conn)
} }

Datei anzeigen

@ -1,9 +1,9 @@
use chrono::Utc;
use num_traits::FromPrimitive; use num_traits::FromPrimitive;
use rocket::request::{Form, FormItems, FromForm}; use rocket::request::{Form, FormItems, FromForm};
use rocket::Route; use rocket::Route;
use rocket_contrib::json::Json; use rocket_contrib::json::Json;
use serde_json::Value; use serde_json::Value;
use chrono::Utc;
use crate::api::core::two_factor::email::EmailTokenData; use crate::api::core::two_factor::email::EmailTokenData;
use crate::api::core::two_factor::{duo, email, yubikey}; use crate::api::core::two_factor::{duo, email, yubikey};
@ -97,7 +97,7 @@ fn _password_login(data: ConnectData, conn: DbConn, ip: ClientIp) -> JsonResult
) )
} }
if !user.verified_at.is_some() && CONFIG.mail_enabled() && CONFIG.signups_verify() { if user.verified_at.is_none() && CONFIG.mail_enabled() && CONFIG.signups_verify() {
let now = Utc::now().naive_utc(); let now = Utc::now().naive_utc();
if user.last_verifying_at.is_none() || now.signed_duration_since(user.last_verifying_at.unwrap()).num_seconds() > CONFIG.signups_verify_resend_time() as i64 { if user.last_verifying_at.is_none() || now.signed_duration_since(user.last_verifying_at.unwrap()).num_seconds() > CONFIG.signups_verify_resend_time() as i64 {
let resend_limit = CONFIG.signups_verify_resend_limit() as i32; let resend_limit = CONFIG.signups_verify_resend_limit() as i32;
@ -106,7 +106,7 @@ fn _password_login(data: ConnectData, conn: DbConn, ip: ClientIp) -> JsonResult
// their email address, and we haven't sent them a reminder in a while... // their email address, and we haven't sent them a reminder in a while...
let mut user = user; let mut user = user;
user.last_verifying_at = Some(now); user.last_verifying_at = Some(now);
user.login_verify_count = user.login_verify_count + 1; user.login_verify_count += 1;
if let Err(e) = user.save(&conn) { if let Err(e) = user.save(&conn) {
error!("Error updating user: {:#?}", e); error!("Error updating user: {:#?}", e);