New TODO.md + improved password management (simpler code and messages).
This commit is contained in:
parent
2786e2f7ff
commit
cf97fab773
@ -1,4 +1,3 @@
|
||||
|
||||
# authd
|
||||
|
||||
authd is a token-based authentication micro-service.
|
||||
@ -97,4 +96,3 @@ pp! u = authd.get_user?("login", "password").not_nil!
|
||||
Pull requests are welcome. For major changes, please open an issue first to discuss what you would like to change.
|
||||
|
||||
Please make sure to update tests as appropriate.
|
||||
|
||||
|
18
TODO.md
Normal file
18
TODO.md
Normal file
@ -0,0 +1,18 @@
|
||||
### Consistency in error management.
|
||||
|
||||
**Both exceptions and error reponses are used**.
|
||||
A choice should be made between the two options.
|
||||
A combinaison of both is fine as long as the logic is comprehensively documented.
|
||||
|
||||
**Response::Error** class is overused.
|
||||
A simple error message is given instead of specific messages for each recurring error.
|
||||
In the same time, some exceptions (such as **AdminAuthenticationException**) are used a few times for the same kind of errors.
|
||||
|
||||
### Structures, not classes
|
||||
|
||||
Maybe in some cases, it could be great to use structures instead of classes.
|
||||
They are simpler, use less memory and computation.
|
||||
|
||||
### Documentation.
|
||||
|
||||
Documentation isn't started, yet. TODO!
|
@ -116,8 +116,8 @@ module AuthD
|
||||
end
|
||||
end
|
||||
|
||||
def ask_password_recovery(uid_or_login : String | Int32, email : String)
|
||||
send_now Request::AskPasswordRecovery.new uid_or_login, email
|
||||
def ask_password_recovery(uid_or_login : String | Int32)
|
||||
send_now Request::AskPasswordRecovery.new uid_or_login
|
||||
response = AuthD.responses.parse_ipc_json read
|
||||
|
||||
case response
|
||||
|
@ -155,13 +155,13 @@ parser = OptionParser.new do |parser|
|
||||
end
|
||||
|
||||
parser.on "recover", "Recover user password." do
|
||||
parser.banner = "Usage: user recover login email [opt]"
|
||||
parser.banner = "Usage: user recover login [opt]"
|
||||
Baguette::Log.info "Recover user password."
|
||||
Context.command = "user-recovery"
|
||||
# No need to be authenticated.
|
||||
opt_help.call parser
|
||||
# login email
|
||||
unrecognized_args_to_context_args.call parser, 2
|
||||
unrecognized_args_to_context_args.call parser, 1
|
||||
end
|
||||
|
||||
|
||||
|
@ -160,9 +160,8 @@ class Actions
|
||||
end
|
||||
def user_recovery
|
||||
args = Context.args.not_nil!
|
||||
login, email = args[0..1]
|
||||
# TODO: login.
|
||||
pp! authd.ask_password_recovery login, email
|
||||
login = args[0]
|
||||
pp! authd.ask_password_recovery login
|
||||
end
|
||||
|
||||
def permission_check
|
||||
|
@ -43,39 +43,26 @@ class AuthD::Request
|
||||
|
||||
authd.users_per_uid.update user.uid.to_s, user
|
||||
|
||||
Response::PasswordRecovered.new user.to_public
|
||||
Response::PasswordRecovered.new
|
||||
end
|
||||
end
|
||||
AuthD.requests << PasswordRecovery
|
||||
|
||||
IPC::JSON.message AskPasswordRecovery, 12 do
|
||||
property user : Int32 | String
|
||||
property email : String
|
||||
property user : UserID
|
||||
|
||||
def initialize(@user, @email)
|
||||
def initialize(@user)
|
||||
end
|
||||
|
||||
def handle(authd : AuthD::Service, fd : Int32)
|
||||
uid_or_login = @user
|
||||
user = if uid_or_login.is_a? Int32
|
||||
authd.users_per_uid.get? uid_or_login.to_s
|
||||
else
|
||||
authd.users_per_login.get? uid_or_login
|
||||
end
|
||||
|
||||
if user.nil?
|
||||
return Response::Error.new "no such user"
|
||||
end
|
||||
|
||||
if user.contact.email != @email
|
||||
# Same error as when users are not found.
|
||||
return Response::Error.new "no such user"
|
||||
end
|
||||
user = authd.user? @user
|
||||
return Response::Error.new "user not found" if user.nil?
|
||||
|
||||
# Create a new random key for password renewal.
|
||||
user.password_renew_key = UUID.random.to_s
|
||||
|
||||
authd.users_per_uid.update user.uid.to_s, user
|
||||
|
||||
# TODO: this is debug information. Should be removed once tested.
|
||||
# Once the user is created and stored, we try to contact him
|
||||
if authd.configuration.print_password_recovery_parameters
|
||||
pp! user.login,
|
||||
@ -101,7 +88,7 @@ class AuthD::Request
|
||||
raise "cannot contact user #{u_login} address #{u_email}"
|
||||
end
|
||||
|
||||
Response::PasswordRecoverySent.new user.to_public
|
||||
Response::PasswordRecoverySent.new
|
||||
end
|
||||
end
|
||||
AuthD.requests << AskPasswordRecovery
|
||||
|
@ -1,14 +1,12 @@
|
||||
class AuthD::Response
|
||||
IPC::JSON.message PasswordRecoverySent, 9 do
|
||||
property user : ::AuthD::User::Public
|
||||
def initialize(@user)
|
||||
def initialize
|
||||
end
|
||||
end
|
||||
AuthD.responses << PasswordRecoverySent
|
||||
|
||||
IPC::JSON.message PasswordRecovered, 10 do
|
||||
property user : ::AuthD::User::Public
|
||||
def initialize(@user)
|
||||
def initialize
|
||||
end
|
||||
end
|
||||
AuthD.responses << PasswordRecovered
|
||||
|
Loading…
Reference in New Issue
Block a user