Skynet/ldap_backend
6
0
Fork 0
Code Issues 2 Pull requests Projects Releases Packages Wiki Activity Actions

feat: allow using student ID as a recovery method (for current students)

Browse source
This commit is contained in:
silver 2023-09-26 00:04:14 +01:00
parent 8fe859b393
commit f60345493c
1 changed files with 20 additions and 11 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

31
src/methods/account_recover.rs
View file

@ -49,12 +49,20 @@ pub mod password {
Some(x) => x, Some(x) => x,
}; };
let mail_is_skynet = user_details.mail.trim().ends_with("@skynet.ie");
// user does not have a different email address set // user does not have a different email address set
if user_details.mail.trim().ends_with("@skynet.ie") { if mail_is_skynet && &user_details.student_id == "00000000" {
// not returning an error here as there is no need to let the person requesting what email the user has // not returning an error here as there is no need to let the person requesting what email the user has
return Ok(json!({"result": "success"}).into()); return Ok(json!({"result": "success"}).into());
} }
let mail = if mail_is_skynet {
format!("{}@studentmail.ul.ie", &user_details.student_id)
} else {
user_details.mail
};
// check if a recent password reset request happened lately // check if a recent password reset request happened lately
db_pending_clear_expired(db).await?; db_pending_clear_expired(db).await?;
@ -66,10 +74,13 @@ pub mod password {
// send mail // send mail
let auth = random_string(50); let auth = random_string(50);
if send_mail(config, &user_details, &auth).is_ok() { match send_mail(config, &user_details.user, &mail, &auth) {
// save to db Ok(_) => {
save_to_db(db, &user_details.user, &auth).await?;
save_to_db(db, &user_details, &auth).await?; }
Err(e) => {
println!("{:?}", e);
}
} }
Ok(json!({"result": "success"}).into()) Ok(json!({"result": "success"}).into())
@ -206,15 +217,13 @@ pub mod password {
new_pass: Some(pass), new_pass: Some(pass),
}; };
//ldap.extended(tmp)?.success()?; ldap.extended(tmp)?.success()?;
ldap.unbind()?; ldap.unbind()?;
Ok(()) Ok(())
} }
fn send_mail(config: &Config, record: &Accounts, auth: &str) -> Result<Response, Error> { fn send_mail(config: &Config, recipient: &str, mail: &str, auth: &str) -> Result<Response, Error> {
let recipient = &record.user;
let mail = &record.mail;
let url_base = "https://account.skynet.ie"; let url_base = "https://account.skynet.ie";
let link_new = format!("{url_base}/recovery/password_reset?auth={auth}"); let link_new = format!("{url_base}/recovery/password_reset?auth={auth}");
let discord = "https://discord.skynet.ie"; let discord = "https://discord.skynet.ie";
@ -288,7 +297,7 @@ pub mod password {
mailer.send(&email) mailer.send(&email)
} }
async fn save_to_db(db: &Pool<Sqlite>, record: &Accounts, auth: &str) -> Result<Option<AccountsReset>, sqlx::Error> { async fn save_to_db(db: &Pool<Sqlite>, user: &str, auth: &str) -> Result<Option<AccountsReset>, sqlx::Error> {
// lets start off a 4 hour timeout on password resets // lets start off a 4 hour timeout on password resets
let offset = Utc::now() + Duration::hours(4); let offset = Utc::now() + Duration::hours(4);
@ -298,7 +307,7 @@ pub mod password {
VALUES (?1, ?2, ?3) VALUES (?1, ?2, ?3)
", ",
) )
.bind(record.user.to_owned()) .bind(user.to_owned())
.bind(auth.to_owned()) .bind(auth.to_owned())
.bind(offset.to_rfc3339_opts(SecondsFormat::Millis, true)) .bind(offset.to_rfc3339_opts(SecondsFormat::Millis, true))
.fetch_optional(db) .fetch_optional(db)