New TODO.md + improved password management (simpler code and messages).

master
Philippe Pittoli 2023-06-11 21:10:03 +02:00
parent 2786e2f7ff
commit cf97fab773
7 changed files with 34 additions and 34 deletions

View File

@ -1,4 +1,3 @@
# authd
authd is a token-based authentication micro-service.
@ -97,4 +96,3 @@ pp! u = authd.get_user?("login", "password").not_nil!
Pull requests are welcome. For major changes, please open an issue first to discuss what you would like to change.
Please make sure to update tests as appropriate.

18
TODO.md Normal file
View File

@ -0,0 +1,18 @@
### Consistency in error management.
**Both exceptions and error reponses are used**.
A choice should be made between the two options.
A combinaison of both is fine as long as the logic is comprehensively documented.
**Response::Error** class is overused.
A simple error message is given instead of specific messages for each recurring error.
In the same time, some exceptions (such as **AdminAuthenticationException**) are used a few times for the same kind of errors.
### Structures, not classes
Maybe in some cases, it could be great to use structures instead of classes.
They are simpler, use less memory and computation.
### Documentation.
Documentation isn't started, yet. TODO!

View File

@ -116,8 +116,8 @@ module AuthD
end
end
def ask_password_recovery(uid_or_login : String | Int32, email : String)
send_now Request::AskPasswordRecovery.new uid_or_login, email
def ask_password_recovery(uid_or_login : String | Int32)
send_now Request::AskPasswordRecovery.new uid_or_login
response = AuthD.responses.parse_ipc_json read
case response

View File

@ -155,13 +155,13 @@ parser = OptionParser.new do |parser|
end
parser.on "recover", "Recover user password." do
parser.banner = "Usage: user recover login email [opt]"
parser.banner = "Usage: user recover login [opt]"
Baguette::Log.info "Recover user password."
Context.command = "user-recovery"
# No need to be authenticated.
opt_help.call parser
# login email
unrecognized_args_to_context_args.call parser, 2
unrecognized_args_to_context_args.call parser, 1
end

View File

@ -160,9 +160,8 @@ class Actions
end
def user_recovery
args = Context.args.not_nil!
login, email = args[0..1]
# TODO: login.
pp! authd.ask_password_recovery login, email
login = args[0]
pp! authd.ask_password_recovery login
end
def permission_check

View File

@ -43,39 +43,26 @@ class AuthD::Request
authd.users_per_uid.update user.uid.to_s, user
Response::PasswordRecovered.new user.to_public
Response::PasswordRecovered.new
end
end
AuthD.requests << PasswordRecovery
IPC::JSON.message AskPasswordRecovery, 12 do
property user : Int32 | String
property email : String
property user : UserID
def initialize(@user, @email)
def initialize(@user)
end
def handle(authd : AuthD::Service, fd : Int32)
uid_or_login = @user
user = if uid_or_login.is_a? Int32
authd.users_per_uid.get? uid_or_login.to_s
else
authd.users_per_login.get? uid_or_login
end
if user.nil?
return Response::Error.new "no such user"
end
if user.contact.email != @email
# Same error as when users are not found.
return Response::Error.new "no such user"
end
user = authd.user? @user
return Response::Error.new "user not found" if user.nil?
# Create a new random key for password renewal.
user.password_renew_key = UUID.random.to_s
authd.users_per_uid.update user.uid.to_s, user
# TODO: this is debug information. Should be removed once tested.
# Once the user is created and stored, we try to contact him
if authd.configuration.print_password_recovery_parameters
pp! user.login,
@ -101,7 +88,7 @@ class AuthD::Request
raise "cannot contact user #{u_login} address #{u_email}"
end
Response::PasswordRecoverySent.new user.to_public
Response::PasswordRecoverySent.new
end
end
AuthD.requests << AskPasswordRecovery

View File

@ -1,14 +1,12 @@
class AuthD::Response
IPC::JSON.message PasswordRecoverySent, 9 do
property user : ::AuthD::User::Public
def initialize(@user)
def initialize
end
end
AuthD.responses << PasswordRecoverySent
IPC::JSON.message PasswordRecovered, 10 do
property user : ::AuthD::User::Public
def initialize(@user)
def initialize
end
end
AuthD.responses << PasswordRecovered