Validate all needed fields for client API login - vw_small

commit 7026e004e1e32c6a091bf10fd948b3725f562c06
parent a3084feaee53e3ab36026f8c0cbc8635e1b80216
Author: BlackDex <black.dex@gmail.com>
Date:   Thu, 16 Feb 2023 16:29:24 +0100

Validate all needed fields for client API login

During the client API login we need to have a `device_identifier`, `device_name` and `device_type`.
When these were not provided Vaultwarden would panic.

This PR add checks for these fields and makes sure it returns a better error message instead of causing a panic.

Diffstat:
M src/api/identity.rs  | 4 ++++

1 file changed, 4 insertions(+), 0 deletions(-)
diff --git a/src/api/identity.rs b/src/api/identity.rs
@@ -52,6 +52,10 @@ async fn login(data: Form<ConnectData>, client_header: ClientHeaders, mut conn: 
             _check_is_some(&data.client_secret, "client_secret cannot be blank")?;
             _check_is_some(&data.scope, "scope cannot be blank")?;
 
+            _check_is_some(&data.device_identifier, "device_identifier cannot be blank")?;
+            _check_is_some(&data.device_name, "device_name cannot be blank")?;
+            _check_is_some(&data.device_type, "device_type cannot be blank")?;
+
             _api_key_login(data, &mut user_uuid, &mut conn, &ip).await
         }
         t => err!("Invalid type", t),

	vw_small Hardened fork of Vaultwarden (https://github.com/dani-garcia/vaultwarden) with fewer features.
	git clone https://git.philomathiclife.com/repos/vw_small
	Log \| Files \| Refs \| README