commit c1cd4d9a6bfd1e588852e3ec48288efcbc77c71c
parent ec05f14f5a6bfb598252744a27332dea3fae5944
Author: Miroslav Prasil <miroslav@prasil.info>
Date: Tue, 11 Sep 2018 14:25:12 +0100
Modify User::new to be keyless and paswordless
Diffstat:
3 files changed, 8 insertions(+), 12 deletions(-)
diff --git a/src/api/core/accounts.rs b/src/api/core/accounts.rs
@@ -38,8 +38,6 @@ fn register(data: JsonUpcase<RegisterData>, conn: DbConn) -> EmptyResult {
user_org.status = UserOrgStatus::Accepted as i32;
user_org.save(&conn);
};
- user.set_password(&data.MasterPasswordHash);
- user.key = data.Key;
user
} else {
if CONFIG.signups_allowed {
@@ -51,13 +49,16 @@ fn register(data: JsonUpcase<RegisterData>, conn: DbConn) -> EmptyResult {
},
None => {
if CONFIG.signups_allowed || Invitation::take(&data.Email, &conn) {
- User::new(data.Email, data.Key, data.MasterPasswordHash)
+ User::new(data.Email)
} else {
err!("Registration not allowed")
}
}
};
+ user.set_password(&data.MasterPasswordHash);
+ user.key = data.Key;
+
// Add extra fields if present
if let Some(name) = data.Name {
user.name = name;
diff --git a/src/api/core/organizations.rs b/src/api/core/organizations.rs
@@ -380,7 +380,7 @@ fn send_invite(org_id: String, data: JsonUpcase<InviteData>, headers: AdminHeade
let mut invitation = Invitation::new(email.clone());
match invitation.save(&conn) {
Ok(()) => {
- let mut user = User::new_invited(email.clone());
+ let mut user = User::new(email.clone());
if user.save(&conn) {
user_org_status = UserOrgStatus::Invited as i32;
user
diff --git a/src/db/models/user.rs b/src/db/models/user.rs
@@ -39,13 +39,12 @@ pub struct User {
/// Local methods
impl User {
- pub fn new(mail: String, key: String, password: String) -> Self {
+ pub fn new(mail: String) -> Self {
let now = Utc::now().naive_utc();
let email = mail.to_lowercase();
let iterations = CONFIG.password_iterations;
let salt = crypto::get_random_64();
- let password_hash = crypto::hash_password(password.as_bytes(), &salt, iterations as u32);
Self {
uuid: Uuid::new_v4().to_string(),
@@ -53,9 +52,9 @@ impl User {
updated_at: now,
name: email.clone(),
email,
- key,
+ key: String::new(),
- password_hash,
+ password_hash: Vec::new(),
salt,
password_iterations: iterations,
@@ -73,10 +72,6 @@ impl User {
}
}
- pub fn new_invited(mail: String) -> Self {
- Self::new(mail,"".to_string(),"".to_string())
- }
-
pub fn check_valid_password(&self, password: &str) -> bool {
crypto::verify_password_hash(password.as_bytes(),
&self.salt,