From 4d9c907b583b03db3fc8eb0271b3b398ede3319b Mon Sep 17 00:00:00 2001 From: Jordan Bancino Date: Thu, 11 May 2023 03:03:40 +0000 Subject: [PATCH] Attach device ID to authenticated user. Now RouteWhoAmI can use UserAuthenticate just like the other endpoints. --- TODO.txt | 8 ++++---- src/Routes/RouteWhoami.c | 19 ++++++------------- src/User.c | 12 ++++++++++-- src/include/User.h | 11 +++++++++++ 4 files changed, 31 insertions(+), 19 deletions(-) diff --git a/TODO.txt b/TODO.txt index 65e606f..6e82a3e 100644 --- a/TODO.txt +++ b/TODO.txt @@ -22,12 +22,12 @@ Milestone: v0.3.0 [ ] Debug OpenSSL [~] Client-Server API - [~] 4: Account management + [x] 4: Account management [x] Deactivate [x] Make sure UserLogin() fails if user is deactivated. - [~] Whoami - [ ] Attach device id to user object - [ ] Use UserAuthenticate() + [x] Whoami + [x] Attach device id to user object + [x] Use UserAuthenticate() [~] 9: User Data [ ] 10: Security (Rate Limiting) diff --git a/src/Routes/RouteWhoami.c b/src/Routes/RouteWhoami.c index b627cbb..9532a46 100644 --- a/src/Routes/RouteWhoami.c +++ b/src/Routes/RouteWhoami.c @@ -37,9 +37,7 @@ ROUTE_IMPL(RouteWhoami, path, argp) Db *db = args->matrixArgs->db; HashMap *response = NULL; - HashMap *tokenJson = NULL; - - DbRef *ref; + User *user = NULL; char *token; char *userID; @@ -65,25 +63,20 @@ ROUTE_IMPL(RouteWhoami, path, argp) } /* Authenticate with our token */ - if (!DbExists(db, 3, "tokens", "access", token)) + user = UserAuthenticate(db, token); + if (!user) { HttpResponseStatus(args->context, HTTP_UNAUTHORIZED); response = MatrixErrorCreate(M_UNKNOWN_TOKEN); goto finish; } - ref = DbLock(db, 3, "tokens", "access", token); - tokenJson = DbJson(ref); - response = HashMapCreate(); - userID = StrConcat(4, "@", - JsonValueAsString(HashMapGet(tokenJson, "user")), - ":", config->serverName); + userID = StrConcat(4, "@", UserGetName(user), ":", config->serverName); + deviceID = StrDuplicate(UserGetDeviceId(user)); - deviceID = StrDuplicate(JsonValueAsString(HashMapGet(tokenJson, "device"))); - - DbUnlock(db, ref); + UserUnlock(user); HashMapSet(response, "device_id", JsonValueString(deviceID)); HashMapSet(response, "user_id", JsonValueString(userID)); diff --git a/src/User.c b/src/User.c index ec9c888..e8364e3 100644 --- a/src/User.c +++ b/src/User.c @@ -36,6 +36,7 @@ struct User DbRef *ref; char *name; + char *deviceId; }; int @@ -114,6 +115,7 @@ UserLock(Db * db, char *name) user->db = db; user->ref = ref; user->name = StrDuplicate(name); + user->deviceId = NULL; return user; } @@ -157,8 +159,7 @@ UserAuthenticate(Db * db, char *accessToken) return NULL; } - /* TODO: Attach deviceId to User */ - (void) deviceId; + user->deviceId = StrDuplicate(deviceId); DbUnlock(db, atRef); return user; @@ -175,6 +176,7 @@ UserUnlock(User * user) } Free(user->name); + Free(user->deviceId); ret = DbUnlock(user->db, user->ref); Free(user); @@ -342,6 +344,12 @@ UserGetName(User * user) return user ? user->name : NULL; } +char * +UserGetDeviceId(User * user) +{ + return user ? user->deviceId : NULL; +} + int UserCheckPassword(User * user, char *password) { diff --git a/src/include/User.h b/src/include/User.h index a82f6d6..9ff8c00 100644 --- a/src/include/User.h +++ b/src/include/User.h @@ -168,6 +168,17 @@ extern UserLoginInfo * UserLogin(User *, char *, char *, char *, int); */ extern char * UserGetName(User *); +/** + * Get the device ID attached to a user object, or NULL if the user + * reference was not obtained using + * .Fn UserAuthenticate . + * If + * .Fn UserLogin + * is used, the return value will have the device ID in it, but the + * device ID is not set on the user reference. + */ +extern char * UserGetDeviceId(User *); + /** * Take a password and verify it against a user object. Telodendria * does not store passwords in plain text, so this function hashes the