0
0
Fork 0
mirror of https://github.com/matrix-construct/construct synced 2024-11-17 23:40:57 +01:00
construct/modules/client/register.cc

222 lines
5.6 KiB
C++

/*
* Copyright (C) 2017 Charybdis Development Team
* Copyright (C) 2017 Jason Volk <jason@zemos.net>
*
* Permission to use, copy, modify, and/or distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
* copyright notice and this permission notice is present in all copies.
*
* THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
* IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
* WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
* DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT,
* INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
* (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
* SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING
* IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
* POSSIBILITY OF SUCH DAMAGE.
*/
using namespace ircd;
const auto home_server
{
// "The hostname of the homeserver on which the account has been registered."
"cdc.z"
};
namespace { namespace name
{
constexpr const auto username {"username"};
constexpr const auto bind_email {"bind_email"};
constexpr const auto password {"password"};
constexpr const auto auth {"auth"};
}}
struct body
:json::tuple
<
json::property<name::username, string_view>,
json::property<name::bind_email, bool>,
json::property<name::password, string_view>,
json::property<name::auth, json::object>
>
{
using super_type::tuple;
};
static void validate_user_id(const m::id::user &user_id);
static void validate_password(const string_view &password);
resource::response
handle_post_kind_user(client &client,
const resource::request::object<body> &request)
{
// 3.3.1 Additional authentication information for the user-interactive authentication API.
const auto &auth
{
at<name::auth>(request)
};
// 3.3.1 Required. The login type that the client is attempting to complete.
const auto &type
{
unquote(auth.at("type"))
};
// We only support this for now, for some reason. TODO: XXX
if(type != "m.login.dummy")
throw m::error
{
"M_UNSUPPORTED", "Registration '%s' not supported.", type
};
// 3.3.1 The local part of the desired Matrix ID. If omitted, the homeserver MUST
// generate a Matrix ID local part.
const auto &username
{
unquote(get<name::username>(request))
};
// Generate canonical mxid. The home_server is appended if one is not
// specified. We do not generate a user_id here if the local part is not
// specified. TODO: isn't that guest reg?
const m::id::user::buf user_id
{
username, home_server
};
// Check if the the user_id is acceptably formed for this server or throws
validate_user_id(user_id);
// 3.3.1 Required. The desired password for the account.
const auto &password
{
at<name::password>(request)
};
// 3.3.1 If true, the server binds the email used for authentication to the
// Matrix ID with the ID Server. Defaults to false.
const auto &bind_email
{
get<name::bind_email>(request, false)
};
// Check if the password is acceptable for this server or throws
validate_password(password);
// Represent the user
m::user user
{
user_id
};
// Activate the account. Underneath this will join the user to the room
// !accounts:your.domain. If the user_id is already a member then this
// throws 409 Conflict; otherwise the user is registered after this call.
user.activate(
{
{ "bind_email", bind_email },
});
// Set the password for the account. This issues an ircd.password state
// event to the accounts room for the user. If this call completes the
// user will be able to login with m.login.password
user.password(password);
// Send response to user
return resource::response
{
client, http::CREATED,
{
{ "user_id", user_id },
{ "home_server", home_server },
// { "access_token", access_token },
}
};
}
resource::response
handle_post_kind_guest(client &client,
const resource::request::object<body> &request)
{
const m::id::user::buf user_id
{
m::generate, home_server
};
return resource::response
{
client, http::CREATED,
{
{ "user_id", user_id },
{ "home_server", home_server },
// { "access_token", access_token },
}
};
}
resource::response
handle_post(client &client,
const resource::request::object<body> &request)
{
const auto kind
{
request.query["kind"]
};
if(kind == "user")
return handle_post_kind_user(client, request);
if(kind.empty() || kind == "guest")
return handle_post_kind_guest(client, request);
throw m::error
{
http::BAD_REQUEST, "M_UNKNOWN", "Unknown 'kind' of registration specified in query."
};
}
resource register_resource
{
"_matrix/client/r0/register",
"Register for an account on this homeserver. (3.3.1)"
};
resource::method post
{
register_resource, "POST", handle_post
};
mapi::header IRCD_MODULE
{
"registers the resource 'client/register' to handle requests"
};
void
validate_user_id(const m::id::user &user_id)
{
if(!user_id.valid())
throw m::error
{
"M_INVALID_USERNAME", "The desired user ID is not a valid user name."
};
if(user_id.host() != home_server)
throw m::error
{
"M_INVALID_USERNAME", "Can only register with host '%s'", home_server
};
}
void
validate_password(const string_view &password)
{
if(password.size() > 255)
throw m::error
{
"M_INVALID_PASSWORD", "The desired password is too long"
};
}