diff --git a/migrations/2023-08-26-071607_accounts/up.sql b/migrations/2023-08-26-071607_accounts/up.sql index a0be4b2..f17d4e9 100644 --- a/migrations/2023-08-26-071607_accounts/up.sql +++ b/migrations/2023-08-26-071607_accounts/up.sql @@ -9,7 +9,6 @@ CREATE TABLE accounts ( username VARCHAR(20) NOT NULL COLLATE case_insensitive UNIQUE, gjp2 TEXT NOT NULL, -- argon2 hashed (rubrub uses bcrypt but oh well) - password TEXT NOT NULL, -- argon2 hashed (rubrub uses bcrypt but oh well) email VARCHAR(254) NOT NULL, -- todo: swap to proper rank system diff --git a/migrations/2023-09-03-032651_levels/down.sql b/migrations/2023-09-03-032651_levels/down.sql deleted file mode 100644 index 954cb80..0000000 --- a/migrations/2023-09-03-032651_levels/down.sql +++ /dev/null @@ -1 +0,0 @@ -DROP TABLE levels; \ No newline at end of file diff --git a/migrations/2023-09-03-032651_levels/up.sql b/migrations/2023-09-03-032651_levels/up.sql deleted file mode 100644 index 531b2b3..0000000 --- a/migrations/2023-09-03-032651_levels/up.sql +++ /dev/null @@ -1,42 +0,0 @@ -CREATE TABLE levels ( - id SERIAL PRIMARY KEY, - created_at TEXT NOT NULL DEFAULT (TO_CHAR(CURRENT_TIMESTAMP, 'YYYY-MM-DD HH24:MI:SS.MS')), - modified_at TEXT NOT NULL DEFAULT (TO_CHAR(CURRENT_TIMESTAMP, 'YYYY-MM-DD HH24:MI:SS.MS')), - - name VARCHAR(20) NOT NULL, - user_id INTEGER NOT NULL references users(id), - description VARCHAR(140) NOT NULL DEFAULT '', - original INTEGER, - - game_version INTEGER NOT NULL, - binary_version INTEGER NOT NULL, - - password TEXT, - requested_stars INTEGER, - unlisted INTEGER NOT NULL DEFAULT 0, - - version INTEGER NOT NULL DEFAULT 0, - extra_data BYTEA NOT NULL, - level_info BYTEA NOT NULL, - - editor_time INTEGER NOT NULL, - editor_time_copies INTEGER NOT NULL, - - song_id INTEGER NOT NULL, - - length INTEGER NOT NULL, - objects INTEGER NOT NULL, - coins INTEGER NOT NULL DEFAULT 0, - has_ldm INTEGER NOT NULL DEFAULT 0, - two_player INTEGER NOT NULL DEFAULT 0, - - downloads INTEGER NOT NULL DEFAULT 0, - likes INTEGER NOT NULL DEFAULT 0, - difficulty INTEGER, - community_difficulty INTEGER, - demon_difficulty INTEGER, - stars INTEGER, - featured INTEGER NOT NULL DEFAULT 0, - epic INTEGER NOT NULL DEFAULT 0, - rated_coins INTEGER NOT NULL DEFAULT 0 -); diff --git a/readme.md b/readme.md index 4a42832..35c1143 100644 --- a/readme.md +++ b/readme.md @@ -34,6 +34,4 @@ _these features are implemented_ ## todo -- green name users (fuck green names!!) -- move authorization logic to (./src/helpers/accounts.rs)[./src/helpers/accounts.rs] -- maybe swap to timestamp type instead of `(TO_CHAR(CURRENT_TIMESTAMP, 'YYYY-MM-DD HH24:MI:SS.MS'))` (thats REALLY ugly!!) \ No newline at end of file +- move authorization logic to (./src/helpers/accounts.rs)[./src/helpers/accounts.rs] \ No newline at end of file diff --git a/src/db/models.rs b/src/db/models.rs index 0dd7f17..9a390d8 100644 --- a/src/db/models.rs +++ b/src/db/models.rs @@ -7,7 +7,6 @@ pub struct Account { pub id: i32, pub username: String, - pub password: String, pub gjp2: String, pub email: String, @@ -30,8 +29,7 @@ pub struct Account { pub struct NewAccount { pub username: String, pub gjp2: String, - pub password: String, - pub email: String, + pub email: String } #[derive(Queryable, Serialize)] @@ -81,44 +79,4 @@ pub struct NewUser { pub account_id: i32, pub username: String, pub registered: i32 -} - -#[derive(Queryable, Serialize)] -pub struct Level { - pub id: i32, - - pub created_at: String, - pub modified_at: String, - - pub name: String, - - pub user_id: i32, - - pub description: String, - pub original: Option, - pub game_version: i32, - pub binary_version: i32, - pub password: Option, - pub requested_stars: Option, - pub unlisted: i32, - pub version: i32, - pub extra_data: Vec, - pub level_info: Vec, - pub editor_time: i32, - pub editor_time_copies: i32, - pub song_id: i32, - pub length: i32, - pub objects: i32, - pub coins: i32, - pub has_ldm: i32, - pub two_player: i32, - pub downloads: i32, - pub likes: i32, - pub difficulty: Option, - pub community_difficulty: Option, - pub demon_difficulty: Option, - pub stars: Option, - pub featured: i32, - pub epic: i32, - pub rated_coins: i32 } \ No newline at end of file diff --git a/src/db/schema.rs b/src/db/schema.rs index 1a25502..a56613f 100644 --- a/src/db/schema.rs +++ b/src/db/schema.rs @@ -6,7 +6,6 @@ diesel::table! { #[max_length = 20] username -> Varchar, gjp2 -> Text, - password -> Text, #[max_length = 254] email -> Varchar, is_admin -> Int4, @@ -23,45 +22,6 @@ diesel::table! { } } -diesel::table! { - levels (id) { - id -> Int4, - created_at -> Text, - modified_at -> Text, - #[max_length = 20] - name -> Varchar, - user_id -> Int4, - #[max_length = 140] - description -> Varchar, - original -> Nullable, - game_version -> Int4, - binary_version -> Int4, - password -> Nullable, - requested_stars -> Nullable, - unlisted -> Int4, - version -> Int4, - extra_data -> Bytea, - level_info -> Bytea, - editor_time -> Int4, - editor_time_copies -> Int4, - song_id -> Int4, - length -> Int4, - objects -> Int4, - coins -> Int4, - has_ldm -> Int4, - two_player -> Int4, - downloads -> Int4, - likes -> Int4, - difficulty -> Nullable, - community_difficulty -> Nullable, - demon_difficulty -> Nullable, - stars -> Nullable, - featured -> Int4, - epic -> Int4, - rated_coins -> Int4, - } -} - diesel::table! { users (id) { id -> Int4, @@ -97,11 +57,9 @@ diesel::table! { } } -diesel::joinable!(levels -> users (user_id)); diesel::joinable!(users -> accounts (account_id)); diesel::allow_tables_to_appear_in_same_query!( accounts, - levels, users, ); diff --git a/src/endpoints.rs b/src/endpoints.rs index 94ebf5d..5667352 100644 --- a/src/endpoints.rs +++ b/src/endpoints.rs @@ -1,3 +1,2 @@ pub mod accounts; -pub mod levels; pub mod users; \ No newline at end of file diff --git a/src/endpoints/accounts/login_account.rs b/src/endpoints/accounts/login_account.rs index f84fa50..f21cbd3 100644 --- a/src/endpoints/accounts/login_account.rs +++ b/src/endpoints/accounts/login_account.rs @@ -34,18 +34,18 @@ pub fn login_account(input: Form) -> status::Custom<&'static s { use crate::schema::accounts::dsl::*; - let account_id_password_result = accounts - .select((id, password)) + let account_id_gjp2_result = accounts + .select((id, gjp2)) .filter(username.eq(input.userName.clone())) .get_result::<(i32, String)>(connection); - match account_id_password_result { - Ok(account_id_password) => { - let user_id = helpers::accounts::get_user_id_from_account_id(account_id_password.0); + match account_id_gjp2_result { + Ok(account_id_gjp2) => { + let user_id = helpers::accounts::get_user_id_from_account_id(account_id_gjp2.0); - match verify_password(input.password.clone().as_bytes(), account_id_password.1.as_str()) { + match verify_password(helpers::gjp::get_gjp2(input.password.clone()).as_bytes(), account_id_gjp2.1.as_str()) { Ok(_) => return status::Custom(Status::Ok, - Box::leak(format!("{},{}", account_id_password.0, user_id).into_boxed_str()) + Box::leak(format!("{},{}", account_id_gjp2.0, user_id).into_boxed_str()) ), Err(_) => return status::Custom(Status::Ok, "-11") }; diff --git a/src/endpoints/accounts/register_account.rs b/src/endpoints/accounts/register_account.rs index c754a52..1dc7b04 100644 --- a/src/endpoints/accounts/register_account.rs +++ b/src/endpoints/accounts/register_account.rs @@ -5,8 +5,6 @@ use rocket::response::status; use diesel::prelude::*; use diesel::result::Error; -use password_auth::generate_hash; - use crate::CONFIG; use crate::helpers; use crate::db; @@ -62,8 +60,7 @@ pub fn register_account(input: Form) -> status::Custom<&'st let new_account = NewAccount { username: input.userName.clone(), - password: generate_hash(input.password.clone()), - gjp2: generate_hash(helpers::encryption::get_gjp2(input.password.clone())), + gjp2: helpers::gjp::get_gjp2_hashed(input.password.clone()), email: input.email.clone() }; inserted_account = diesel::insert_into(accounts) diff --git a/src/endpoints/levels.rs b/src/endpoints/levels.rs deleted file mode 100644 index e69de29..0000000 diff --git a/src/endpoints/levels/.keep b/src/endpoints/levels/.keep deleted file mode 100644 index e69de29..0000000 diff --git a/src/helpers.rs b/src/helpers.rs index 49728fc..4802350 100644 --- a/src/helpers.rs +++ b/src/helpers.rs @@ -1,4 +1,4 @@ pub mod accounts; pub mod clean; -pub mod encryption; -pub mod format; \ No newline at end of file +pub mod format; +pub mod gjp; \ No newline at end of file diff --git a/src/helpers/encryption.rs b/src/helpers/encryption.rs deleted file mode 100644 index fb3f088..0000000 --- a/src/helpers/encryption.rs +++ /dev/null @@ -1,24 +0,0 @@ -use sha::sha1::Sha1; -use sha::utils::{Digest, DigestExt}; - -use password_auth::generate_hash; - -pub fn cyclic_xor(data: &[u8], key: &[u8]) -> Vec { - data.iter() - .zip(key.iter().cycle()) - .map(|(&byte, &key_byte)| byte ^ key_byte) - .collect() -} - -pub fn cyclic_xor_string(string: &str, key: &str) -> String { - let data = string.as_bytes(); - let key_bytes = key.as_bytes(); - let result_bytes = cyclic_xor(data, key_bytes); - let result_str = String::from_utf8(result_bytes).expect("invalid UTF-8 sequence (how did this happen?)"); - - return String::from(result_str); -} - -pub fn get_gjp2(password: String) -> String { - return Sha1::default().digest(String::from(password + "mI29fmAnxgTs").as_bytes()).to_hex(); -} \ No newline at end of file diff --git a/src/helpers/gjp.rs b/src/helpers/gjp.rs new file mode 100644 index 0000000..fc2525e --- /dev/null +++ b/src/helpers/gjp.rs @@ -0,0 +1,12 @@ +use sha::sha1::Sha1; +use sha::utils::{Digest, DigestExt}; + +use password_auth::generate_hash; + +pub fn get_gjp2(password: String) -> String { + return Sha1::default().digest(String::from(password + "mI29fmAnxgTs").as_bytes()).to_hex(); +} + +pub fn get_gjp2_hashed(password: String) -> String { + return generate_hash(get_gjp2(password)) +} \ No newline at end of file