vw_small

Hardened fork of Vaultwarden (https://github.com/dani-garcia/vaultwarden) with fewer features.
git clone https://git.philomathiclife.com/repos/vw_small
Log | Files | Refs | README

commit c1cd4d9a6bfd1e588852e3ec48288efcbc77c71c
parent ec05f14f5a6bfb598252744a27332dea3fae5944
Author: Miroslav Prasil <miroslav@prasil.info>
Date:   Tue, 11 Sep 2018 14:25:12 +0100

Modify User::new to be keyless and paswordless

Diffstat:
Msrc/api/core/accounts.rs | 7++++---
Msrc/api/core/organizations.rs | 2+-
Msrc/db/models/user.rs | 11+++--------
3 files changed, 8 insertions(+), 12 deletions(-)

diff --git a/src/api/core/accounts.rs b/src/api/core/accounts.rs @@ -38,8 +38,6 @@ fn register(data: JsonUpcase<RegisterData>, conn: DbConn) -> EmptyResult { user_org.status = UserOrgStatus::Accepted as i32; user_org.save(&conn); }; - user.set_password(&data.MasterPasswordHash); - user.key = data.Key; user } else { if CONFIG.signups_allowed { @@ -51,13 +49,16 @@ fn register(data: JsonUpcase<RegisterData>, conn: DbConn) -> EmptyResult { }, None => { if CONFIG.signups_allowed || Invitation::take(&data.Email, &conn) { - User::new(data.Email, data.Key, data.MasterPasswordHash) + User::new(data.Email) } else { err!("Registration not allowed") } } }; + user.set_password(&data.MasterPasswordHash); + user.key = data.Key; + // Add extra fields if present if let Some(name) = data.Name { user.name = name; diff --git a/src/api/core/organizations.rs b/src/api/core/organizations.rs @@ -380,7 +380,7 @@ fn send_invite(org_id: String, data: JsonUpcase<InviteData>, headers: AdminHeade let mut invitation = Invitation::new(email.clone()); match invitation.save(&conn) { Ok(()) => { - let mut user = User::new_invited(email.clone()); + let mut user = User::new(email.clone()); if user.save(&conn) { user_org_status = UserOrgStatus::Invited as i32; user diff --git a/src/db/models/user.rs b/src/db/models/user.rs @@ -39,13 +39,12 @@ pub struct User { /// Local methods impl User { - pub fn new(mail: String, key: String, password: String) -> Self { + pub fn new(mail: String) -> Self { let now = Utc::now().naive_utc(); let email = mail.to_lowercase(); let iterations = CONFIG.password_iterations; let salt = crypto::get_random_64(); - let password_hash = crypto::hash_password(password.as_bytes(), &salt, iterations as u32); Self { uuid: Uuid::new_v4().to_string(), @@ -53,9 +52,9 @@ impl User { updated_at: now, name: email.clone(), email, - key, + key: String::new(), - password_hash, + password_hash: Vec::new(), salt, password_iterations: iterations, @@ -73,10 +72,6 @@ impl User { } } - pub fn new_invited(mail: String) -> Self { - Self::new(mail,"".to_string(),"".to_string()) - } - pub fn check_valid_password(&self, password: &str) -> bool { crypto::verify_password_hash(password.as_bytes(), &self.salt,