Attach device ID to authenticated user.

Now RouteWhoAmI can use UserAuthenticate just like the other endpoints.
This commit is contained in:
Jordan Bancino 2023-05-11 03:03:40 +00:00
parent c1c57fd4cf
commit 4d9c907b58
4 changed files with 31 additions and 19 deletions

View file

@ -22,12 +22,12 @@ Milestone: v0.3.0
[ ] Debug OpenSSL
[~] Client-Server API
[~] 4: Account management
[x] 4: Account management
[x] Deactivate
[x] Make sure UserLogin() fails if user is deactivated.
[~] Whoami
[ ] Attach device id to user object
[ ] Use UserAuthenticate()
[x] Whoami
[x] Attach device id to user object
[x] Use UserAuthenticate()
[~] 9: User Data
[ ] 10: Security (Rate Limiting)

View file

@ -37,9 +37,7 @@ ROUTE_IMPL(RouteWhoami, path, argp)
Db *db = args->matrixArgs->db;
HashMap *response = NULL;
HashMap *tokenJson = NULL;
DbRef *ref;
User *user = NULL;
char *token;
char *userID;
@ -65,25 +63,20 @@ ROUTE_IMPL(RouteWhoami, path, argp)
}
/* Authenticate with our token */
if (!DbExists(db, 3, "tokens", "access", token))
user = UserAuthenticate(db, token);
if (!user)
{
HttpResponseStatus(args->context, HTTP_UNAUTHORIZED);
response = MatrixErrorCreate(M_UNKNOWN_TOKEN);
goto finish;
}
ref = DbLock(db, 3, "tokens", "access", token);
tokenJson = DbJson(ref);
response = HashMapCreate();
userID = StrConcat(4, "@",
JsonValueAsString(HashMapGet(tokenJson, "user")),
":", config->serverName);
userID = StrConcat(4, "@", UserGetName(user), ":", config->serverName);
deviceID = StrDuplicate(UserGetDeviceId(user));
deviceID = StrDuplicate(JsonValueAsString(HashMapGet(tokenJson, "device")));
DbUnlock(db, ref);
UserUnlock(user);
HashMapSet(response, "device_id", JsonValueString(deviceID));
HashMapSet(response, "user_id", JsonValueString(userID));

View file

@ -36,6 +36,7 @@ struct User
DbRef *ref;
char *name;
char *deviceId;
};
int
@ -114,6 +115,7 @@ UserLock(Db * db, char *name)
user->db = db;
user->ref = ref;
user->name = StrDuplicate(name);
user->deviceId = NULL;
return user;
}
@ -157,8 +159,7 @@ UserAuthenticate(Db * db, char *accessToken)
return NULL;
}
/* TODO: Attach deviceId to User */
(void) deviceId;
user->deviceId = StrDuplicate(deviceId);
DbUnlock(db, atRef);
return user;
@ -175,6 +176,7 @@ UserUnlock(User * user)
}
Free(user->name);
Free(user->deviceId);
ret = DbUnlock(user->db, user->ref);
Free(user);
@ -342,6 +344,12 @@ UserGetName(User * user)
return user ? user->name : NULL;
}
char *
UserGetDeviceId(User * user)
{
return user ? user->deviceId : NULL;
}
int
UserCheckPassword(User * user, char *password)
{

View file

@ -168,6 +168,17 @@ extern UserLoginInfo * UserLogin(User *, char *, char *, char *, int);
*/
extern char * UserGetName(User *);
/**
* Get the device ID attached to a user object, or NULL if the user
* reference was not obtained using
* .Fn UserAuthenticate .
* If
* .Fn UserLogin
* is used, the return value will have the device ID in it, but the
* device ID is not set on the user reference.
*/
extern char * UserGetDeviceId(User *);
/**
* Take a password and verify it against a user object. Telodendria
* does not store passwords in plain text, so this function hashes the