reidlab/gdps-server
reidlab/gdps-server
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

add passwords too!! not just gjp2

Browse source
This commit is contained in:
Reid 2023-09-03 16:12:41 -07:00
parent ccafbfe860
commit e237cd9b8d
Signed by: reidlab
GPG key ID: 6C9EAA3364F962C8
6 changed files with 17 additions and 14 deletions
Download patch file Download diff file Expand all files Collapse all files

1
migrations/2023-08-26-071607_accounts/up.sql
View file

@ -9,6 +9,7 @@ CREATE TABLE accounts (
username VARCHAR(20) NOT NULL COLLATE case_insensitive UNIQUE, username VARCHAR(20) NOT NULL COLLATE case_insensitive UNIQUE,
gjp2 TEXT NOT NULL, -- argon2 hashed (rubrub uses bcrypt but oh well) gjp2 TEXT NOT NULL, -- argon2 hashed (rubrub uses bcrypt but oh well)
password TEXT NOT NULL, -- argon2 hashed (rubrub uses bcrypt but oh well)
email VARCHAR(254) NOT NULL, email VARCHAR(254) NOT NULL,
-- todo: swap to proper rank system -- todo: swap to proper rank system

4
src/db/models.rs
View file

@ -7,6 +7,7 @@ pub struct Account {
pub id: i32, pub id: i32,
pub username: String, pub username: String,
pub password: String,
pub gjp2: String, pub gjp2: String,
pub email: String, pub email: String,
@ -29,7 +30,8 @@ pub struct Account {
pub struct NewAccount { pub struct NewAccount {
pub username: String, pub username: String,
pub gjp2: String, pub gjp2: String,
pub email: String pub password: String,
pub email: String,
} }
#[derive(Queryable, Serialize)] #[derive(Queryable, Serialize)]

1
src/db/schema.rs
View file

@ -6,6 +6,7 @@ diesel::table! {
#[max_length = 20] #[max_length = 20]
username -> Varchar, username -> Varchar,
gjp2 -> Text, gjp2 -> Text,
password -> Text,
#[max_length = 254] #[max_length = 254]
email -> Varchar, email -> Varchar,
is_admin -> Int4, is_admin -> Int4,

14
src/endpoints/accounts/login_account.rs
View file

@ -34,18 +34,18 @@ pub fn login_account(input: Form<FromLoginAccount>) -> status::Custom<&'static s
{ {
use crate::schema::accounts::dsl::*; use crate::schema::accounts::dsl::*;
let account_id_gjp2_result = accounts let account_id_password_result = accounts
.select((id, gjp2)) .select((id, password))
.filter(username.eq(input.userName.clone())) .filter(username.eq(input.userName.clone()))
.get_result::<(i32, String)>(connection); .get_result::<(i32, String)>(connection);
match account_id_gjp2_result { match account_id_password_result {
Ok(account_id_gjp2) => { Ok(account_id_password) => {
let user_id = helpers::accounts::get_user_id_from_account_id(account_id_gjp2.0); let user_id = helpers::accounts::get_user_id_from_account_id(account_id_password.0);
match verify_password(helpers::encryption::get_gjp2(input.password.clone()).as_bytes(), account_id_gjp2.1.as_str()) { match verify_password(input.password.clone().as_bytes(), account_id_password.1.as_str()) {
Ok(_) => return status::Custom(Status::Ok, Ok(_) => return status::Custom(Status::Ok,
Box::leak(format!("{},{}", account_id_gjp2.0, user_id).into_boxed_str()) Box::leak(format!("{},{}", account_id_password.0, user_id).into_boxed_str())
), ),
Err(_) => return status::Custom(Status::Ok, "-11") Err(_) => return status::Custom(Status::Ok, "-11")
}; };

5
src/endpoints/accounts/register_account.rs
View file

@ -5,6 +5,8 @@ use rocket::response::status;
use diesel::prelude::*; use diesel::prelude::*;
use diesel::result::Error; use diesel::result::Error;
use password_auth::generate_hash;
use crate::CONFIG; use crate::CONFIG;
use crate::helpers; use crate::helpers;
use crate::db; use crate::db;
@ -60,7 +62,8 @@ pub fn register_account(input: Form<FormRegisterAccount>) -> status::Custom<&'st
let new_account = NewAccount { let new_account = NewAccount {
username: input.userName.clone(), username: input.userName.clone(),
gjp2: helpers::encryption::get_gjp2_hashed(input.password.clone()), password: generate_hash(input.password.clone()),
gjp2: generate_hash(helpers::encryption::get_gjp2(input.password.clone())),
email: input.email.clone() email: input.email.clone()
}; };
inserted_account = diesel::insert_into(accounts) inserted_account = diesel::insert_into(accounts)

6
src/helpers/encryption.rs
View file

@ -14,7 +14,7 @@ pub fn cyclic_xor_string(string: &str, key: &str) -> String {
let data = string.as_bytes(); let data = string.as_bytes();
let key_bytes = key.as_bytes(); let key_bytes = key.as_bytes();
let result_bytes = cyclic_xor(data, key_bytes); let result_bytes = cyclic_xor(data, key_bytes);
let result_str = String::from_utf8(result_bytes).expect("invalid UTF-8 sequence (L)"); let result_str = String::from_utf8(result_bytes).expect("invalid UTF-8 sequence (how did this happen?)");
return String::from(result_str); return String::from(result_str);
} }
@ -22,7 +22,3 @@ pub fn cyclic_xor_string(string: &str, key: &str) -> String {
pub fn get_gjp2(password: String) -> String { pub fn get_gjp2(password: String) -> String {
return Sha1::default().digest(String::from(password + "mI29fmAnxgTs").as_bytes()).to_hex(); return Sha1::default().digest(String::from(password + "mI29fmAnxgTs").as_bytes()).to_hex();
} }
pub fn get_gjp2_hashed(password: String) -> String {
return generate_hash(get_gjp2(password))
}