Spiegel von
https://github.com/dani-garcia/vaultwarden.git
synchronisiert 2024-11-26 05:50:29 +01:00
Modify User::new to be keyless and paswordless
Dieser Commit ist enthalten in:
Ursprung
ec05f14f5a
Commit
c1cd4d9a6b
3 geänderte Dateien mit 8 neuen und 12 gelöschten Zeilen
|
@ -38,8 +38,6 @@ fn register(data: JsonUpcase<RegisterData>, conn: DbConn) -> EmptyResult {
|
|||
user_org.status = UserOrgStatus::Accepted as i32;
|
||||
user_org.save(&conn);
|
||||
};
|
||||
user.set_password(&data.MasterPasswordHash);
|
||||
user.key = data.Key;
|
||||
user
|
||||
} else {
|
||||
if CONFIG.signups_allowed {
|
||||
|
@ -51,13 +49,16 @@ fn register(data: JsonUpcase<RegisterData>, conn: DbConn) -> EmptyResult {
|
|||
},
|
||||
None => {
|
||||
if CONFIG.signups_allowed || Invitation::take(&data.Email, &conn) {
|
||||
User::new(data.Email, data.Key, data.MasterPasswordHash)
|
||||
User::new(data.Email)
|
||||
} else {
|
||||
err!("Registration not allowed")
|
||||
}
|
||||
}
|
||||
};
|
||||
|
||||
user.set_password(&data.MasterPasswordHash);
|
||||
user.key = data.Key;
|
||||
|
||||
// Add extra fields if present
|
||||
if let Some(name) = data.Name {
|
||||
user.name = name;
|
||||
|
|
|
@ -380,7 +380,7 @@ fn send_invite(org_id: String, data: JsonUpcase<InviteData>, headers: AdminHeade
|
|||
let mut invitation = Invitation::new(email.clone());
|
||||
match invitation.save(&conn) {
|
||||
Ok(()) => {
|
||||
let mut user = User::new_invited(email.clone());
|
||||
let mut user = User::new(email.clone());
|
||||
if user.save(&conn) {
|
||||
user_org_status = UserOrgStatus::Invited as i32;
|
||||
user
|
||||
|
|
|
@ -39,13 +39,12 @@ pub struct User {
|
|||
|
||||
/// Local methods
|
||||
impl User {
|
||||
pub fn new(mail: String, key: String, password: String) -> Self {
|
||||
pub fn new(mail: String) -> Self {
|
||||
let now = Utc::now().naive_utc();
|
||||
let email = mail.to_lowercase();
|
||||
|
||||
let iterations = CONFIG.password_iterations;
|
||||
let salt = crypto::get_random_64();
|
||||
let password_hash = crypto::hash_password(password.as_bytes(), &salt, iterations as u32);
|
||||
|
||||
Self {
|
||||
uuid: Uuid::new_v4().to_string(),
|
||||
|
@ -53,9 +52,9 @@ impl User {
|
|||
updated_at: now,
|
||||
name: email.clone(),
|
||||
email,
|
||||
key,
|
||||
key: String::new(),
|
||||
|
||||
password_hash,
|
||||
password_hash: Vec::new(),
|
||||
salt,
|
||||
password_iterations: iterations,
|
||||
|
||||
|
@ -73,10 +72,6 @@ impl User {
|
|||
}
|
||||
}
|
||||
|
||||
pub fn new_invited(mail: String) -> Self {
|
||||
Self::new(mail,"".to_string(),"".to_string())
|
||||
}
|
||||
|
||||
pub fn check_valid_password(&self, password: &str) -> bool {
|
||||
crypto::verify_password_hash(password.as_bytes(),
|
||||
&self.salt,
|
||||
|
|
Laden …
In neuem Issue referenzieren