Compare commits

...

6 Commits
0.2.8 ... 0.2.9

Author SHA1 Message Date
Paul Makles
81111c5937 Fix guild creation, disable registration. 2020-08-25 08:50:25 +01:00
Paul Makles
49044d7796 Fix hCaptcha verification. 2020-08-13 13:56:54 +02:00
Paul Makles
f44180a980 Add hCaptcha support. 2020-08-13 13:06:06 +02:00
Paul Makles
8ee867eec7 Fix errors. 2020-08-12 16:17:58 +02:00
Paul Makles
dde4224deb Attach channels on guild object. 2020-08-12 16:13:42 +02:00
Paul Makles
088490dfc3 Include guild channels in payload. 2020-08-12 16:07:10 +02:00
10 changed files with 114 additions and 41 deletions

2
Cargo.lock generated
View File

@@ -1907,7 +1907,7 @@ dependencies = [
[[package]]
name = "revolt"
version = "0.2.8"
version = "0.2.9"
dependencies = [
"bcrypt",
"bitfield",

View File

@@ -1,6 +1,6 @@
[package]
name = "revolt"
version = "0.2.8"
version = "0.2.9"
authors = ["Paul Makles <paulmakles@gmail.com>"]
edition = "2018"

View File

@@ -1,12 +1,12 @@
use super::get_collection;
use lru::LruCache;
use std::sync::{Arc, Mutex};
use mongodb::bson::{doc, from_bson, Bson};
use rocket::http::RawStr;
use rocket::request::FromParam;
use rocket_contrib::json::JsonValue;
use serde::{Deserialize, Serialize};
use std::sync::{Arc, Mutex};
#[derive(Serialize, Deserialize, Debug, Clone)]
pub struct LastMessage {

View File

@@ -1,4 +1,5 @@
use super::get_collection;
use super::channel::fetch_channels;
use lru::LruCache;
use mongodb::bson::{doc, from_bson, Bson};
@@ -164,6 +165,31 @@ pub fn fetch_guilds(ids: &Vec<String>) -> Result<Vec<Guild>, String> {
}
}
pub fn serialise_guilds_with_channels(ids: &Vec<String>) -> Result<Vec<JsonValue>, String> {
let guilds = fetch_guilds(&ids)?;
let cids: Vec<String> = guilds
.iter()
.flat_map(|x| x.channels.clone())
.collect();
let channels = fetch_channels(&cids)?;
Ok(guilds
.into_iter()
.map(|x| {
let id = x.id.clone();
let mut obj = x.serialise();
obj.as_object_mut().unwrap().insert(
"channels".to_string(),
channels.iter()
.filter(|x| x.guild.is_some() && x.guild.as_ref().unwrap() == &id)
.map(|x| x.clone().serialise())
.collect()
);
obj
})
.collect())
}
pub fn fetch_member(key: MemberKey) -> Result<Option<Member>, String> {
{
if let Ok(mut cache) = MEMBER_CACHE.lock() {

View File

@@ -1,6 +1,6 @@
use super::get_collection;
use super::guild::{Guild, fetch_guilds};
use super::channel::{Channel, fetch_channels};
use super::guild::{serialise_guilds_with_channels};
use super::channel::{fetch_channels};
use lru::LruCache;
use mongodb::bson::{doc, from_bson, Bson, DateTime};
@@ -136,15 +136,10 @@ impl User {
.map(|x| x.serialise())
.collect();
let guilds: Vec<JsonValue> = fetch_guilds(&self.find_guilds()?)?
.into_iter()
.map(|x| x.serialise())
.collect();
Ok(json!({
"users": users,
"channels": channels,
"guilds": guilds,
"guilds": serialise_guilds_with_channels(&self.find_guilds()?)?,
"user": self.serialise(super::Relationship::SELF as i32)
}))
}

View File

@@ -2,6 +2,7 @@ use super::Response;
use crate::database;
use crate::email;
use crate::util::gen_token;
use crate::util::captcha;
use bcrypt::{hash, verify};
use chrono::prelude::*;
@@ -17,6 +18,7 @@ pub struct Create {
username: String,
password: String,
email: String,
captcha: Option<String>,
}
/// create a new Revolt account
@@ -28,6 +30,18 @@ pub struct Create {
/// (3) add user and send email verification
#[post("/create", data = "<info>")]
pub fn create(info: Json<Create>) -> Response {
if let Err(error) = captcha::verify(&info.captcha) {
return Response::BadRequest(
json!({ "error": error })
);
}
if true {
return Response::BadRequest(
json!({ "error": "Registration disabled." })
);
}
let col = database::get_collection("users");
if info.username.len() < 2 || info.username.len() > 32 {
@@ -150,6 +164,7 @@ pub fn verify_email(code: String) -> Response {
#[derive(Serialize, Deserialize)]
pub struct Resend {
email: String,
captcha: Option<String>,
}
/// resend a verification email
@@ -158,6 +173,12 @@ pub struct Resend {
/// (3) resend the email
#[post("/resend", data = "<info>")]
pub fn resend_email(info: Json<Resend>) -> Response {
if let Err(error) = captcha::verify(&info.captcha) {
return Response::BadRequest(
json!({ "error": error })
);
}
let col = database::get_collection("users");
if let Some(u) = col
@@ -218,6 +239,7 @@ pub fn resend_email(info: Json<Resend>) -> Response {
pub struct Login {
email: String,
password: String,
captcha: Option<String>,
}
/// login to a Revolt account
@@ -226,6 +248,12 @@ pub struct Login {
/// (3) return access token
#[post("/login", data = "<info>")]
pub fn login(info: Json<Login>) -> Response {
if let Err(error) = captcha::verify(&info.captcha) {
return Response::BadRequest(
json!({ "error": error })
);
}
let col = database::get_collection("users");
if let Some(u) = col

View File

@@ -2,7 +2,7 @@ use super::channel::ChannelType;
use super::Response;
use crate::database::guild::{fetch_member as get_member, get_invite, Guild, MemberKey};
use crate::database::{
self, channel::fetch_channel, guild::fetch_guilds, channel::Channel, Permission, PermissionCalculator, user::User
self, channel::fetch_channel, guild::serialise_guilds_with_channels, channel::Channel, Permission, PermissionCalculator, user::User
};
use crate::notifications::{
self,
@@ -37,33 +37,8 @@ macro_rules! with_permissions {
#[get("/@me")]
pub fn my_guilds(user: User) -> Response {
if let Ok(gids) = user.find_guilds() {
if let Ok(guilds) = fetch_guilds(&gids) {
let cids: Vec<String> = guilds
.iter()
.flat_map(|x| x.channels.clone())
.collect();
if let Ok(channels) = database::channel::fetch_channels(&cids) {
let data: Vec<rocket_contrib::json::JsonValue> = guilds
.into_iter()
.map(|x| {
let id = x.id.clone();
let mut obj = x.serialise();
obj.as_object_mut().unwrap().insert(
"channels".to_string(),
channels.iter()
.filter(|x| x.guild.is_some() && x.guild.as_ref().unwrap() == &id)
.map(|x| x.clone().serialise())
.collect()
);
obj
})
.collect();
Response::Success(json!(data))
} else {
Response::InternalServerError(json!({ "error": "Failed to fetch channels." }))
}
if let Ok(data) = serialise_guilds_with_channels(&gids) {
Response::Success(json!(data))
} else {
Response::InternalServerError(json!({ "error": "Failed to fetch guilds." }))
}
@@ -562,6 +537,7 @@ pub fn create_guild(user: User, info: Json<CreateGuild>) -> Response {
"name": name,
"description": description,
"owner": &user.id,
"channels": [ channel_id.clone() ],
"invites": [],
"bans": [],
"default_permissions": 51,

View File

@@ -1,16 +1,20 @@
use super::Response;
use mongodb::bson::doc;
use std::env;
/// root
#[get("/")]
pub fn root() -> Response {
Response::Success(json!({
"revolt": "0.2.8",
"revolt": "0.2.9",
"version": {
"major": 0,
"minor": 2,
"patch": 8
"patch": 9
},
"features": {
"captcha": env::var("HCAPTCHA_KEY").is_ok()
}
}))
}

42
src/util/captcha.rs Normal file
View File

@@ -0,0 +1,42 @@
use serde::{Serialize, Deserialize};
use reqwest::blocking::Client;
use std::collections::HashMap;
use std::env;
#[derive(Serialize, Deserialize)]
struct CaptchaResponse {
success: bool
}
pub fn verify(user_token: &Option<String>) -> Result<(), String> {
if let Ok(key) = env::var("HCAPTCHA_KEY") {
if let Some(token) = user_token {
let mut map = HashMap::new();
map.insert("secret", key);
map.insert("response", token.to_string());
let client = Client::new();
if let Ok(response) = client
.post("https://hcaptcha.com/siteverify")
.form(&map)
.send()
{
let result: CaptchaResponse = response
.json()
.map_err(|_| "Failed to deserialise captcha result.".to_string())?;
if result.success {
Ok(())
} else {
Err("Unsuccessful captcha verification".to_string())
}
} else {
Err("Failed to verify with hCaptcha".to_string())
}
} else {
Err("Missing hCaptcha token!".to_string())
}
} else {
Ok(())
}
}

View File

@@ -2,6 +2,8 @@ use hashbrown::HashSet;
use rand::{distributions::Alphanumeric, Rng};
use std::iter::FromIterator;
pub mod captcha;
pub fn vec_to_set<T: Clone + Eq + std::hash::Hash>(data: &[T]) -> HashSet<T> {
HashSet::from_iter(data.iter().cloned())
}