Mirrors/continuwuity
1
0
Fork 0
mirror of https://forgejo.ellis.link/continuwuation/continuwuity.git synced 2026-05-26 20:49:55 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix: Address review comments

Browse Source
This commit is contained in:
Ginger
2026-05-05 13:35:35 -04:00
parent 83f3314f08
commit e212c91ebf
2 changed files with 23 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files
src/api/client/account/register.rs
+5 -1
View File
@@ -14,7 +14,7 @@ use ruma::{
OwnedUserId, UserId,
api::client::{
account::{
register::{self, LoginType},
register::{self, LoginType, RegistrationKind},
request_registration_token_via_email,
},
uiaa::{AuthFlow, AuthType},
@@ -48,6 +48,10 @@ pub(crate) async fn register_route(
ClientIp(client): ClientIp,
body: Ruma<register::v3::Request>,
) -> Result<register::v3::Response> {
if body.kind != RegistrationKind::User {
return Err!(Request(GuestAccessForbidden("Guests may not register on this server.")));
}
let emergency_mode_enabled = services.config.emergency_password.is_some();
// Allow registration if it's enabled in the config file or if this is the first
src/service/users/mod.rs
+18 -13
View File
@@ -369,20 +369,25 @@ impl Service {
/// Check a user's password.
pub async fn check_password(&self, user_id: &UserId, password: &str) -> Result<OwnedUserId> {
let (hash, user_id): (String, OwnedUserId) =
if let Ok(hash) = self.db.userid_password.get(user_id).await.deserialized() {
(hash, user_id.to_owned())
} else {
// We also check the lowercased version of the user ID to handle legacy user IDs
// better
let lowercase_user_id = UserId::parse(user_id.as_str().to_lowercase()).unwrap();
let (hash, user_id): (String, OwnedUserId) = if let Ok(hash) =
self.db.userid_password.get(user_id).await.deserialized()
{
(hash, user_id.to_owned())
} else {
// We also check the lowercased version of the user ID to handle legacy user IDs
// better
let lowercase_user_id = UserId::parse(user_id.as_str().to_lowercase()).unwrap();
if let Ok(hash) = self.db.userid_password.get(user_id).await.deserialized() {
(hash, lowercase_user_id)
} else {
return Err!(Request(UserDeactivated("This user is deactivated.")));
}
};
if let Ok(hash) = self.db.userid_password.get(user_id).await.deserialized() {
(hash, lowercase_user_id)
} else {
return Err!(Request(InvalidParam("This user cannot log in with a password.")));
}
};
if hash.is_empty() {
return Err!(Request(UserDeactivated("This user is deactivated")));
}
utils::hash::verify_password(password, &hash)
.inspect_err(|e| debug_error!("{e}"))