diff --git a/src/requests/search.cr b/src/requests/search.cr index e834069..fbba15a 100644 --- a/src/requests/search.cr +++ b/src/requests/search.cr @@ -6,6 +6,10 @@ class AuthD::Request end def handle(authd : AuthD::Service, fd : Int32) + logged_user = authd.get_logged_user? fd + return Response::Error.new "you must be logged" if logged_user.nil? + return Response::Error.new "unauthorized (not admin)" unless logged_user.admin + pattern = Regex.new @user, Regex::Options::IGNORE_CASE matching_users = Array(AuthD::User::Public).new diff --git a/src/requests/users.cr b/src/requests/users.cr index 940a174..78cff4b 100644 --- a/src/requests/users.cr +++ b/src/requests/users.cr @@ -1,23 +1,20 @@ class AuthD::Request IPC::JSON.message ValidateUser, 2 do - property login : String - property activation_key : String + property user : UserID + property activation_key : String - def initialize(@login, @activation_key) + def initialize(@user, @activation_key) end def handle(authd : AuthD::Service, fd : Int32) - user = authd.users_per_login.get? @login - - if user.nil? - return Response::Error.new "user not found" - end + user = authd.user? @user + return Response::Error.new "user not found" if user.nil? if user.contact.activation_key.nil? return Response::Error.new "user already validated" end - # remove the user contact activation key: the email is validated + # Remove the user contact activation key: the email is validated. if user.contact.activation_key == @activation_key user.contact.activation_key = nil else @@ -32,22 +29,14 @@ class AuthD::Request AuthD.requests << ValidateUser IPC::JSON.message GetUser, 3 do - property user : Int32 | String + property user : UserID def initialize(@user) end def handle(authd : AuthD::Service, fd : Int32) - uid_or_login = @user - user = if uid_or_login.is_a? Int32 - authd.users_per_uid.get? uid_or_login.to_s - else - authd.users_per_login.get? uid_or_login - end - - if user.nil? - return Response::Error.new "user not found" - end + user = authd.user? @user + return Response::Error.new "user not found" if user.nil? Response::User.new user.to_public end @@ -63,18 +52,15 @@ class AuthD::Request def handle(authd : AuthD::Service, fd : Int32) user = authd.users_per_login.get? @login + return Response::Error.new "invalid credentials" unless user - unless user - return Response::Error.new "invalid credentials" - end - if authd.hash_password(@password) != user.password_hash return Response::Error.new "invalid credentials" end user.date_last_connection = Time.local - # change the date of the last connection + # Change the date of the last connection. authd.users_per_uid.update user.uid.to_s, user Response::User.new user.to_public