mirror of
https://github.com/dani-garcia/vaultwarden
synced 2024-12-15 10:03:42 +01:00
Some more authrequest changes (#5188)
This commit is contained in:
parent
ff33534c07
commit
0d16b38a68
2 changed files with 12 additions and 2 deletions
|
@ -1190,11 +1190,19 @@ async fn put_auth_request(
|
||||||
err!("AuthRequest doesn't exist", "User uuid's do not match")
|
err!("AuthRequest doesn't exist", "User uuid's do not match")
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if auth_request.approved.is_some() {
|
||||||
|
err!("An authentication request with the same device already exists")
|
||||||
|
}
|
||||||
|
|
||||||
|
let response_date = Utc::now().naive_utc();
|
||||||
|
let response_date_utc = format_date(&response_date);
|
||||||
|
|
||||||
if data.request_approved {
|
if data.request_approved {
|
||||||
auth_request.approved = Some(data.request_approved);
|
auth_request.approved = Some(data.request_approved);
|
||||||
auth_request.enc_key = Some(data.key);
|
auth_request.enc_key = Some(data.key);
|
||||||
auth_request.master_password_hash = data.master_password_hash;
|
auth_request.master_password_hash = data.master_password_hash;
|
||||||
auth_request.response_device_id = Some(data.device_identifier.clone());
|
auth_request.response_device_id = Some(data.device_identifier.clone());
|
||||||
|
auth_request.response_date = Some(response_date);
|
||||||
auth_request.save(&mut conn).await?;
|
auth_request.save(&mut conn).await?;
|
||||||
|
|
||||||
ant.send_auth_response(&auth_request.user_uuid, &auth_request.uuid).await;
|
ant.send_auth_response(&auth_request.user_uuid, &auth_request.uuid).await;
|
||||||
|
@ -1204,8 +1212,6 @@ async fn put_auth_request(
|
||||||
auth_request.delete(&mut conn).await?;
|
auth_request.delete(&mut conn).await?;
|
||||||
}
|
}
|
||||||
|
|
||||||
let response_date_utc = auth_request.response_date.map(|response_date| format_date(&response_date));
|
|
||||||
|
|
||||||
Ok(Json(json!({
|
Ok(Json(json!({
|
||||||
"id": uuid,
|
"id": uuid,
|
||||||
"publicKey": auth_request.public_key,
|
"publicKey": auth_request.public_key,
|
||||||
|
|
|
@ -190,8 +190,12 @@ async fn _password_login(
|
||||||
)
|
)
|
||||||
};
|
};
|
||||||
|
|
||||||
|
let expiration_time = auth_request.creation_date + chrono::Duration::minutes(5);
|
||||||
|
let request_expired = Utc::now().naive_utc() >= expiration_time;
|
||||||
|
|
||||||
if auth_request.user_uuid != user.uuid
|
if auth_request.user_uuid != user.uuid
|
||||||
|| !auth_request.approved.unwrap_or(false)
|
|| !auth_request.approved.unwrap_or(false)
|
||||||
|
|| request_expired
|
||||||
|| ip.ip.to_string() != auth_request.request_ip
|
|| ip.ip.to_string() != auth_request.request_ip
|
||||||
|| !auth_request.check_access_code(password)
|
|| !auth_request.check_access_code(password)
|
||||||
{
|
{
|
||||||
|
|
Loading…
Reference in a new issue