mirror of
https://github.com/stoatchat/stoatchat.git
synced 2026-07-06 19:25:59 +00:00
Compare commits
6 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
|
|
81111c5937 | ||
|
|
49044d7796 | ||
|
|
f44180a980 | ||
|
|
8ee867eec7 | ||
|
|
dde4224deb | ||
|
|
088490dfc3 |
2
Cargo.lock
generated
2
Cargo.lock
generated
@@ -1907,7 +1907,7 @@ dependencies = [
|
||||
|
||||
[[package]]
|
||||
name = "revolt"
|
||||
version = "0.2.8"
|
||||
version = "0.2.9"
|
||||
dependencies = [
|
||||
"bcrypt",
|
||||
"bitfield",
|
||||
|
||||
@@ -1,6 +1,6 @@
|
||||
[package]
|
||||
name = "revolt"
|
||||
version = "0.2.8"
|
||||
version = "0.2.9"
|
||||
authors = ["Paul Makles <paulmakles@gmail.com>"]
|
||||
edition = "2018"
|
||||
|
||||
|
||||
@@ -1,12 +1,12 @@
|
||||
use super::get_collection;
|
||||
|
||||
use lru::LruCache;
|
||||
use std::sync::{Arc, Mutex};
|
||||
use mongodb::bson::{doc, from_bson, Bson};
|
||||
use rocket::http::RawStr;
|
||||
use rocket::request::FromParam;
|
||||
use rocket_contrib::json::JsonValue;
|
||||
use serde::{Deserialize, Serialize};
|
||||
use std::sync::{Arc, Mutex};
|
||||
|
||||
#[derive(Serialize, Deserialize, Debug, Clone)]
|
||||
pub struct LastMessage {
|
||||
|
||||
@@ -1,4 +1,5 @@
|
||||
use super::get_collection;
|
||||
use super::channel::fetch_channels;
|
||||
|
||||
use lru::LruCache;
|
||||
use mongodb::bson::{doc, from_bson, Bson};
|
||||
@@ -164,6 +165,31 @@ pub fn fetch_guilds(ids: &Vec<String>) -> Result<Vec<Guild>, String> {
|
||||
}
|
||||
}
|
||||
|
||||
pub fn serialise_guilds_with_channels(ids: &Vec<String>) -> Result<Vec<JsonValue>, String> {
|
||||
let guilds = fetch_guilds(&ids)?;
|
||||
let cids: Vec<String> = guilds
|
||||
.iter()
|
||||
.flat_map(|x| x.channels.clone())
|
||||
.collect();
|
||||
|
||||
let channels = fetch_channels(&cids)?;
|
||||
Ok(guilds
|
||||
.into_iter()
|
||||
.map(|x| {
|
||||
let id = x.id.clone();
|
||||
let mut obj = x.serialise();
|
||||
obj.as_object_mut().unwrap().insert(
|
||||
"channels".to_string(),
|
||||
channels.iter()
|
||||
.filter(|x| x.guild.is_some() && x.guild.as_ref().unwrap() == &id)
|
||||
.map(|x| x.clone().serialise())
|
||||
.collect()
|
||||
);
|
||||
obj
|
||||
})
|
||||
.collect())
|
||||
}
|
||||
|
||||
pub fn fetch_member(key: MemberKey) -> Result<Option<Member>, String> {
|
||||
{
|
||||
if let Ok(mut cache) = MEMBER_CACHE.lock() {
|
||||
|
||||
@@ -1,6 +1,6 @@
|
||||
use super::get_collection;
|
||||
use super::guild::{Guild, fetch_guilds};
|
||||
use super::channel::{Channel, fetch_channels};
|
||||
use super::guild::{serialise_guilds_with_channels};
|
||||
use super::channel::{fetch_channels};
|
||||
|
||||
use lru::LruCache;
|
||||
use mongodb::bson::{doc, from_bson, Bson, DateTime};
|
||||
@@ -136,15 +136,10 @@ impl User {
|
||||
.map(|x| x.serialise())
|
||||
.collect();
|
||||
|
||||
let guilds: Vec<JsonValue> = fetch_guilds(&self.find_guilds()?)?
|
||||
.into_iter()
|
||||
.map(|x| x.serialise())
|
||||
.collect();
|
||||
|
||||
Ok(json!({
|
||||
"users": users,
|
||||
"channels": channels,
|
||||
"guilds": guilds,
|
||||
"guilds": serialise_guilds_with_channels(&self.find_guilds()?)?,
|
||||
"user": self.serialise(super::Relationship::SELF as i32)
|
||||
}))
|
||||
}
|
||||
|
||||
@@ -2,6 +2,7 @@ use super::Response;
|
||||
use crate::database;
|
||||
use crate::email;
|
||||
use crate::util::gen_token;
|
||||
use crate::util::captcha;
|
||||
|
||||
use bcrypt::{hash, verify};
|
||||
use chrono::prelude::*;
|
||||
@@ -17,6 +18,7 @@ pub struct Create {
|
||||
username: String,
|
||||
password: String,
|
||||
email: String,
|
||||
captcha: Option<String>,
|
||||
}
|
||||
|
||||
/// create a new Revolt account
|
||||
@@ -28,6 +30,18 @@ pub struct Create {
|
||||
/// (3) add user and send email verification
|
||||
#[post("/create", data = "<info>")]
|
||||
pub fn create(info: Json<Create>) -> Response {
|
||||
if let Err(error) = captcha::verify(&info.captcha) {
|
||||
return Response::BadRequest(
|
||||
json!({ "error": error })
|
||||
);
|
||||
}
|
||||
|
||||
if true {
|
||||
return Response::BadRequest(
|
||||
json!({ "error": "Registration disabled." })
|
||||
);
|
||||
}
|
||||
|
||||
let col = database::get_collection("users");
|
||||
|
||||
if info.username.len() < 2 || info.username.len() > 32 {
|
||||
@@ -150,6 +164,7 @@ pub fn verify_email(code: String) -> Response {
|
||||
#[derive(Serialize, Deserialize)]
|
||||
pub struct Resend {
|
||||
email: String,
|
||||
captcha: Option<String>,
|
||||
}
|
||||
|
||||
/// resend a verification email
|
||||
@@ -158,6 +173,12 @@ pub struct Resend {
|
||||
/// (3) resend the email
|
||||
#[post("/resend", data = "<info>")]
|
||||
pub fn resend_email(info: Json<Resend>) -> Response {
|
||||
if let Err(error) = captcha::verify(&info.captcha) {
|
||||
return Response::BadRequest(
|
||||
json!({ "error": error })
|
||||
);
|
||||
}
|
||||
|
||||
let col = database::get_collection("users");
|
||||
|
||||
if let Some(u) = col
|
||||
@@ -218,6 +239,7 @@ pub fn resend_email(info: Json<Resend>) -> Response {
|
||||
pub struct Login {
|
||||
email: String,
|
||||
password: String,
|
||||
captcha: Option<String>,
|
||||
}
|
||||
|
||||
/// login to a Revolt account
|
||||
@@ -226,6 +248,12 @@ pub struct Login {
|
||||
/// (3) return access token
|
||||
#[post("/login", data = "<info>")]
|
||||
pub fn login(info: Json<Login>) -> Response {
|
||||
if let Err(error) = captcha::verify(&info.captcha) {
|
||||
return Response::BadRequest(
|
||||
json!({ "error": error })
|
||||
);
|
||||
}
|
||||
|
||||
let col = database::get_collection("users");
|
||||
|
||||
if let Some(u) = col
|
||||
|
||||
@@ -2,7 +2,7 @@ use super::channel::ChannelType;
|
||||
use super::Response;
|
||||
use crate::database::guild::{fetch_member as get_member, get_invite, Guild, MemberKey};
|
||||
use crate::database::{
|
||||
self, channel::fetch_channel, guild::fetch_guilds, channel::Channel, Permission, PermissionCalculator, user::User
|
||||
self, channel::fetch_channel, guild::serialise_guilds_with_channels, channel::Channel, Permission, PermissionCalculator, user::User
|
||||
};
|
||||
use crate::notifications::{
|
||||
self,
|
||||
@@ -37,33 +37,8 @@ macro_rules! with_permissions {
|
||||
#[get("/@me")]
|
||||
pub fn my_guilds(user: User) -> Response {
|
||||
if let Ok(gids) = user.find_guilds() {
|
||||
if let Ok(guilds) = fetch_guilds(&gids) {
|
||||
let cids: Vec<String> = guilds
|
||||
.iter()
|
||||
.flat_map(|x| x.channels.clone())
|
||||
.collect();
|
||||
|
||||
if let Ok(channels) = database::channel::fetch_channels(&cids) {
|
||||
let data: Vec<rocket_contrib::json::JsonValue> = guilds
|
||||
.into_iter()
|
||||
.map(|x| {
|
||||
let id = x.id.clone();
|
||||
let mut obj = x.serialise();
|
||||
obj.as_object_mut().unwrap().insert(
|
||||
"channels".to_string(),
|
||||
channels.iter()
|
||||
.filter(|x| x.guild.is_some() && x.guild.as_ref().unwrap() == &id)
|
||||
.map(|x| x.clone().serialise())
|
||||
.collect()
|
||||
);
|
||||
obj
|
||||
})
|
||||
.collect();
|
||||
|
||||
Response::Success(json!(data))
|
||||
} else {
|
||||
Response::InternalServerError(json!({ "error": "Failed to fetch channels." }))
|
||||
}
|
||||
if let Ok(data) = serialise_guilds_with_channels(&gids) {
|
||||
Response::Success(json!(data))
|
||||
} else {
|
||||
Response::InternalServerError(json!({ "error": "Failed to fetch guilds." }))
|
||||
}
|
||||
@@ -562,6 +537,7 @@ pub fn create_guild(user: User, info: Json<CreateGuild>) -> Response {
|
||||
"name": name,
|
||||
"description": description,
|
||||
"owner": &user.id,
|
||||
"channels": [ channel_id.clone() ],
|
||||
"invites": [],
|
||||
"bans": [],
|
||||
"default_permissions": 51,
|
||||
|
||||
@@ -1,16 +1,20 @@
|
||||
use super::Response;
|
||||
|
||||
use mongodb::bson::doc;
|
||||
use std::env;
|
||||
|
||||
/// root
|
||||
#[get("/")]
|
||||
pub fn root() -> Response {
|
||||
Response::Success(json!({
|
||||
"revolt": "0.2.8",
|
||||
"revolt": "0.2.9",
|
||||
"version": {
|
||||
"major": 0,
|
||||
"minor": 2,
|
||||
"patch": 8
|
||||
"patch": 9
|
||||
},
|
||||
"features": {
|
||||
"captcha": env::var("HCAPTCHA_KEY").is_ok()
|
||||
}
|
||||
}))
|
||||
}
|
||||
|
||||
42
src/util/captcha.rs
Normal file
42
src/util/captcha.rs
Normal file
@@ -0,0 +1,42 @@
|
||||
use serde::{Serialize, Deserialize};
|
||||
use reqwest::blocking::Client;
|
||||
use std::collections::HashMap;
|
||||
use std::env;
|
||||
|
||||
#[derive(Serialize, Deserialize)]
|
||||
struct CaptchaResponse {
|
||||
success: bool
|
||||
}
|
||||
|
||||
pub fn verify(user_token: &Option<String>) -> Result<(), String> {
|
||||
if let Ok(key) = env::var("HCAPTCHA_KEY") {
|
||||
if let Some(token) = user_token {
|
||||
let mut map = HashMap::new();
|
||||
map.insert("secret", key);
|
||||
map.insert("response", token.to_string());
|
||||
|
||||
let client = Client::new();
|
||||
if let Ok(response) = client
|
||||
.post("https://hcaptcha.com/siteverify")
|
||||
.form(&map)
|
||||
.send()
|
||||
{
|
||||
let result: CaptchaResponse = response
|
||||
.json()
|
||||
.map_err(|_| "Failed to deserialise captcha result.".to_string())?;
|
||||
|
||||
if result.success {
|
||||
Ok(())
|
||||
} else {
|
||||
Err("Unsuccessful captcha verification".to_string())
|
||||
}
|
||||
} else {
|
||||
Err("Failed to verify with hCaptcha".to_string())
|
||||
}
|
||||
} else {
|
||||
Err("Missing hCaptcha token!".to_string())
|
||||
}
|
||||
} else {
|
||||
Ok(())
|
||||
}
|
||||
}
|
||||
@@ -2,6 +2,8 @@ use hashbrown::HashSet;
|
||||
use rand::{distributions::Alphanumeric, Rng};
|
||||
use std::iter::FromIterator;
|
||||
|
||||
pub mod captcha;
|
||||
|
||||
pub fn vec_to_set<T: Clone + Eq + std::hash::Hash>(data: &[T]) -> HashSet<T> {
|
||||
HashSet::from_iter(data.iter().cloned())
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user