0
0
Fork 0
mirror of https://github.com/matrix-construct/construct synced 2024-11-16 23:10:54 +01:00
construct/modules/client/login.cc

161 lines
3.5 KiB
C++
Raw Normal View History

2018-02-04 03:22:01 +01:00
// Matrix Construct
//
// Copyright (C) Matrix Construct Developers, Authors & Contributors
// Copyright (C) 2016-2018 Jason Volk <jason@zemos.net>
//
// Permission to use, copy, modify, and/or distribute this software for any
// purpose with or without fee is hereby granted, provided that the above
// copyright notice and this permission notice is present in all copies. The
// full license for this software is available in the LICENSE file.
2016-11-29 16:23:38 +01:00
using namespace ircd;
2016-11-29 16:23:38 +01:00
resource login_resource
{
"/_matrix/client/r0/login",
{
"Authenticates the user by password, and issues an access token "
"they can use to authorize themself in subsequent requests. (3.2.2)"
}
2016-11-29 16:23:38 +01:00
};
2017-09-25 03:05:42 +02:00
namespace { namespace name
{
2017-09-25 03:05:42 +02:00
constexpr const auto password{"password"};
constexpr const auto medium{"medium"};
constexpr const auto type{"type"};
constexpr const auto user{"user"};
constexpr const auto address{"address"};
}}
struct body
:json::tuple
<
json::property<name::password, string_view>,
json::property<name::medium, time_t>,
json::property<name::type, string_view>,
json::property<name::user, string_view>,
json::property<name::address, string_view>
>
2016-11-29 16:23:38 +01:00
{
using super_type::tuple;
};
2016-11-29 16:23:38 +01:00
resource::response
post_login_password(client &client,
2017-09-25 03:05:42 +02:00
const resource::request::object<body> &request)
{
// Build a canonical MXID from a the user field
const m::id::user::buf user_id
2016-11-29 16:23:38 +01:00
{
unquote(at<"user"_>(request)), my_host()
2016-11-29 16:23:38 +01:00
};
const auto &supplied_password
{
unquote(at<"password"_>(request))
2017-09-25 03:05:42 +02:00
};
m::user user
2017-09-25 03:05:42 +02:00
{
user_id
};
if(!user.is_password(supplied_password))
throw m::error
{
http::FORBIDDEN, "M_FORBIDDEN", "Access denied."
};
if(!user.is_active())
throw m::error
2016-11-29 16:23:38 +01:00
{
http::FORBIDDEN, "M_FORBIDDEN", "Access denied."
};
2016-11-29 16:23:38 +01:00
2017-09-25 03:05:42 +02:00
// Generate the access token
static constexpr const auto token_len{127};
static const auto token_dict{rand::dict::alpha};
char token_buf[token_len + 1];
const string_view access_token
{
rand::string(token_dict, token_len, token_buf, sizeof(token_buf))
};
// Log the user in by issuing an event in the tokens room containing
2017-09-25 03:05:42 +02:00
// the generated token. When this call completes without throwing the
// access_token will be committed and the user will be logged in.
m::send(m::user::tokens, user_id, "ircd.access_token", access_token,
2017-09-25 03:05:42 +02:00
{
2017-11-30 19:56:18 +01:00
{ "ip", string(remote(client)) },
{ "device", "unknown" },
2017-09-25 03:05:42 +02:00
});
// Send response to user
return resource::response
2016-11-29 16:23:38 +01:00
{
client,
{
2017-09-25 03:05:42 +02:00
{ "user_id", user_id },
{ "home_server", my_host() },
2017-09-25 03:05:42 +02:00
{ "access_token", access_token },
}
2016-11-29 16:23:38 +01:00
};
}
resource::response
2017-09-25 03:05:42 +02:00
post_login(client &client, const resource::request::object<body> &request)
{
// x.x.x Required. The login type being used.
// Currently only "m.login.password" is supported.
const auto type
2016-11-29 16:23:38 +01:00
{
unquote(at<"type"_>(request))
2016-11-29 16:23:38 +01:00
};
if(type == "m.login.password")
2017-09-25 03:05:42 +02:00
return post_login_password(client, request);
else
throw m::error
{
"M_UNSUPPORTED", "Login type is not supported."
};
}
2016-11-29 16:23:38 +01:00
resource::method method_post
{
login_resource, "POST", post_login
};
resource::response
get_login(client &client, const resource::request &request)
{
2017-09-25 03:05:42 +02:00
json::member login_password
{
2017-09-25 03:05:42 +02:00
"type", "m.login.password"
};
json::value flows[1]
{
{ login_password }
};
return resource::response
{
2017-09-25 03:05:42 +02:00
client, json::members
{
{ "flows", { flows, 1 } }
}
};
}
resource::method method_get
{
login_resource, "GET", get_login
};
2016-11-29 16:23:38 +01:00
mapi::header IRCD_MODULE
{
"registers the resource 'client/login' to handle requests"
};