Comunic/comunicapiv3
1
0
Fork 0
mirror of https://gitlab.com/comunic/comunicapiv3 synced 2025-07-06 15:52:48 +00:00
Code Issues Projects Releases Wiki Activity

Add password to security keys

Browse Source
This commit is contained in:
Pierre HUBERT
2021-07-11 17:54:15 +02:00
parent 28b24f39b0
commit cb44497fee
7 changed files with 24 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
src/controllers/admin/admin_keys_controller.rs
View File

@ -3,6 +3,8 @@
//! @author Pierre Hubert
use bcrypt::verify;
use crate::api_data::admin::admin_auth_success::AdminAuthSuccess;
use crate::api_data::admin::admin_keys_api::AdminKeyAPI;
use crate::constants::admin::AdminRole;
@ -63,6 +65,7 @@ pub fn challenge_register_key(r: &mut HttpRequestHandler) -> RequestResult {
/// Register key
pub fn register_key(r: &mut HttpRequestHandler) -> RequestResult {
let key_name = r.post_string("name")?;
let key_password = r.post_string("password")?;
let creds = r.post_register_public_key_credential("key")?;
let state = r.some_or_internal_error(
@ -73,7 +76,7 @@ pub fn register_key(r: &mut HttpRequestHandler) -> RequestResult {
let wan = get_wan();
let key = wan.register_credential(creds, state, |_| Ok(false))?;
let key_id = admin_account_key_helper::add_key(r.admin_id()?, &key_name, key)?;
let key_id = admin_account_key_helper::add_key(r.admin_id()?, &key_name, key, key_password)?;
log_admin_action(r.admin_id()?, &r.remote_ip(),
AdminAction::RegisteredAdminKey {
@ -138,6 +141,15 @@ pub fn auth_with_key(r: &mut HttpRequestHandler) -> RequestResult {
let state = get_wan().authenticate_credential(credentials, state)?;
r.some_or_bad_request(state, "Invalid key!")?;
// Check key password (if any)
if let Some(pass_hash) = key.password {
let password = r.post_string("password")?;
if !verify(password, &pass_hash)? {
r.forbidden("Bad key password!".to_string())?;
}
}
// Generate access token
let token = admin_access_token_helper::create(key.admin_id)?;