2020-11-22 13:49:34 +01:00
|
|
|
class AuthD::Request
|
2024-02-17 18:26:23 +01:00
|
|
|
def self.perform_login(authd : AuthD::Service, fd : Int32, user : AuthD::User)
|
|
|
|
user.date_last_connection = Time.local
|
|
|
|
token = user.to_token
|
|
|
|
|
|
|
|
# Change the date of the last connection.
|
|
|
|
authd.users_per_uid.update user.uid.to_s, user
|
|
|
|
|
|
|
|
# On successuful connection: store the authenticated user in a hash.
|
|
|
|
authd.logged_users[fd] = user.to_public
|
|
|
|
|
|
|
|
Response::Login.new (token.to_s authd.configuration.secret_key), user.uid
|
|
|
|
end
|
|
|
|
|
2023-06-10 17:26:12 +02:00
|
|
|
IPC::JSON.message Login, 0 do
|
2020-11-22 13:49:34 +01:00
|
|
|
property login : String
|
|
|
|
property password : String
|
|
|
|
|
|
|
|
def initialize(@login, @password)
|
|
|
|
end
|
|
|
|
|
2023-06-10 17:26:12 +02:00
|
|
|
def handle(authd : AuthD::Service, fd : Int32)
|
2020-11-22 13:49:34 +01:00
|
|
|
begin
|
|
|
|
user = authd.users_per_login.get @login
|
|
|
|
rescue e : DODB::MissingEntry
|
2023-06-12 14:40:03 +02:00
|
|
|
# This lack of proper error message is intentional.
|
|
|
|
# Let attackers try to authenticate themselves with a wrong login.
|
2023-06-14 01:51:55 +02:00
|
|
|
return Response::ErrorInvalidCredentials.new
|
2020-11-22 13:49:34 +01:00
|
|
|
end
|
|
|
|
|
2023-06-12 14:40:03 +02:00
|
|
|
# This line is basically just to please the Crystal's type system.
|
|
|
|
# No user means DODB::MissingEntry, so it's already covered.
|
2023-06-14 01:51:55 +02:00
|
|
|
return Response::ErrorInvalidCredentials.new if user.nil?
|
2020-11-22 13:49:34 +01:00
|
|
|
|
2024-02-11 20:25:08 +01:00
|
|
|
# In case the user hasn't validated his email address,
|
|
|
|
# authentication shouldn't be possible.
|
|
|
|
if user.contact.activation_key
|
|
|
|
return Response::ErrorInvalidCredentials.new
|
|
|
|
end
|
|
|
|
|
2020-11-22 13:49:34 +01:00
|
|
|
if user.password_hash != authd.hash_password @password
|
2023-06-14 01:51:55 +02:00
|
|
|
return Response::ErrorInvalidCredentials.new
|
2020-11-22 13:49:34 +01:00
|
|
|
end
|
|
|
|
|
2024-02-17 18:26:23 +01:00
|
|
|
AuthD::Request.perform_login authd, fd, user.not_nil!
|
|
|
|
end
|
|
|
|
end
|
|
|
|
AuthD.requests << Login
|
|
|
|
|
|
|
|
IPC::JSON.message AuthByToken, 15 do
|
|
|
|
property token : String
|
|
|
|
|
|
|
|
def initialize(@token)
|
|
|
|
end
|
2020-11-22 13:49:34 +01:00
|
|
|
|
2024-02-17 18:26:23 +01:00
|
|
|
def handle(authd : AuthD::Service, fd : Int32)
|
|
|
|
token_payload = AuthD::Token.from_s authd.configuration.secret_key, token
|
|
|
|
user = authd.users_per_uid.get? token_payload.uid.to_s
|
2020-11-22 13:49:34 +01:00
|
|
|
|
2024-02-17 18:26:23 +01:00
|
|
|
return Response::ErrorUserNotFound.new if user.nil?
|
2023-06-11 16:39:16 +02:00
|
|
|
|
2024-02-17 18:26:23 +01:00
|
|
|
AuthD::Request.perform_login authd, fd, user
|
2020-11-22 13:49:34 +01:00
|
|
|
end
|
|
|
|
end
|
2024-02-17 18:26:23 +01:00
|
|
|
AuthD.requests << AuthByToken
|
2020-11-22 13:49:34 +01:00
|
|
|
end
|