53 lines
1.4 KiB
Crystal
53 lines
1.4 KiB
Crystal
class AuthD::Request
|
|
IPC::JSON.message ValidateUser, 2 do
|
|
property user : UserID
|
|
property activation_key : String
|
|
|
|
def initialize(@user, @activation_key)
|
|
end
|
|
|
|
def handle(authd : AuthD::Service, fd : Int32)
|
|
user = authd.user? @user
|
|
# This is a way for an attacker to know what are the valid logins.
|
|
# Not sure I care enough to fix this.
|
|
return Response::ErrorUserNotFound.new if user.nil?
|
|
|
|
if user.contact.activation_key.nil?
|
|
return Response::ErrorUserAlreadyValidated.new
|
|
end
|
|
|
|
# Remove the user contact activation key: the email is validated.
|
|
if user.contact.activation_key == @activation_key
|
|
user.contact.activation_key = nil
|
|
else
|
|
return Response::ErrorInvalidActivationKey.new
|
|
end
|
|
|
|
authd.users_per_uid.update user.uid.to_s, user
|
|
|
|
Response::UserValidated.new user.to_public
|
|
end
|
|
end
|
|
AuthD.requests << ValidateUser
|
|
|
|
IPC::JSON.message GetUser, 5 do
|
|
property user : UserID
|
|
|
|
def initialize(@user)
|
|
end
|
|
|
|
def handle(authd : AuthD::Service, fd : Int32)
|
|
logged_user = authd.get_logged_user? fd
|
|
return Response::ErrorMustBeAuthenticated.new if logged_user.nil?
|
|
|
|
user = authd.user? @user
|
|
# This is a way for an attacker to know what are the valid logins.
|
|
# Not sure I care enough to fix this.
|
|
return Response::ErrorUserNotFound.new if user.nil?
|
|
|
|
Response::User.new user.to_public
|
|
end
|
|
end
|
|
AuthD.requests << GetUser
|
|
end
|