mirror of
https://github.com/matrix-construct/construct
synced 2025-01-15 09:06:50 +01:00
ircd:Ⓜ️ Split user registration API from client/register; minor reorg.
This commit is contained in:
parent
9c8c13e91d
commit
7934756858
9 changed files with 299 additions and 269 deletions
include/ircd/m
ircd
modules
|
@ -62,7 +62,6 @@ namespace ircd::m
|
||||||
#include "events.h"
|
#include "events.h"
|
||||||
#include "node.h"
|
#include "node.h"
|
||||||
#include "login.h"
|
#include "login.h"
|
||||||
#include "register.h"
|
|
||||||
#include "device.h"
|
#include "device.h"
|
||||||
#include "request.h"
|
#include "request.h"
|
||||||
#include "fed/fed.h"
|
#include "fed/fed.h"
|
||||||
|
|
|
@ -1,32 +0,0 @@
|
||||||
// Matrix Construct
|
|
||||||
//
|
|
||||||
// Copyright (C) Matrix Construct Developers, Authors & Contributors
|
|
||||||
// Copyright (C) 2016-2018 Jason Volk <jason@zemos.net>
|
|
||||||
//
|
|
||||||
// Permission to use, copy, modify, and/or distribute this software for any
|
|
||||||
// purpose with or without fee is hereby granted, provided that the above
|
|
||||||
// copyright notice and this permission notice is present in all copies. The
|
|
||||||
// full license for this software is available in the LICENSE file.
|
|
||||||
|
|
||||||
#pragma once
|
|
||||||
#define HAVE_IRCD_M_REGISTER_H
|
|
||||||
|
|
||||||
namespace ircd::m
|
|
||||||
{
|
|
||||||
struct registar;
|
|
||||||
}
|
|
||||||
|
|
||||||
struct ircd::m::registar
|
|
||||||
:json::tuple
|
|
||||||
<
|
|
||||||
json::property<name::username, json::string>,
|
|
||||||
json::property<name::bind_email, bool>,
|
|
||||||
json::property<name::password, json::string>,
|
|
||||||
json::property<name::auth, json::object>,
|
|
||||||
json::property<name::device_id, json::string>,
|
|
||||||
json::property<name::inhibit_login, bool>,
|
|
||||||
json::property<name::initial_device_display_name, json::string>
|
|
||||||
>
|
|
||||||
{
|
|
||||||
using super_type::tuple;
|
|
||||||
};
|
|
41
include/ircd/m/user/register.h
Normal file
41
include/ircd/m/user/register.h
Normal file
|
@ -0,0 +1,41 @@
|
||||||
|
// Matrix Construct
|
||||||
|
//
|
||||||
|
// Copyright (C) Matrix Construct Developers, Authors & Contributors
|
||||||
|
// Copyright (C) 2016-2018 Jason Volk <jason@zemos.net>
|
||||||
|
//
|
||||||
|
// Permission to use, copy, modify, and/or distribute this software for any
|
||||||
|
// purpose with or without fee is hereby granted, provided that the above
|
||||||
|
// copyright notice and this permission notice is present in all copies. The
|
||||||
|
// full license for this software is available in the LICENSE file.
|
||||||
|
|
||||||
|
#pragma once
|
||||||
|
#define HAVE_IRCD_M_USER_REGISTER_H
|
||||||
|
|
||||||
|
/// Register a new user. The principal function is operator() which acts on the
|
||||||
|
/// data provided in the structure (otherwise the structure itself is inert
|
||||||
|
/// (see json/tuple.h)). This is a superset of m::create(user::id), which is
|
||||||
|
/// called internally and only one part of the process. This function returns
|
||||||
|
/// a spec JSON object [into the buffer] which could be returned from an
|
||||||
|
/// `r0/register` endpoint. The IP argument is optional, used for for
|
||||||
|
/// information about the registrant if a client; to programmatically register
|
||||||
|
/// a user simply fill out the structure as best as possible otherwise.
|
||||||
|
///
|
||||||
|
struct ircd::m::user::registar
|
||||||
|
:json::tuple
|
||||||
|
<
|
||||||
|
json::property<name::username, json::string>,
|
||||||
|
json::property<name::bind_email, bool>,
|
||||||
|
json::property<name::password, json::string>,
|
||||||
|
json::property<name::auth, json::object>,
|
||||||
|
json::property<name::device_id, json::string>,
|
||||||
|
json::property<name::inhibit_login, bool>,
|
||||||
|
json::property<name::initial_device_display_name, json::string>
|
||||||
|
>
|
||||||
|
{
|
||||||
|
static void validate_user_id(const m::user::id &);
|
||||||
|
static void validate_password(const string_view &);
|
||||||
|
|
||||||
|
json::object operator()(const mutable_buffer &out, const net::ipport &remote = {}) const;
|
||||||
|
|
||||||
|
using super_type::tuple;
|
||||||
|
};
|
|
@ -42,6 +42,7 @@ struct ircd::m::user
|
||||||
struct filter;
|
struct filter;
|
||||||
struct ignores;
|
struct ignores;
|
||||||
struct highlight;
|
struct highlight;
|
||||||
|
struct registar;
|
||||||
|
|
||||||
using id = m::id::user;
|
using id = m::id::user;
|
||||||
using closure = std::function<void (const user &)>;
|
using closure = std::function<void (const user &)>;
|
||||||
|
@ -92,3 +93,4 @@ const
|
||||||
#include "filter.h"
|
#include "filter.h"
|
||||||
#include "ignores.h"
|
#include "ignores.h"
|
||||||
#include "highlight.h"
|
#include "highlight.h"
|
||||||
|
#include "register.h"
|
||||||
|
|
|
@ -229,6 +229,7 @@ ircd::m::module_names
|
||||||
"m_user_account_data",
|
"m_user_account_data",
|
||||||
"m_user_room_account_data",
|
"m_user_room_account_data",
|
||||||
"m_user_room_tags",
|
"m_user_room_tags",
|
||||||
|
"m_user_register",
|
||||||
|
|
||||||
"m_events",
|
"m_events",
|
||||||
"m_rooms",
|
"m_rooms",
|
||||||
|
|
|
@ -128,6 +128,7 @@ m_user_la_SOURCES = m_user.cc
|
||||||
m_user_events_la_SOURCES = m_user_events.cc
|
m_user_events_la_SOURCES = m_user_events.cc
|
||||||
m_user_rooms_la_SOURCES = m_user_rooms.cc
|
m_user_rooms_la_SOURCES = m_user_rooms.cc
|
||||||
m_user_filter_la_SOURCES = m_user_filter.cc
|
m_user_filter_la_SOURCES = m_user_filter.cc
|
||||||
|
m_user_register_la_SOURCES = m_user_register.cc
|
||||||
m_user_mitsein_la_SOURCES = m_user_mitsein.cc
|
m_user_mitsein_la_SOURCES = m_user_mitsein.cc
|
||||||
m_user_servers_la_SOURCES = m_user_servers.cc
|
m_user_servers_la_SOURCES = m_user_servers.cc
|
||||||
m_user_highlight_la_SOURCES = m_user_highlight.cc m_user_highlight_auth.cc
|
m_user_highlight_la_SOURCES = m_user_highlight.cc m_user_highlight_auth.cc
|
||||||
|
@ -177,6 +178,7 @@ m_module_LTLIBRARIES = \
|
||||||
m_user_events.la \
|
m_user_events.la \
|
||||||
m_user_rooms.la \
|
m_user_rooms.la \
|
||||||
m_user_filter.la \
|
m_user_filter.la \
|
||||||
|
m_user_register.la \
|
||||||
m_user_mitsein.la \
|
m_user_mitsein.la \
|
||||||
m_user_servers.la \
|
m_user_servers.la \
|
||||||
m_user_highlight.la \
|
m_user_highlight.la \
|
||||||
|
|
|
@ -19,25 +19,14 @@ IRCD_MODULE
|
||||||
extern const std::string
|
extern const std::string
|
||||||
flows;
|
flows;
|
||||||
|
|
||||||
static void
|
static resource::response
|
||||||
validate_password(const string_view &password);
|
post__register_guest(client &client, const resource::request::object<m::user::registar> &request);
|
||||||
|
|
||||||
extern "C" void
|
|
||||||
validate_user_id(const m::id::user &user_id);
|
|
||||||
|
|
||||||
extern "C" std::string
|
|
||||||
register_user(const m::registar &,
|
|
||||||
const client *const & = nullptr,
|
|
||||||
const bool &gen_token = false);
|
|
||||||
|
|
||||||
static resource::response
|
static resource::response
|
||||||
post__register_guest(client &client, const resource::request::object<m::registar> &request);
|
post__register_user(client &client, const resource::request::object<m::user::registar> &request);
|
||||||
|
|
||||||
static resource::response
|
static resource::response
|
||||||
post__register_user(client &client, const resource::request::object<m::registar> &request);
|
post__register(client &client, const resource::request::object<m::user::registar> &request);
|
||||||
|
|
||||||
static resource::response
|
|
||||||
post__register(client &client, const resource::request::object<m::registar> &request);
|
|
||||||
|
|
||||||
resource
|
resource
|
||||||
register_resource
|
register_resource
|
||||||
|
@ -55,18 +44,17 @@ method_post
|
||||||
};
|
};
|
||||||
|
|
||||||
ircd::conf::item<bool>
|
ircd::conf::item<bool>
|
||||||
IRCD_MODULE_EXPORT
|
|
||||||
register_enable
|
register_enable
|
||||||
{
|
{
|
||||||
{ "name", "ircd.client.register.enable" },
|
{ "name", "ircd.client.register.enable" },
|
||||||
{ "default", true }
|
{ "default", true }
|
||||||
};
|
};
|
||||||
|
|
||||||
/// see: ircd/m/register.h for the m::registar tuple.
|
/// see: ircd/m/register.h for the m::user::registar tuple.
|
||||||
///
|
///
|
||||||
resource::response
|
resource::response
|
||||||
post__register(client &client,
|
post__register(client &client,
|
||||||
const resource::request::object<m::registar> &request)
|
const resource::request::object<m::user::registar> &request)
|
||||||
{
|
{
|
||||||
const json::object &auth
|
const json::object &auth
|
||||||
{
|
{
|
||||||
|
@ -104,7 +92,6 @@ post__register(client &client,
|
||||||
}
|
}
|
||||||
|
|
||||||
ircd::conf::item<bool>
|
ircd::conf::item<bool>
|
||||||
IRCD_MODULE_EXPORT
|
|
||||||
register_user_enable
|
register_user_enable
|
||||||
{
|
{
|
||||||
{ "name", "ircd.client.register.user.enable" },
|
{ "name", "ircd.client.register.user.enable" },
|
||||||
|
@ -113,7 +100,7 @@ register_user_enable
|
||||||
|
|
||||||
resource::response
|
resource::response
|
||||||
post__register_user(client &client,
|
post__register_user(client &client,
|
||||||
const resource::request::object<m::registar> &request)
|
const resource::request::object<m::user::registar> &request)
|
||||||
try
|
try
|
||||||
{
|
{
|
||||||
if(!bool(register_user_enable))
|
if(!bool(register_user_enable))
|
||||||
|
@ -123,20 +110,27 @@ try
|
||||||
"User registration for this server is disabled."
|
"User registration for this server is disabled."
|
||||||
};
|
};
|
||||||
|
|
||||||
const bool &inhibit_login
|
const unique_buffer<mutable_buffer> buf
|
||||||
{
|
{
|
||||||
json::get<"inhibit_login"_>(request)
|
4_KiB
|
||||||
};
|
};
|
||||||
|
|
||||||
const std::string response
|
// upcast to the user::registar tuple
|
||||||
|
const m::user::registar ®istar
|
||||||
{
|
{
|
||||||
register_user(request, &client, !inhibit_login)
|
request
|
||||||
|
};
|
||||||
|
|
||||||
|
// call operator() to register the user and receive response output
|
||||||
|
const json::object response
|
||||||
|
{
|
||||||
|
registar(buf, remote(client))
|
||||||
};
|
};
|
||||||
|
|
||||||
// Send response to user
|
// Send response to user
|
||||||
return resource::response
|
return resource::response
|
||||||
{
|
{
|
||||||
client, http::CREATED, json::object{response}
|
client, http::CREATED, response
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
catch(const m::INVALID_MXID &e)
|
catch(const m::INVALID_MXID &e)
|
||||||
|
@ -157,7 +151,7 @@ register_guest_enable
|
||||||
|
|
||||||
resource::response
|
resource::response
|
||||||
post__register_guest(client &client,
|
post__register_guest(client &client,
|
||||||
const resource::request::object<m::registar> &request)
|
const resource::request::object<m::user::registar> &request)
|
||||||
{
|
{
|
||||||
if(!bool(register_guest_enable))
|
if(!bool(register_guest_enable))
|
||||||
throw m::error
|
throw m::error
|
||||||
|
@ -188,205 +182,8 @@ post__register_guest(client &client,
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
||||||
std::string
|
|
||||||
register_user(const m::registar &request,
|
|
||||||
const client *const &client,
|
|
||||||
const bool &gen_token)
|
|
||||||
{
|
|
||||||
// 3.3.1 Additional authentication information for the user-interactive authentication API.
|
|
||||||
const json::object &auth
|
|
||||||
{
|
|
||||||
json::get<"auth"_>(request)
|
|
||||||
};
|
|
||||||
|
|
||||||
// 3.3.1 The login type that the client is attempting to complete.
|
|
||||||
const string_view &type
|
|
||||||
{
|
|
||||||
!empty(auth)? unquote(auth.at("type")) : string_view{}
|
|
||||||
};
|
|
||||||
|
|
||||||
// We only support this for now, for some reason. TODO: XXX
|
|
||||||
if(type && type != "m.login.dummy")
|
|
||||||
throw m::UNSUPPORTED
|
|
||||||
{
|
|
||||||
"Registration '%s' not supported.", type
|
|
||||||
};
|
|
||||||
|
|
||||||
// 3.3.1 The local part of the desired Matrix ID. If omitted, the homeserver MUST
|
|
||||||
// generate a Matrix ID local part.
|
|
||||||
const auto &username
|
|
||||||
{
|
|
||||||
json::get<"username"_>(request)
|
|
||||||
};
|
|
||||||
|
|
||||||
// Generate canonical mxid. The home_server is appended if one is not
|
|
||||||
// specified. We do not generate a user_id here if the local part is not
|
|
||||||
// specified. TODO: isn't that guest reg?
|
|
||||||
const m::id::user::buf user_id
|
|
||||||
{
|
|
||||||
username, my_host()
|
|
||||||
};
|
|
||||||
|
|
||||||
// Check if the the user_id is acceptably formed for this server or throws
|
|
||||||
validate_user_id(user_id);
|
|
||||||
|
|
||||||
// 3.3.1 Required. The desired password for the account.
|
|
||||||
const auto &password
|
|
||||||
{
|
|
||||||
at<"password"_>(request)
|
|
||||||
};
|
|
||||||
|
|
||||||
// (r0.3.0) 3.4.1 ID of the client device. If this does not correspond to a
|
|
||||||
// known client device, a new device will be created. The server will auto-
|
|
||||||
// generate a device_id if this is not specified.
|
|
||||||
const auto requested_device_id
|
|
||||||
{
|
|
||||||
json::get<"device_id"_>(request)
|
|
||||||
};
|
|
||||||
|
|
||||||
const m::id::device::buf device_id
|
|
||||||
{
|
|
||||||
requested_device_id?
|
|
||||||
m::id::device::buf{requested_device_id, my_host()}:
|
|
||||||
gen_token?
|
|
||||||
m::id::device::buf{m::id::generate, my_host()}:
|
|
||||||
m::id::device::buf{}
|
|
||||||
};
|
|
||||||
|
|
||||||
const auto &initial_device_display_name
|
|
||||||
{
|
|
||||||
json::get<"initial_device_display_name"_>(request)
|
|
||||||
};
|
|
||||||
|
|
||||||
// 3.3.1 If true, the server binds the email used for authentication to the
|
|
||||||
// Matrix ID with the ID Server. Defaults to false.
|
|
||||||
const auto &bind_email
|
|
||||||
{
|
|
||||||
get<"bind_email"_>(request, false)
|
|
||||||
};
|
|
||||||
|
|
||||||
// Check if the password is acceptable for this server or throws
|
|
||||||
validate_password(password);
|
|
||||||
|
|
||||||
//TODO: ABA
|
|
||||||
if(exists(user_id))
|
|
||||||
throw m::error
|
|
||||||
{
|
|
||||||
http::CONFLICT, "M_USER_IN_USE",
|
|
||||||
"The desired user ID is already in use."
|
|
||||||
};
|
|
||||||
|
|
||||||
//TODO: ABA / TXN
|
|
||||||
// Represent the user
|
|
||||||
m::user user
|
|
||||||
{
|
|
||||||
m::create(user_id)
|
|
||||||
};
|
|
||||||
|
|
||||||
// Activate the account. Underneath this will create a special room
|
|
||||||
// for this user in the form of !@user:host and set a key in !users:host
|
|
||||||
// If the user_id is taken this throws 409 Conflict because those assets
|
|
||||||
// will already exist; otherwise the user is registered after this call.
|
|
||||||
//TODO: ABA / TXN
|
|
||||||
user.activate();
|
|
||||||
|
|
||||||
// Set the password for the account. This issues an ircd.password state
|
|
||||||
// event to the user's room. User will be able to login with
|
|
||||||
// m.login.password
|
|
||||||
user.password(password);
|
|
||||||
|
|
||||||
// Store the options from registration.
|
|
||||||
m::user::room user_room{user};
|
|
||||||
send(user_room, user.user_id, "ircd.account.options", "registration", json::members
|
|
||||||
{
|
|
||||||
{ "bind_email", bind_email },
|
|
||||||
});
|
|
||||||
|
|
||||||
char access_token_buf[32];
|
|
||||||
const string_view access_token
|
|
||||||
{
|
|
||||||
gen_token?
|
|
||||||
m::user::gen_access_token(access_token_buf):
|
|
||||||
string_view{}
|
|
||||||
};
|
|
||||||
|
|
||||||
// Log the user in by issuing an event in the tokens room containing
|
|
||||||
// the generated token. When this call completes without throwing the
|
|
||||||
// access_token will be committed and the user will be logged in.
|
|
||||||
if(gen_token)
|
|
||||||
{
|
|
||||||
char remote_buf[96];
|
|
||||||
const json::value last_seen_ip
|
|
||||||
{
|
|
||||||
client?
|
|
||||||
string(remote_buf, remote(*client)):
|
|
||||||
string_view{},
|
|
||||||
|
|
||||||
json::STRING
|
|
||||||
};
|
|
||||||
|
|
||||||
const m::event::id::buf access_token_id
|
|
||||||
{
|
|
||||||
m::send(m::user::tokens, user_id, "ircd.access_token", access_token, json::members
|
|
||||||
{
|
|
||||||
{ "ip", last_seen_ip },
|
|
||||||
{ "device_id", device_id },
|
|
||||||
})
|
|
||||||
};
|
|
||||||
|
|
||||||
const json::members device
|
|
||||||
{
|
|
||||||
{ "device_id", device_id },
|
|
||||||
{ "display_name", initial_device_display_name },
|
|
||||||
{ "last_seen_ts", ircd::time<milliseconds>() },
|
|
||||||
{ "last_seen_ip", last_seen_ip },
|
|
||||||
{ "access_token_id", access_token_id },
|
|
||||||
};
|
|
||||||
|
|
||||||
m::device::set(user_id, device);
|
|
||||||
}
|
|
||||||
|
|
||||||
// Send response to user
|
|
||||||
return json::strung
|
|
||||||
{
|
|
||||||
json::members
|
|
||||||
{
|
|
||||||
{ "user_id", user_id },
|
|
||||||
{ "home_server", my_host() },
|
|
||||||
{ "access_token", access_token },
|
|
||||||
{ "device_id", device_id },
|
|
||||||
}
|
|
||||||
};
|
|
||||||
}
|
|
||||||
|
|
||||||
void
|
|
||||||
validate_user_id(const m::id::user &user_id)
|
|
||||||
{
|
|
||||||
if(user_id.host() != my_host())
|
|
||||||
throw m::error
|
|
||||||
{
|
|
||||||
http::BAD_REQUEST,
|
|
||||||
"M_INVALID_USERNAME",
|
|
||||||
"Can only register with host '%s'",
|
|
||||||
my_host()
|
|
||||||
};
|
|
||||||
}
|
|
||||||
|
|
||||||
void
|
|
||||||
validate_password(const string_view &password)
|
|
||||||
{
|
|
||||||
if(password.size() > 255)
|
|
||||||
throw m::error
|
|
||||||
{
|
|
||||||
http::BAD_REQUEST,
|
|
||||||
"M_INVALID_PASSWORD",
|
|
||||||
"The desired password is too long"
|
|
||||||
};
|
|
||||||
}
|
|
||||||
|
|
||||||
const std::string
|
const std::string
|
||||||
flows
|
flows{R"({
|
||||||
{R"({
|
|
||||||
"flows":
|
"flows":
|
||||||
[
|
[
|
||||||
{
|
{
|
||||||
|
|
|
@ -10554,26 +10554,22 @@ console_cmd__user__register(opt &out, const string_view &line)
|
||||||
param.at(1)
|
param.at(1)
|
||||||
};
|
};
|
||||||
|
|
||||||
const m::registar request
|
const m::user::registar request
|
||||||
{
|
{
|
||||||
{ "username", username },
|
{ "username", username },
|
||||||
{ "password", password },
|
{ "password", password },
|
||||||
{ "bind_email", false },
|
{ "bind_email", false },
|
||||||
|
{ "inhibit_login", true },
|
||||||
};
|
};
|
||||||
|
|
||||||
using prototype = std::string
|
const unique_buffer<mutable_buffer> buf
|
||||||
(const m::registar &,
|
|
||||||
const client *const &,
|
|
||||||
const bool &);
|
|
||||||
|
|
||||||
static mods::import<prototype> register_user
|
|
||||||
{
|
{
|
||||||
"client_register", "register_user"
|
4_KiB
|
||||||
};
|
};
|
||||||
|
|
||||||
const auto ret
|
const auto ret
|
||||||
{
|
{
|
||||||
register_user(request, nullptr, false)
|
request(buf)
|
||||||
};
|
};
|
||||||
|
|
||||||
out << ret << std::endl;
|
out << ret << std::endl;
|
||||||
|
|
224
modules/m_user_register.cc
Normal file
224
modules/m_user_register.cc
Normal file
|
@ -0,0 +1,224 @@
|
||||||
|
// Matrix Construct
|
||||||
|
//
|
||||||
|
// Copyright (C) Matrix Construct Developers, Authors & Contributors
|
||||||
|
// Copyright (C) 2016-2019 Jason Volk <jason@zemos.net>
|
||||||
|
//
|
||||||
|
// Permission to use, copy, modify, and/or distribute this software for any
|
||||||
|
// purpose with or without fee is hereby granted, provided that the above
|
||||||
|
// copyright notice and this permission notice is present in all copies. The
|
||||||
|
// full license for this software is available in the LICENSE file.
|
||||||
|
|
||||||
|
ircd::mapi::header
|
||||||
|
IRCD_MODULE
|
||||||
|
{
|
||||||
|
"Matrix user register"
|
||||||
|
};
|
||||||
|
|
||||||
|
ircd::json::object
|
||||||
|
IRCD_MODULE_EXPORT
|
||||||
|
ircd::m::user::registar::operator()(const mutable_buffer &out,
|
||||||
|
const net::ipport &remote)
|
||||||
|
const
|
||||||
|
{
|
||||||
|
// 3.3.1 Additional authentication information for the user-interactive authentication API.
|
||||||
|
const json::object &auth
|
||||||
|
{
|
||||||
|
json::get<"auth"_>(*this)
|
||||||
|
};
|
||||||
|
|
||||||
|
// 3.3.1 The login type that the client is attempting to complete.
|
||||||
|
const string_view &type
|
||||||
|
{
|
||||||
|
!empty(auth)? unquote(auth.at("type")) : string_view{}
|
||||||
|
};
|
||||||
|
|
||||||
|
// We only support this for now, for some reason. TODO: XXX
|
||||||
|
if(type && type != "m.login.dummy")
|
||||||
|
throw m::UNSUPPORTED
|
||||||
|
{
|
||||||
|
"Registration '%s' not supported.", type
|
||||||
|
};
|
||||||
|
|
||||||
|
// 3.3.1 The local part of the desired Matrix ID. If omitted, the homeserver MUST
|
||||||
|
// generate a Matrix ID local part.
|
||||||
|
const auto &username
|
||||||
|
{
|
||||||
|
json::get<"username"_>(*this)
|
||||||
|
};
|
||||||
|
|
||||||
|
// Generate canonical mxid. The home_server is appended if one is not
|
||||||
|
// specified. We do not generate a user_id here if the local part is not
|
||||||
|
// specified. TODO: isn't that guest reg?
|
||||||
|
const m::id::user::buf user_id
|
||||||
|
{
|
||||||
|
username, my_host()
|
||||||
|
};
|
||||||
|
|
||||||
|
// Check if the the user_id is acceptably formed for this server or throws
|
||||||
|
validate_user_id(user_id);
|
||||||
|
|
||||||
|
// 3.3.1 Required. The desired password for the account.
|
||||||
|
const auto &password
|
||||||
|
{
|
||||||
|
json::at<"password"_>(*this)
|
||||||
|
};
|
||||||
|
|
||||||
|
// (r0.3.0) 3.4.1 ID of the client device. If this does not correspond to a
|
||||||
|
// known client device, a new device will be created. The server will auto-
|
||||||
|
// generate a device_id if this is not specified.
|
||||||
|
const auto requested_device_id
|
||||||
|
{
|
||||||
|
json::get<"device_id"_>(*this)
|
||||||
|
};
|
||||||
|
|
||||||
|
const m::id::device::buf device_id
|
||||||
|
{
|
||||||
|
requested_device_id?
|
||||||
|
m::id::device::buf{requested_device_id, my_host()}:
|
||||||
|
!json::get<"inhibit_login"_>(*this)?
|
||||||
|
m::id::device::buf{m::id::generate, my_host()}:
|
||||||
|
m::id::device::buf{}
|
||||||
|
};
|
||||||
|
|
||||||
|
const auto &initial_device_display_name
|
||||||
|
{
|
||||||
|
json::get<"initial_device_display_name"_>(*this)
|
||||||
|
};
|
||||||
|
|
||||||
|
// 3.3.1 If true, the server binds the email used for authentication to the
|
||||||
|
// Matrix ID with the ID Server. Defaults to false.
|
||||||
|
const auto &bind_email
|
||||||
|
{
|
||||||
|
json::get<"bind_email"_>(*this, false)
|
||||||
|
};
|
||||||
|
|
||||||
|
// Check if the password is acceptable for this server or throws
|
||||||
|
validate_password(password);
|
||||||
|
|
||||||
|
//TODO: ABA
|
||||||
|
if(exists(user_id))
|
||||||
|
throw m::error
|
||||||
|
{
|
||||||
|
http::CONFLICT, "M_USER_IN_USE",
|
||||||
|
"The desired user ID is already in use."
|
||||||
|
};
|
||||||
|
|
||||||
|
//TODO: ABA / TXN
|
||||||
|
// Represent the user
|
||||||
|
m::user user
|
||||||
|
{
|
||||||
|
m::create(user_id)
|
||||||
|
};
|
||||||
|
|
||||||
|
// Activate the account. Underneath this will create a special room
|
||||||
|
// for this user in the form of !@user:host and set a key in !users:host
|
||||||
|
// If the user_id is taken this throws 409 Conflict because those assets
|
||||||
|
// will already exist; otherwise the user is registered after this call.
|
||||||
|
//TODO: ABA / TXN
|
||||||
|
user.activate();
|
||||||
|
|
||||||
|
// Set the password for the account. This issues an ircd.password state
|
||||||
|
// event to the user's room. User will be able to login with
|
||||||
|
// m.login.password
|
||||||
|
user.password(password);
|
||||||
|
|
||||||
|
// Represent the user's room; was created in m::create(user_id)
|
||||||
|
m::user::room user_room
|
||||||
|
{
|
||||||
|
user
|
||||||
|
};
|
||||||
|
|
||||||
|
// Store the options from registration.
|
||||||
|
const m::event::id::buf account_options_id
|
||||||
|
{
|
||||||
|
send(user_room, user.user_id, "ircd.account.options", "registration", json::members
|
||||||
|
{
|
||||||
|
{ "bind_email", bind_email },
|
||||||
|
})
|
||||||
|
};
|
||||||
|
|
||||||
|
// Optionally generate an access_token for login.
|
||||||
|
char access_token_buf[32];
|
||||||
|
const string_view access_token
|
||||||
|
{
|
||||||
|
!json::get<"inhibit_login"_>(*this)?
|
||||||
|
m::user::gen_access_token(access_token_buf):
|
||||||
|
string_view{}
|
||||||
|
};
|
||||||
|
|
||||||
|
// Log the user in by issuing an event in the tokens room containing
|
||||||
|
// the generated token. When this call completes without throwing the
|
||||||
|
// access_token will be committed and the user will be logged in.
|
||||||
|
if(!json::get<"inhibit_login"_>(*this))
|
||||||
|
{
|
||||||
|
char remote_buf[96];
|
||||||
|
const json::value last_seen_ip
|
||||||
|
{
|
||||||
|
remote?
|
||||||
|
string(remote_buf, remote):
|
||||||
|
string_view{},
|
||||||
|
|
||||||
|
json::STRING
|
||||||
|
};
|
||||||
|
|
||||||
|
const m::event::id::buf access_token_id
|
||||||
|
{
|
||||||
|
m::send(m::user::tokens, user_id, "ircd.access_token", access_token, json::members
|
||||||
|
{
|
||||||
|
{ "ip", last_seen_ip },
|
||||||
|
{ "device_id", device_id },
|
||||||
|
})
|
||||||
|
};
|
||||||
|
|
||||||
|
const json::members device
|
||||||
|
{
|
||||||
|
{ "device_id", device_id },
|
||||||
|
{ "display_name", initial_device_display_name },
|
||||||
|
{ "last_seen_ts", ircd::time<milliseconds>() },
|
||||||
|
{ "last_seen_ip", last_seen_ip },
|
||||||
|
{ "access_token_id", access_token_id },
|
||||||
|
};
|
||||||
|
|
||||||
|
m::device::set(user_id, device);
|
||||||
|
}
|
||||||
|
|
||||||
|
// Send response to user
|
||||||
|
return json::stringify(mutable_buffer{out}, json::members
|
||||||
|
{
|
||||||
|
{ "user_id", user_id },
|
||||||
|
{ "home_server", my_host() },
|
||||||
|
{ "access_token", access_token },
|
||||||
|
{ "device_id", device_id },
|
||||||
|
});
|
||||||
|
}
|
||||||
|
|
||||||
|
void
|
||||||
|
IRCD_MODULE_EXPORT
|
||||||
|
ircd::m::user::registar::validate_password(const string_view &password)
|
||||||
|
{
|
||||||
|
static const size_t &max
|
||||||
|
{
|
||||||
|
255
|
||||||
|
};
|
||||||
|
|
||||||
|
if(password.size() > max)
|
||||||
|
throw m::error
|
||||||
|
{
|
||||||
|
http::BAD_REQUEST, "M_INVALID_PASSWORD",
|
||||||
|
"The desired password exceeds %zu characters",
|
||||||
|
max,
|
||||||
|
};
|
||||||
|
}
|
||||||
|
|
||||||
|
void
|
||||||
|
IRCD_MODULE_EXPORT
|
||||||
|
ircd::m::user::registar::validate_user_id(const m::user::id &user_id)
|
||||||
|
{
|
||||||
|
if(user_id.host() != my_host())
|
||||||
|
throw m::error
|
||||||
|
{
|
||||||
|
http::BAD_REQUEST, "M_INVALID_USERNAME",
|
||||||
|
"Can only register with host '%s'",
|
||||||
|
my_host()
|
||||||
|
};
|
||||||
|
}
|
Loading…
Reference in a new issue