Can request account creation from web app
This commit is contained in:
@ -19,7 +19,6 @@ pub async fn create_account(remote_ip: RemoteIP, req: web::Json<CreateAccountBod
|
||||
if rate_limiter_service::should_block_action(remote_ip.0, RatedAction::CreateAccount).await? {
|
||||
return Ok(HttpResponse::TooManyRequests().finish());
|
||||
}
|
||||
rate_limiter_service::record_action(remote_ip.0, RatedAction::CreateAccount).await?;
|
||||
|
||||
// Check if email is valid
|
||||
if !mailchecker::is_valid(&req.email) {
|
||||
@ -33,6 +32,8 @@ pub async fn create_account(remote_ip: RemoteIP, req: web::Json<CreateAccountBod
|
||||
return Ok(HttpResponse::BadRequest().json("Size constraints were not respected!"));
|
||||
}
|
||||
|
||||
rate_limiter_service::record_action(remote_ip.0, RatedAction::CreateAccount).await?;
|
||||
|
||||
// Perform cleanup
|
||||
users_service::delete_not_validated_accounts().await?;
|
||||
|
||||
@ -164,7 +165,7 @@ pub async fn reset_password(remote_ip: RemoteIP, req: web::Json<ResetPasswordBod
|
||||
.password_len
|
||||
.validate(&req.password)
|
||||
{
|
||||
return Ok(HttpResponse::BadRequest().json("Taille du mot de passe invalide!"));
|
||||
return Ok(HttpResponse::BadRequest().json("Invalid password len!"));
|
||||
}
|
||||
|
||||
// Validate account, if required
|
||||
@ -198,14 +199,14 @@ pub async fn password_login(remote_ip: RemoteIP, req: web::Json<PasswordLoginQue
|
||||
log::error!("Auth failed: could not find account by mail! {}", e);
|
||||
rate_limiter_service::record_action(remote_ip.0, RatedAction::FailedPasswordLogin)
|
||||
.await?;
|
||||
return Ok(HttpResponse::Unauthorized().json("Identifiants incorrects"));
|
||||
return Ok(HttpResponse::Unauthorized().json("Invalid credentials"));
|
||||
}
|
||||
};
|
||||
|
||||
if !user.check_password(&req.password) {
|
||||
log::error!("Auth failed: invalid password for mail {}", user.email);
|
||||
rate_limiter_service::record_action(remote_ip.0, RatedAction::FailedPasswordLogin).await?;
|
||||
return Ok(HttpResponse::Unauthorized().json("Identifiants incorrects"));
|
||||
return Ok(HttpResponse::Unauthorized().json("Invalid credentials"));
|
||||
}
|
||||
|
||||
finish_login(&user).await
|
||||
@ -220,7 +221,7 @@ struct LoginResponse {
|
||||
async fn finish_login(user: &User) -> HttpResult {
|
||||
if !user.active {
|
||||
log::error!("Auth failed: account for mail {} is disabled!", user.email);
|
||||
return Ok(HttpResponse::ExpectationFailed().json("Ce compte est désactivé !"));
|
||||
return Ok(HttpResponse::ExpectationFailed().json("This account is disabled!"));
|
||||
}
|
||||
|
||||
Ok(HttpResponse::Ok().json(LoginResponse {
|
||||
@ -271,16 +272,13 @@ pub async fn finish_openid_login(
|
||||
|
||||
if user_info.email_verified != Some(true) {
|
||||
log::error!("Email is not verified!");
|
||||
return Ok(
|
||||
HttpResponse::Unauthorized().json("Email non vérifié par le fournisseur d'identité !")
|
||||
);
|
||||
return Ok(HttpResponse::Unauthorized().json("Email unverified by IDP!"));
|
||||
}
|
||||
|
||||
let mail = match user_info.email {
|
||||
Some(m) => m,
|
||||
None => {
|
||||
return Ok(HttpResponse::Unauthorized()
|
||||
.json("Email non spécifié par le fournisseur d'identité !"));
|
||||
return Ok(HttpResponse::Unauthorized().json("Email not provided by the IDP!"));
|
||||
}
|
||||
};
|
||||
|
||||
@ -290,8 +288,7 @@ pub async fn finish_openid_login(
|
||||
(Some(name), _, _) => name,
|
||||
(None, Some(g), Some(f)) => format!("{g} {f}"),
|
||||
(_, _, _) => {
|
||||
return Ok(HttpResponse::Unauthorized()
|
||||
.json("Nom non spécifié par le fournisseur d'identité !"));
|
||||
return Ok(HttpResponse::Unauthorized().json("Name unspecified by the IDP!"));
|
||||
}
|
||||
};
|
||||
|
||||
|
||||
Reference in New Issue
Block a user