AskPasswordRecovery now compliant with the netlib.re interface. New email index.
This commit is contained in:
parent
2df24a583e
commit
af696b8768
src
@ -1,12 +1,24 @@
|
|||||||
class AuthD::Request
|
class AuthD::Request
|
||||||
IPC::JSON.message AskPasswordRecovery, 3 do
|
IPC::JSON.message AskPasswordRecovery, 3 do
|
||||||
property user : UserID
|
property login : String? = nil
|
||||||
|
property email : String? = nil
|
||||||
|
|
||||||
def initialize(@user)
|
def initialize(@login = nil, @email = nil)
|
||||||
end
|
end
|
||||||
|
|
||||||
def handle(authd : AuthD::Service, fd : Int32)
|
def handle(authd : AuthD::Service, fd : Int32)
|
||||||
user = authd.user? @user
|
if @login.nil? && @email.nil?
|
||||||
|
return Response::ErrorUserNotFound.new
|
||||||
|
end
|
||||||
|
|
||||||
|
user = if l = @login
|
||||||
|
authd.user? l
|
||||||
|
elsif mail = @email
|
||||||
|
authd.users_per_email.get? Base64.encode(mail)
|
||||||
|
else
|
||||||
|
nil
|
||||||
|
end
|
||||||
|
|
||||||
# This is a way for an attacker to know what are the valid logins.
|
# This is a way for an attacker to know what are the valid logins.
|
||||||
# Not sure I care enough to fix this.
|
# Not sure I care enough to fix this.
|
||||||
return Response::ErrorUserNotFound.new if user.nil?
|
return Response::ErrorUserNotFound.new if user.nil?
|
||||||
|
@ -25,6 +25,7 @@ class AuthD::Service < IPC
|
|||||||
property users : DODB::DataBase(User)
|
property users : DODB::DataBase(User)
|
||||||
property users_per_uid : DODB::Index(User)
|
property users_per_uid : DODB::Index(User)
|
||||||
property users_per_login : DODB::Index(User)
|
property users_per_login : DODB::Index(User)
|
||||||
|
property users_per_email : DODB::Index(User)
|
||||||
|
|
||||||
property logged_users : Hash(Int32, AuthD::User::Public)
|
property logged_users : Hash(Int32, AuthD::User::Public)
|
||||||
|
|
||||||
@ -37,6 +38,13 @@ class AuthD::Service < IPC
|
|||||||
@users = DODB::DataBase(User).new @configuration.storage
|
@users = DODB::DataBase(User).new @configuration.storage
|
||||||
@users_per_uid = @users.new_index "uid", &.uid.to_s
|
@users_per_uid = @users.new_index "uid", &.uid.to_s
|
||||||
@users_per_login = @users.new_index "login", &.login
|
@users_per_login = @users.new_index "login", &.login
|
||||||
|
@users_per_email = @users.new_index "email" do |user|
|
||||||
|
if mail = user.contact.email
|
||||||
|
Base64.encode mail
|
||||||
|
else
|
||||||
|
""
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
@last_uid_file = "#{@configuration.storage}/last_used_uid"
|
@last_uid_file = "#{@configuration.storage}/last_used_uid"
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user