forked from Telodendria/Telodendria
More validation in user-interactive API
This commit is contained in:
parent
7d8cec8185
commit
f475cac601
2 changed files with 68 additions and 21 deletions
4
TODO.txt
4
TODO.txt
|
@ -11,7 +11,9 @@ Key:
|
||||||
Milestone: v0.1.1
|
Milestone: v0.1.1
|
||||||
-----------------
|
-----------------
|
||||||
|
|
||||||
[ ] Database version file
|
[ ] Abstract user-interactive authentication
|
||||||
|
[ ] Abstract /email/requestToken and /msidsn/requestToken
|
||||||
|
|
||||||
[ ] User registration
|
[ ] User registration
|
||||||
|
|
||||||
Milestone: v1.0.0
|
Milestone: v1.0.0
|
||||||
|
|
|
@ -30,6 +30,26 @@
|
||||||
#include <Util.h>
|
#include <Util.h>
|
||||||
#include <Memory.h>
|
#include <Memory.h>
|
||||||
|
|
||||||
|
static HashMap *
|
||||||
|
BuildDummyFlow(void)
|
||||||
|
{
|
||||||
|
HashMap *response = HashMapCreate();
|
||||||
|
HashMap *dummyFlow = HashMapCreate();
|
||||||
|
Array *stages = ArrayCreate();
|
||||||
|
Array *flows = ArrayCreate();
|
||||||
|
|
||||||
|
ArrayAdd(stages,
|
||||||
|
JsonValueString(UtilStringDuplicate("m.login.dummy")));
|
||||||
|
HashMapSet(dummyFlow, "stages", JsonValueArray(stages));
|
||||||
|
ArrayAdd(flows, JsonValueObject(dummyFlow));
|
||||||
|
|
||||||
|
HashMapSet(response, "flows", JsonValueArray(flows));
|
||||||
|
HashMapSet(response, "params",
|
||||||
|
JsonValueObject(HashMapCreate()));
|
||||||
|
|
||||||
|
return response;
|
||||||
|
}
|
||||||
|
|
||||||
ROUTE_IMPL(RouteRegister, args)
|
ROUTE_IMPL(RouteRegister, args)
|
||||||
{
|
{
|
||||||
HashMap *request = NULL;
|
HashMap *request = NULL;
|
||||||
|
@ -39,7 +59,14 @@ ROUTE_IMPL(RouteRegister, args)
|
||||||
|
|
||||||
if (MATRIX_PATH_PARTS(args->path) == 0)
|
if (MATRIX_PATH_PARTS(args->path) == 0)
|
||||||
{
|
{
|
||||||
HashMap *auth = NULL;
|
JsonValue *auth = NULL;
|
||||||
|
|
||||||
|
HashMap *authObj = JsonValueAsObject(auth);
|
||||||
|
JsonValue *type = HashMapGet(authObj, "type");
|
||||||
|
JsonValue *session = HashMapGet(authObj, "session");
|
||||||
|
|
||||||
|
char *typeStr;
|
||||||
|
char *sessionStr;
|
||||||
|
|
||||||
if (HttpRequestMethodGet(args->context) != HTTP_POST)
|
if (HttpRequestMethodGet(args->context) != HTTP_POST)
|
||||||
{
|
{
|
||||||
|
@ -63,14 +90,9 @@ ROUTE_IMPL(RouteRegister, args)
|
||||||
auth = HashMapGet(request, "auth");
|
auth = HashMapGet(request, "auth");
|
||||||
if (!auth)
|
if (!auth)
|
||||||
{
|
{
|
||||||
Array *flows = ArrayCreate();
|
|
||||||
HashMap *dummyFlow = HashMapCreate();
|
|
||||||
Array *stages = ArrayCreate();
|
|
||||||
|
|
||||||
char *session = UtilRandomString(24);
|
char *session = UtilRandomString(24);
|
||||||
|
|
||||||
DbRef *ref = DbCreate(args->matrixArgs->db, 2,
|
DbRef *ref = DbCreate(args->matrixArgs->db, 2,
|
||||||
"user_interactive", session);
|
"user_interactive", session);
|
||||||
HashMap *persist = DbJson(ref);
|
HashMap *persist = DbJson(ref);
|
||||||
|
|
||||||
HashMapSet(persist, "created",
|
HashMapSet(persist, "created",
|
||||||
|
@ -79,25 +101,48 @@ ROUTE_IMPL(RouteRegister, args)
|
||||||
|
|
||||||
DbUnlock(args->matrixArgs->db, ref);
|
DbUnlock(args->matrixArgs->db, ref);
|
||||||
|
|
||||||
response = HashMapCreate();
|
HttpResponseStatus(args->context, HTTP_UNAUTHORIZED);
|
||||||
|
response = BuildDummyFlow();
|
||||||
|
|
||||||
ArrayAdd(stages,
|
|
||||||
JsonValueString(UtilStringDuplicate("m.login.dummy")));
|
|
||||||
HashMapSet(dummyFlow, "stages", JsonValueArray(stages));
|
|
||||||
ArrayAdd(flows, JsonValueObject(dummyFlow));
|
|
||||||
|
|
||||||
HashMapSet(response, "flows", JsonValueArray(flows));
|
|
||||||
HashMapSet(response, "params",
|
|
||||||
JsonValueObject(HashMapCreate()));
|
|
||||||
HashMapSet(response, "session", JsonValueString(session));
|
HashMapSet(response, "session", JsonValueString(session));
|
||||||
|
|
||||||
|
goto finish;
|
||||||
}
|
}
|
||||||
else
|
|
||||||
|
if (JsonValueType(auth) != JSON_OBJECT)
|
||||||
{
|
{
|
||||||
|
HttpResponseStatus(args->context, HTTP_BAD_REQUEST);
|
||||||
|
response = MatrixErrorCreate(M_BAD_JSON);
|
||||||
|
goto finish;
|
||||||
}
|
}
|
||||||
|
|
||||||
/* TODO: Complete account registration flow */
|
if (!type || JsonValueType(type) != JSON_STRING)
|
||||||
|
{
|
||||||
|
HttpResponseStatus(args->context, HTTP_BAD_REQUEST);
|
||||||
|
response = MatrixErrorCreate(M_BAD_JSON);
|
||||||
|
goto finish;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (!session || JsonValueType(session) != JSON_STRING)
|
||||||
|
{
|
||||||
|
HttpResponseStatus(args->context, HTTP_UNAUTHORIZED);
|
||||||
|
response = BuildDummyFlow();
|
||||||
|
goto finish;
|
||||||
|
}
|
||||||
|
|
||||||
|
typeStr = JsonValueAsString(session);
|
||||||
|
sessionStr = JsonValueAsString(session);
|
||||||
|
|
||||||
|
if (strcmp(typeStr, "m.login.dummy") != 0)
|
||||||
|
{
|
||||||
|
HttpResponseStatus(args->context, HTTP_BAD_REQUEST);
|
||||||
|
response = MatrixErrorCreate(M_INVALID_PARAM);
|
||||||
|
goto finish;
|
||||||
|
}
|
||||||
|
|
||||||
|
/* Check to see if session exists */
|
||||||
|
|
||||||
|
finish:
|
||||||
JsonFree(request);
|
JsonFree(request);
|
||||||
}
|
}
|
||||||
else
|
else
|
||||||
|
@ -108,7 +153,7 @@ ROUTE_IMPL(RouteRegister, args)
|
||||||
MATRIX_PATH_EQUALS(pathPart, "available"))
|
MATRIX_PATH_EQUALS(pathPart, "available"))
|
||||||
{
|
{
|
||||||
char *username = HashMapGet(
|
char *username = HashMapGet(
|
||||||
HttpRequestParams(args->context), "username");
|
HttpRequestParams(args->context), "username");
|
||||||
|
|
||||||
if (!username)
|
if (!username)
|
||||||
{
|
{
|
||||||
|
|
Loading…
Reference in a new issue