forked from lda/telodendria
Attach device ID to authenticated user.
Now RouteWhoAmI can use UserAuthenticate just like the other endpoints.
This commit is contained in:
parent
c1c57fd4cf
commit
4d9c907b58
4 changed files with 31 additions and 19 deletions
8
TODO.txt
8
TODO.txt
|
@ -22,12 +22,12 @@ Milestone: v0.3.0
|
|||
[ ] Debug OpenSSL
|
||||
|
||||
[~] Client-Server API
|
||||
[~] 4: Account management
|
||||
[x] 4: Account management
|
||||
[x] Deactivate
|
||||
[x] Make sure UserLogin() fails if user is deactivated.
|
||||
[~] Whoami
|
||||
[ ] Attach device id to user object
|
||||
[ ] Use UserAuthenticate()
|
||||
[x] Whoami
|
||||
[x] Attach device id to user object
|
||||
[x] Use UserAuthenticate()
|
||||
[~] 9: User Data
|
||||
[ ] 10: Security (Rate Limiting)
|
||||
|
||||
|
|
|
@ -37,9 +37,7 @@ ROUTE_IMPL(RouteWhoami, path, argp)
|
|||
Db *db = args->matrixArgs->db;
|
||||
|
||||
HashMap *response = NULL;
|
||||
HashMap *tokenJson = NULL;
|
||||
|
||||
DbRef *ref;
|
||||
User *user = NULL;
|
||||
|
||||
char *token;
|
||||
char *userID;
|
||||
|
@ -65,25 +63,20 @@ ROUTE_IMPL(RouteWhoami, path, argp)
|
|||
}
|
||||
|
||||
/* Authenticate with our token */
|
||||
if (!DbExists(db, 3, "tokens", "access", token))
|
||||
user = UserAuthenticate(db, token);
|
||||
if (!user)
|
||||
{
|
||||
HttpResponseStatus(args->context, HTTP_UNAUTHORIZED);
|
||||
response = MatrixErrorCreate(M_UNKNOWN_TOKEN);
|
||||
goto finish;
|
||||
}
|
||||
|
||||
ref = DbLock(db, 3, "tokens", "access", token);
|
||||
tokenJson = DbJson(ref);
|
||||
|
||||
response = HashMapCreate();
|
||||
|
||||
userID = StrConcat(4, "@",
|
||||
JsonValueAsString(HashMapGet(tokenJson, "user")),
|
||||
":", config->serverName);
|
||||
userID = StrConcat(4, "@", UserGetName(user), ":", config->serverName);
|
||||
deviceID = StrDuplicate(UserGetDeviceId(user));
|
||||
|
||||
deviceID = StrDuplicate(JsonValueAsString(HashMapGet(tokenJson, "device")));
|
||||
|
||||
DbUnlock(db, ref);
|
||||
UserUnlock(user);
|
||||
|
||||
HashMapSet(response, "device_id", JsonValueString(deviceID));
|
||||
HashMapSet(response, "user_id", JsonValueString(userID));
|
||||
|
|
12
src/User.c
12
src/User.c
|
@ -36,6 +36,7 @@ struct User
|
|||
DbRef *ref;
|
||||
|
||||
char *name;
|
||||
char *deviceId;
|
||||
};
|
||||
|
||||
int
|
||||
|
@ -114,6 +115,7 @@ UserLock(Db * db, char *name)
|
|||
user->db = db;
|
||||
user->ref = ref;
|
||||
user->name = StrDuplicate(name);
|
||||
user->deviceId = NULL;
|
||||
|
||||
return user;
|
||||
}
|
||||
|
@ -157,8 +159,7 @@ UserAuthenticate(Db * db, char *accessToken)
|
|||
return NULL;
|
||||
}
|
||||
|
||||
/* TODO: Attach deviceId to User */
|
||||
(void) deviceId;
|
||||
user->deviceId = StrDuplicate(deviceId);
|
||||
|
||||
DbUnlock(db, atRef);
|
||||
return user;
|
||||
|
@ -175,6 +176,7 @@ UserUnlock(User * user)
|
|||
}
|
||||
|
||||
Free(user->name);
|
||||
Free(user->deviceId);
|
||||
|
||||
ret = DbUnlock(user->db, user->ref);
|
||||
Free(user);
|
||||
|
@ -342,6 +344,12 @@ UserGetName(User * user)
|
|||
return user ? user->name : NULL;
|
||||
}
|
||||
|
||||
char *
|
||||
UserGetDeviceId(User * user)
|
||||
{
|
||||
return user ? user->deviceId : NULL;
|
||||
}
|
||||
|
||||
int
|
||||
UserCheckPassword(User * user, char *password)
|
||||
{
|
||||
|
|
|
@ -168,6 +168,17 @@ extern UserLoginInfo * UserLogin(User *, char *, char *, char *, int);
|
|||
*/
|
||||
extern char * UserGetName(User *);
|
||||
|
||||
/**
|
||||
* Get the device ID attached to a user object, or NULL if the user
|
||||
* reference was not obtained using
|
||||
* .Fn UserAuthenticate .
|
||||
* If
|
||||
* .Fn UserLogin
|
||||
* is used, the return value will have the device ID in it, but the
|
||||
* device ID is not set on the user reference.
|
||||
*/
|
||||
extern char * UserGetDeviceId(User *);
|
||||
|
||||
/**
|
||||
* Take a password and verify it against a user object. Telodendria
|
||||
* does not store passwords in plain text, so this function hashes the
|
||||
|
|
Loading…
Reference in a new issue