mirror of
https://gitlab.com/famedly/conduit.git
synced 2024-11-04 16:28:53 +01:00
Merge branch 'no-passwords-in-db' into 'next'
Do not store uiaa requests in database See merge request famedly/conduit!219
This commit is contained in:
Timo Kösters
commit
8e12b47df4
2 changed files with 35 additions and 29 deletions
|
|
@ -250,8 +250,7 @@ impl Database {
|
|||
},
|
||||
uiaa: uiaa::Uiaa {
|
||||
userdevicesessionid_uiaainfo: builder.open_tree("userdevicesessionid_uiaainfo")?,
|
||||
userdevicesessionid_uiaarequest: builder
|
||||
.open_tree("userdevicesessionid_uiaarequest")?,
|
||||
userdevicesessionid_uiaarequest: RwLock::new(BTreeMap::new()),
|
||||
},
|
||||
rooms: rooms::Rooms {
|
||||
edus: rooms::RoomEdus {
|
||||
|
|
@ -755,6 +754,15 @@ impl Database {
|
|||
|
||||
println!("Migration: 9 -> 10 finished");
|
||||
}
|
||||
|
||||
if db.globals.database_version()? < 11 {
|
||||
db._db
|
||||
.open_tree("userdevicesessionid_uiaarequest")?
|
||||
.clear()?;
|
||||
db.globals.bump_database_version(11)?;
|
||||
|
||||
println!("Migration: 10 -> 11 finished");
|
||||
}
|
||||
}
|
||||
|
||||
let guard = db.read().await;
|
||||
|
|
|
|||
|
|
@ -1,4 +1,6 @@
|
|||
use std::collections::BTreeMap;
|
||||
use std::sync::Arc;
|
||||
use std::sync::RwLock;
|
||||
|
||||
use crate::{client_server::SESSION_ID_LENGTH, utils, Error, Result};
|
||||
use ruma::{
|
||||
|
|
@ -18,7 +20,8 @@ use super::abstraction::Tree;
|
|||
|
||||
pub struct Uiaa {
|
||||
pub(super) userdevicesessionid_uiaainfo: Arc<dyn Tree>, // User-interactive authentication
|
||||
pub(super) userdevicesessionid_uiaarequest: Arc<dyn Tree>, // UiaaRequest = canonical json value
|
||||
pub(super) userdevicesessionid_uiaarequest:
|
||||
RwLock<BTreeMap<(Box<UserId>, Box<DeviceId>, String), CanonicalJsonValue>>,
|
||||
}
|
||||
|
||||
impl Uiaa {
|
||||
|
|
@ -147,16 +150,17 @@ impl Uiaa {
|
|||
session: &str,
|
||||
request: &CanonicalJsonValue,
|
||||
) -> Result<()> {
|
||||
let mut userdevicesessionid = user_id.as_bytes().to_vec();
|
||||
userdevicesessionid.push(0xff);
|
||||
userdevicesessionid.extend_from_slice(device_id.as_bytes());
|
||||
userdevicesessionid.push(0xff);
|
||||
userdevicesessionid.extend_from_slice(session.as_bytes());
|
||||
|
||||
self.userdevicesessionid_uiaarequest.insert(
|
||||
&userdevicesessionid,
|
||||
&serde_json::to_vec(request).expect("json value to vec always works"),
|
||||
)?;
|
||||
self.userdevicesessionid_uiaarequest
|
||||
.write()
|
||||
.unwrap()
|
||||
.insert(
|
||||
(
|
||||
user_id.to_owned(),
|
||||
device_id.to_owned(),
|
||||
session.to_string(),
|
||||
),
|
||||
request.to_owned(),
|
||||
);
|
||||
|
||||
Ok(())
|
||||
}
|
||||
|
|
@ -167,22 +171,16 @@ impl Uiaa {
|
|||
device_id: &DeviceId,
|
||||
session: &str,
|
||||
) -> Result<Option<CanonicalJsonValue>> {
|
||||
let mut userdevicesessionid = user_id.as_bytes().to_vec();
|
||||
userdevicesessionid.push(0xff);
|
||||
userdevicesessionid.extend_from_slice(device_id.as_bytes());
|
||||
userdevicesessionid.push(0xff);
|
||||
userdevicesessionid.extend_from_slice(session.as_bytes());
|
||||
|
||||
self.userdevicesessionid_uiaarequest
|
||||
.get(&userdevicesessionid)?
|
||||
.map(|bytes| {
|
||||
serde_json::from_str::<CanonicalJsonValue>(
|
||||
&utils::string_from_bytes(&bytes)
|
||||
.map_err(|_| Error::bad_database("Invalid uiaa request bytes in db."))?,
|
||||
)
|
||||
.map_err(|_| Error::bad_database("Invalid uiaa request in db."))
|
||||
})
|
||||
.transpose()
|
||||
Ok(self
|
||||
.userdevicesessionid_uiaarequest
|
||||
.read()
|
||||
.unwrap()
|
||||
.get(&(
|
||||
user_id.to_owned(),
|
||||
device_id.to_owned(),
|
||||
session.to_string(),
|
||||
))
|
||||
.map(|j| j.to_owned()))
|
||||
}
|
||||
|
||||
fn update_uiaa_session(
|
||||
|
|
|
|||
Loading…
Reference in a new issue