vw_small

Hardened fork of Vaultwarden (https://github.com/dani-garcia/vaultwarden) with fewer features.
git clone https://git.philomathiclife.com/repos/vw_small
Log | Files | Refs | README
commit 9a7eeed9c528e9b33c01d1ab77d94c4899657a6f
parent 5470d37485815fa14172df3a55bd38a896f6808c
Author: Zack Newman <zack@philomathiclife.com>
Date:   Sun, 17 Dec 2023 16:35:49 -0700

use 64 bit times for totp. order routes by name

Diffstat:

Msrc/api/core/two_factor/authenticator.rs | 6+++---


Msrc/db/models/two_factor.rs | 10+++++-----


Msrc/db/schemas/sqlite/schema.rs | 2+-


3 files changed, 9 insertions(+), 9 deletions(-)

diff --git a/src/api/core/two_factor/authenticator.rs b/src/api/core/two_factor/authenticator.rs
@@ -140,13 +140,13 @@ async fn validate_totp_code(
     // Since we only have times into the future and the totp generator needs, a u64 instead of the default i64.
     let generated = totp_custom::<Sha1>(30, 6, &decoded_secret, current_timestamp);
     // Check the given code equals the generated one and if the time_step is larger than the one last used.
-    if generated == totp_code && time_step > u64::from(twofactor.last_used()) {
+    if generated == totp_code && time_step > twofactor.last_used() {
         // Save the last used time step so only totp time steps higher then this one are allowed.
         // This will also save a newly created twofactor if the code is correct.
-        twofactor.set_last_used(u32::try_from(time_step).expect("overflow"));
+        twofactor.set_last_used(time_step);
         twofactor.save(conn).await?;
         Ok(())
-    } else if generated == totp_code && time_step <= u64::from(twofactor.last_used()) {
+    } else if generated == totp_code && time_step <= twofactor.last_used() {
         warn!("This TOTP or a TOTP code within 0 steps back or forward has already been used!");
         err!(format!(
             "Invalid TOTP code! Server time: {} IP: {}",
diff --git a/src/db/models/two_factor.rs b/src/db/models/two_factor.rs
@@ -11,15 +11,15 @@ db_object! {
         pub atype: i32,
         pub enabled: bool,
         pub data: String,
-        last_used: i32,
+        last_used: i64,
     }
 }
 impl TwoFactor {
-    pub fn last_used(&self) -> u32 {
-        u32::try_from(self.last_used).expect("underflow")
+    pub fn last_used(&self) -> u64 {
+        u64::try_from(self.last_used).expect("underflow")
     }
-    pub fn set_last_used(&mut self, last: u32) {
-        self.last_used = i32::try_from(last).expect("overflow");
+    pub fn set_last_used(&mut self, last: u64) {
+        self.last_used = i64::try_from(last).expect("overflow");
     }
 }
 
diff --git a/src/db/schemas/sqlite/schema.rs b/src/db/schemas/sqlite/schema.rs
@@ -132,7 +132,7 @@ table! {
         atype -> Integer,
         enabled -> Bool,
         data -> Text,
-        last_used -> Integer,
+        last_used -> BigInt,
     }
 }