Authd: new_uid split into two fn.
This commit is contained in:
parent
6564f934e1
commit
007d329f83
@ -64,6 +64,13 @@ class AuthD::Service < IPC
|
||||
digest.hexfinal
|
||||
end
|
||||
|
||||
# new_uid reads the last given UID and returns it incremented.
|
||||
# Splitting the retrieval and record of new user ids allows to
|
||||
# only increment when an user fully registers, thus avoiding a
|
||||
# Denial of Service attack.
|
||||
#
|
||||
# WARNING: to record this new UID, new_uid_commit must be called.
|
||||
# WARNING: new_uid isn't thread safe.
|
||||
def new_uid
|
||||
begin
|
||||
uid = File.read(@last_uid_file).to_i
|
||||
@ -72,10 +79,12 @@ class AuthD::Service < IPC
|
||||
end
|
||||
|
||||
uid += 1
|
||||
end
|
||||
|
||||
# new_uid_commit records the new UID.
|
||||
# WARNING: new_uid_commit isn't thread safe.
|
||||
def new_uid_commit(uid : Int)
|
||||
File.write @last_uid_file, uid.to_s
|
||||
|
||||
uid
|
||||
end
|
||||
|
||||
def handle_request(event : IPC::Event)
|
||||
|
@ -44,7 +44,7 @@ class AuthD::Request
|
||||
user.date_registration = Time.local
|
||||
|
||||
authd.users << user
|
||||
|
||||
authd.new_uid_commit uid
|
||||
Response::UserAdded.new user.to_public
|
||||
end
|
||||
end
|
||||
|
@ -76,7 +76,7 @@ class AuthD::Request
|
||||
|
||||
# add the user only if we were able to send the confirmation mail
|
||||
authd.users << user
|
||||
|
||||
authd.new_uid_commit uid
|
||||
Response::UserAdded.new user.to_public
|
||||
end
|
||||
end
|
||||
|
Reference in New Issue
Block a user