forked from jmug/stoatchat
Use flags for email / registration correctly.
This commit is contained in:
2
Cargo.lock
generated
2
Cargo.lock
generated
@@ -2031,7 +2031,7 @@ dependencies = [
|
|||||||
|
|
||||||
[[package]]
|
[[package]]
|
||||||
name = "revolt"
|
name = "revolt"
|
||||||
version = "0.2.9"
|
version = "0.2.10"
|
||||||
dependencies = [
|
dependencies = [
|
||||||
"bcrypt",
|
"bcrypt",
|
||||||
"bitfield",
|
"bitfield",
|
||||||
|
|||||||
@@ -1,6 +1,6 @@
|
|||||||
[package]
|
[package]
|
||||||
name = "revolt"
|
name = "revolt"
|
||||||
version = "0.2.9"
|
version = "0.2.10"
|
||||||
authors = ["Paul Makles <paulmakles@gmail.com>"]
|
authors = ["Paul Makles <paulmakles@gmail.com>"]
|
||||||
edition = "2018"
|
edition = "2018"
|
||||||
|
|
||||||
|
|||||||
@@ -1,13 +1,12 @@
|
|||||||
use mongodb::sync::{Client, Collection, Database};
|
use crate::util::variables::MONGO_URI;
|
||||||
use std::env;
|
|
||||||
|
|
||||||
|
use mongodb::sync::{Client, Collection, Database};
|
||||||
use once_cell::sync::OnceCell;
|
use once_cell::sync::OnceCell;
|
||||||
|
|
||||||
static DBCONN: OnceCell<Client> = OnceCell::new();
|
static DBCONN: OnceCell<Client> = OnceCell::new();
|
||||||
|
|
||||||
pub fn connect() {
|
pub fn connect() {
|
||||||
let client =
|
let client = Client::with_uri_str(&MONGO_URI).expect("Failed to init db connection.");
|
||||||
Client::with_uri_str(&env::var("DB_URI").expect("DB_URI not in environment variables!"))
|
|
||||||
.expect("Failed to init db connection.");
|
|
||||||
|
|
||||||
DBCONN.set(client).unwrap();
|
DBCONN.set(client).unwrap();
|
||||||
migrations::run_migrations();
|
migrations::run_migrations();
|
||||||
|
|||||||
10
src/main.rs
10
src/main.rs
@@ -16,10 +16,18 @@ pub mod util;
|
|||||||
|
|
||||||
use rocket_cors::AllowedOrigins;
|
use rocket_cors::AllowedOrigins;
|
||||||
use std::thread;
|
use std::thread;
|
||||||
|
use log::info;
|
||||||
|
|
||||||
fn main() {
|
fn main() {
|
||||||
dotenv::dotenv().ok();
|
dotenv::dotenv().ok();
|
||||||
env_logger::init();
|
env_logger::init_from_env(
|
||||||
|
env_logger::Env::default()
|
||||||
|
.filter_or("RUST_LOG", "info")
|
||||||
|
);
|
||||||
|
|
||||||
|
info!("Starting REVOLT server.");
|
||||||
|
|
||||||
|
util::variables::preflight_checks();
|
||||||
database::connect();
|
database::connect();
|
||||||
notifications::start_worker();
|
notifications::start_worker();
|
||||||
|
|
||||||
|
|||||||
@@ -1,7 +1,7 @@
|
|||||||
use super::state::{self, StateResult};
|
use super::state::{self, StateResult};
|
||||||
|
use crate::util::variables::WS_HOST;
|
||||||
|
|
||||||
use serde_json::{from_str, json, Value};
|
use serde_json::{from_str, json, Value};
|
||||||
use std::env;
|
|
||||||
use ulid::Ulid;
|
use ulid::Ulid;
|
||||||
use ws::{listen, CloseCode, Error, Handler, Handshake, Message, Result, Sender};
|
use ws::{listen, CloseCode, Error, Handler, Handshake, Message, Result, Sender};
|
||||||
|
|
||||||
@@ -126,13 +126,10 @@ impl Handler for Server {
|
|||||||
pub fn launch_server() {
|
pub fn launch_server() {
|
||||||
state::init();
|
state::init();
|
||||||
|
|
||||||
listen(
|
listen(WS_HOST.to_string(), |sender| Server {
|
||||||
env::var("WS_HOST").unwrap_or("0.0.0.0:9000".to_string()),
|
|
||||||
|sender| Server {
|
|
||||||
sender,
|
sender,
|
||||||
user_id: None,
|
user_id: None,
|
||||||
id: Ulid::new().to_string(),
|
id: Ulid::new().to_string(),
|
||||||
},
|
})
|
||||||
)
|
|
||||||
.unwrap()
|
.unwrap()
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -1,6 +1,7 @@
|
|||||||
use super::Response;
|
use super::Response;
|
||||||
use crate::database;
|
use crate::database;
|
||||||
use crate::util::{captcha, email, gen_token};
|
use crate::util::{captcha, email, gen_token};
|
||||||
|
use crate::util::variables::{DISABLE_REGISTRATION, USE_EMAIL};
|
||||||
|
|
||||||
use bcrypt::{hash, verify};
|
use bcrypt::{hash, verify};
|
||||||
use chrono::prelude::*;
|
use chrono::prelude::*;
|
||||||
@@ -33,7 +34,7 @@ pub fn create(info: Json<Create>) -> Response {
|
|||||||
return Response::BadRequest(json!({ "error": error }));
|
return Response::BadRequest(json!({ "error": error }));
|
||||||
}
|
}
|
||||||
|
|
||||||
if true {
|
if *DISABLE_REGISTRATION {
|
||||||
return Response::BadRequest(json!({ "error": "Registration disabled." }));
|
return Response::BadRequest(json!({ "error": "Registration disabled." }));
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -73,30 +74,45 @@ pub fn create(info: Json<Create>) -> Response {
|
|||||||
let access_token = gen_token(92);
|
let access_token = gen_token(92);
|
||||||
let code = gen_token(48);
|
let code = gen_token(48);
|
||||||
|
|
||||||
match col.insert_one(
|
let email_verification = match *USE_EMAIL {
|
||||||
doc! {
|
true => doc! {
|
||||||
"_id": Ulid::new().to_string(),
|
|
||||||
"email": info.email.clone(),
|
|
||||||
"username": info.username.clone(),
|
|
||||||
"display_name": info.username.clone(),
|
|
||||||
"password": hashed,
|
|
||||||
"access_token": access_token,
|
|
||||||
"email_verification": {
|
|
||||||
"verified": false,
|
"verified": false,
|
||||||
"target": info.email.clone(),
|
"target": info.email.clone(),
|
||||||
"expiry": Bson::DateTime(Utc::now() + chrono::Duration::days(1)),
|
"expiry": Bson::DateTime(Utc::now() + chrono::Duration::days(1)),
|
||||||
"rate_limit": Bson::DateTime(Utc::now() + chrono::Duration::minutes(1)),
|
"rate_limit": Bson::DateTime(Utc::now() + chrono::Duration::minutes(1)),
|
||||||
"code": code.clone(),
|
"code": code.clone(),
|
||||||
|
},
|
||||||
|
false => doc! {
|
||||||
|
"verified": true
|
||||||
}
|
}
|
||||||
|
};
|
||||||
|
|
||||||
|
let id = Ulid::new().to_string();
|
||||||
|
match col.insert_one(
|
||||||
|
doc! {
|
||||||
|
"_id": &id,
|
||||||
|
"email": info.email.clone(),
|
||||||
|
"username": info.username.clone(),
|
||||||
|
"display_name": info.username.clone(),
|
||||||
|
"password": hashed,
|
||||||
|
"access_token": &access_token,
|
||||||
|
"email_verification": email_verification
|
||||||
},
|
},
|
||||||
None,
|
None,
|
||||||
) {
|
) {
|
||||||
Ok(_) => {
|
Ok(_) => {
|
||||||
|
if *USE_EMAIL {
|
||||||
let sent = email::send_verification_email(info.email.clone(), code);
|
let sent = email::send_verification_email(info.email.clone(), code);
|
||||||
|
|
||||||
Response::Success(json!({
|
Response::Success(json!({
|
||||||
"email_sent": sent,
|
"email_sent": sent,
|
||||||
}))
|
}))
|
||||||
|
} else {
|
||||||
|
Response::Success(json!({
|
||||||
|
"id": id,
|
||||||
|
"access_token": access_token
|
||||||
|
}))
|
||||||
|
}
|
||||||
}
|
}
|
||||||
Err(_) => {
|
Err(_) => {
|
||||||
Response::InternalServerError(json!({ "error": "Failed to create account." }))
|
Response::InternalServerError(json!({ "error": "Failed to create account." }))
|
||||||
@@ -147,9 +163,11 @@ pub fn verify_email(code: String) -> Response {
|
|||||||
)
|
)
|
||||||
.expect("Failed to update user!");
|
.expect("Failed to update user!");
|
||||||
|
|
||||||
|
if *USE_EMAIL {
|
||||||
if let Err(err) = email::send_welcome_email(target.to_string(), user.username) {
|
if let Err(err) = email::send_welcome_email(target.to_string(), user.username) {
|
||||||
error!("Failed to send welcome email! {}", err);
|
error!("Failed to send welcome email! {}", err);
|
||||||
}
|
}
|
||||||
|
}
|
||||||
|
|
||||||
Response::Redirect(super::Redirect::to("https://app.revolt.chat"))
|
Response::Redirect(super::Redirect::to("https://app.revolt.chat"))
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -1,5 +1,5 @@
|
|||||||
use super::Response;
|
use super::Response;
|
||||||
use crate::util::variables::{USE_EMAIL_VERIFICATION, USE_HCAPTCHA};
|
use crate::util::variables::{USE_EMAIL, DISABLE_REGISTRATION, USE_HCAPTCHA};
|
||||||
|
|
||||||
use mongodb::bson::doc;
|
use mongodb::bson::doc;
|
||||||
|
|
||||||
@@ -7,15 +7,16 @@ use mongodb::bson::doc;
|
|||||||
#[get("/")]
|
#[get("/")]
|
||||||
pub fn root() -> Response {
|
pub fn root() -> Response {
|
||||||
Response::Success(json!({
|
Response::Success(json!({
|
||||||
"revolt": "0.2.9",
|
"revolt": "0.2.10",
|
||||||
"version": {
|
"version": {
|
||||||
"major": 0,
|
"major": 0,
|
||||||
"minor": 2,
|
"minor": 2,
|
||||||
"patch": 9
|
"patch": 10
|
||||||
},
|
},
|
||||||
"features": {
|
"features": {
|
||||||
"email_verification": USE_EMAIL_VERIFICATION.clone(),
|
"registration": !*DISABLE_REGISTRATION,
|
||||||
"captcha": USE_HCAPTCHA.clone(),
|
"captcha": *USE_HCAPTCHA,
|
||||||
|
"email": *USE_EMAIL,
|
||||||
}
|
}
|
||||||
}))
|
}))
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -1,7 +1,8 @@
|
|||||||
|
use crate::util::variables::{HCAPTCHA_KEY, USE_HCAPTCHA};
|
||||||
|
|
||||||
use reqwest::blocking::Client;
|
use reqwest::blocking::Client;
|
||||||
use serde::{Deserialize, Serialize};
|
use serde::{Deserialize, Serialize};
|
||||||
use std::collections::HashMap;
|
use std::collections::HashMap;
|
||||||
use std::env;
|
|
||||||
|
|
||||||
#[derive(Serialize, Deserialize)]
|
#[derive(Serialize, Deserialize)]
|
||||||
struct CaptchaResponse {
|
struct CaptchaResponse {
|
||||||
@@ -9,10 +10,10 @@ struct CaptchaResponse {
|
|||||||
}
|
}
|
||||||
|
|
||||||
pub fn verify(user_token: &Option<String>) -> Result<(), String> {
|
pub fn verify(user_token: &Option<String>) -> Result<(), String> {
|
||||||
if let Ok(key) = env::var("HCAPTCHA_KEY") {
|
if *USE_HCAPTCHA {
|
||||||
if let Some(token) = user_token {
|
if let Some(token) = user_token {
|
||||||
let mut map = HashMap::new();
|
let mut map = HashMap::new();
|
||||||
map.insert("secret", key);
|
map.insert("secret", HCAPTCHA_KEY.to_string());
|
||||||
map.insert("response", token.to_string());
|
map.insert("response", token.to_string());
|
||||||
|
|
||||||
let client = Client::new();
|
let client = Client::new();
|
||||||
|
|||||||
@@ -1,11 +1,16 @@
|
|||||||
|
use log::warn;
|
||||||
use std::env;
|
use std::env;
|
||||||
|
|
||||||
lazy_static! {
|
lazy_static! {
|
||||||
|
// General Configuration
|
||||||
pub static ref MONGO_URI: String =
|
pub static ref MONGO_URI: String =
|
||||||
env::var("REVOLT_MONGO_URI").expect("Missing REVOLT_MONGO_URI environment variable.");
|
env::var("REVOLT_MONGO_URI").expect("Missing REVOLT_MONGO_URI environment variable.");
|
||||||
pub static ref PUBLIC_URL: String =
|
pub static ref PUBLIC_URL: String =
|
||||||
env::var("REVOLT_PUBLIC_URL").expect("Missing REVOLT_PUBLIC_URL environment variable.");
|
env::var("REVOLT_PUBLIC_URL").expect("Missing REVOLT_PUBLIC_URL environment variable.");
|
||||||
pub static ref USE_EMAIL_VERIFICATION: bool = env::var("REVOLT_USE_EMAIL_VERIFICATION").map_or(
|
|
||||||
|
// Application Flags
|
||||||
|
pub static ref DISABLE_REGISTRATION: bool = env::var("REVOLT_DISABLE_REGISTRATION").map_or(false, |v| v == "*1");
|
||||||
|
pub static ref USE_EMAIL: bool = env::var("REVOLT_USE_EMAIL_VERIFICATION").map_or(
|
||||||
env::var("REVOLT_SMTP_HOST").is_ok()
|
env::var("REVOLT_SMTP_HOST").is_ok()
|
||||||
&& env::var("REVOLT_SMTP_USERNAME").is_ok()
|
&& env::var("REVOLT_SMTP_USERNAME").is_ok()
|
||||||
&& env::var("REVOLT_SMTP_PASSWORD").is_ok()
|
&& env::var("REVOLT_SMTP_PASSWORD").is_ok()
|
||||||
@@ -13,6 +18,8 @@ lazy_static! {
|
|||||||
|v| v == *"1"
|
|v| v == *"1"
|
||||||
);
|
);
|
||||||
pub static ref USE_HCAPTCHA: bool = env::var("REVOLT_HCAPTCHA_KEY").is_ok();
|
pub static ref USE_HCAPTCHA: bool = env::var("REVOLT_HCAPTCHA_KEY").is_ok();
|
||||||
|
|
||||||
|
// SMTP Settings
|
||||||
pub static ref SMTP_HOST: String =
|
pub static ref SMTP_HOST: String =
|
||||||
env::var("REVOLT_SMTP_HOST").unwrap_or_else(|_| "".to_string());
|
env::var("REVOLT_SMTP_HOST").unwrap_or_else(|_| "".to_string());
|
||||||
pub static ref SMTP_USERNAME: String =
|
pub static ref SMTP_USERNAME: String =
|
||||||
@@ -20,8 +27,40 @@ lazy_static! {
|
|||||||
pub static ref SMTP_PASSWORD: String =
|
pub static ref SMTP_PASSWORD: String =
|
||||||
env::var("SMTP_PASSWORD").unwrap_or_else(|_| "".to_string());
|
env::var("SMTP_PASSWORD").unwrap_or_else(|_| "".to_string());
|
||||||
pub static ref SMTP_FROM: String = env::var("SMTP_FROM").unwrap_or_else(|_| "".to_string());
|
pub static ref SMTP_FROM: String = env::var("SMTP_FROM").unwrap_or_else(|_| "".to_string());
|
||||||
|
|
||||||
|
// Application Settings
|
||||||
pub static ref HCAPTCHA_KEY: String =
|
pub static ref HCAPTCHA_KEY: String =
|
||||||
env::var("REVOLT_HCAPTCHA_KEY").unwrap_or_else(|_| "".to_string());
|
env::var("REVOLT_HCAPTCHA_KEY").unwrap_or_else(|_| "".to_string());
|
||||||
pub static ref WS_HOST: String =
|
pub static ref WS_HOST: String =
|
||||||
env::var("REVOLT_WS_HOST").unwrap_or_else(|_| "0.0.0.0:9999".to_string());
|
env::var("REVOLT_WS_HOST").unwrap_or_else(|_| "0.0.0.0:9999".to_string());
|
||||||
}
|
}
|
||||||
|
|
||||||
|
pub fn preflight_checks() {
|
||||||
|
if *USE_EMAIL == false {
|
||||||
|
#[cfg(not(debug_assertions))]
|
||||||
|
{
|
||||||
|
if !env::var("REVOLT_UNSAFE_NO_EMAIL")
|
||||||
|
.map_or(false, |v| v == *"1") {
|
||||||
|
panic!(
|
||||||
|
"Not letting you run this in production, set REVOLT_UNSAFE_NO_EMAIL=1 to run."
|
||||||
|
);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
#[cfg(debug_assertions)]
|
||||||
|
warn!("No SMTP settings specified! Remember to configure email.");
|
||||||
|
}
|
||||||
|
|
||||||
|
if *USE_HCAPTCHA == false {
|
||||||
|
#[cfg(not(debug_assertions))]
|
||||||
|
{
|
||||||
|
if !env::var("REVOLT_UNSAFE_NO_CAPTCHA")
|
||||||
|
.map_or(false, |v| v == *"1") {
|
||||||
|
panic!("Not letting you run this in production, set REVOLT_UNSAFE_NO_CAPTCHA=1 to run.");
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
#[cfg(debug_assertions)]
|
||||||
|
warn!("No Captcha key specified! Remember to add hCaptcha key.");
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|||||||
Reference in New Issue
Block a user