2018-12-18 00:53:21 +00:00
|
|
|
mod admin;
|
2020-05-03 15:24:51 +00:00
|
|
|
pub mod core;
|
2018-02-10 00:00:55 +00:00
|
|
|
mod icons;
|
|
|
|
mod identity;
|
2018-08-24 17:02:34 +00:00
|
|
|
mod notifications;
|
2023-06-11 11:28:18 +00:00
|
|
|
mod push;
|
2018-12-30 22:34:31 +00:00
|
|
|
mod web;
|
2018-02-10 00:00:55 +00:00
|
|
|
|
2021-11-07 17:53:39 +00:00
|
|
|
use rocket::serde::json::Json;
|
2018-10-10 18:40:39 +00:00
|
|
|
use serde_json::Value;
|
2018-02-17 19:47:13 +00:00
|
|
|
|
2020-07-14 16:00:09 +00:00
|
|
|
pub use crate::api::{
|
2022-11-26 23:00:01 +00:00
|
|
|
admin::catchers as admin_catchers,
|
2020-07-14 16:00:09 +00:00
|
|
|
admin::routes as admin_routes,
|
2022-09-25 08:55:55 +00:00
|
|
|
core::catchers as core_catchers,
|
2023-08-04 19:12:23 +00:00
|
|
|
core::purge_auth_requests,
|
2021-04-03 03:16:49 +00:00
|
|
|
core::purge_sends,
|
2021-04-03 03:52:15 +00:00
|
|
|
core::purge_trashed_ciphers,
|
2020-07-14 16:00:09 +00:00
|
|
|
core::routes as core_routes,
|
2021-10-25 08:36:05 +00:00
|
|
|
core::two_factor::send_incomplete_2fa_notifications,
|
2021-03-24 19:15:55 +00:00
|
|
|
core::{emergency_notification_reminder_job, emergency_request_timeout_job},
|
2022-11-20 18:15:45 +00:00
|
|
|
core::{event_cleanup_job, events_routes as core_events_routes},
|
2024-04-27 18:25:34 +00:00
|
|
|
icons::{is_domain_blacklisted, routes as icons_routes},
|
2020-07-14 16:00:09 +00:00
|
|
|
identity::routes as identity_routes,
|
|
|
|
notifications::routes as notifications_routes,
|
2024-03-17 18:52:55 +00:00
|
|
|
notifications::{AnonymousNotify, Notify, UpdateType, WS_ANONYMOUS_SUBSCRIPTIONS, WS_USERS},
|
2023-06-11 11:28:18 +00:00
|
|
|
push::{
|
|
|
|
push_cipher_update, push_folder_update, push_logout, push_send_update, push_user_update, register_push_device,
|
|
|
|
unregister_push_device,
|
|
|
|
},
|
2022-09-25 02:02:16 +00:00
|
|
|
web::catchers as web_catchers,
|
2020-07-14 16:00:09 +00:00
|
|
|
web::routes as web_routes,
|
2022-10-06 09:59:47 +00:00
|
|
|
web::static_files,
|
2020-07-14 16:00:09 +00:00
|
|
|
};
|
2023-11-12 21:15:44 +00:00
|
|
|
use crate::db::{models::User, DbConn};
|
2020-07-14 16:00:09 +00:00
|
|
|
use crate::util;
|
|
|
|
|
2018-02-22 23:38:54 +00:00
|
|
|
// Type aliases for API methods results
|
2018-12-19 20:52:53 +00:00
|
|
|
type ApiResult<T> = Result<T, crate::error::Error>;
|
|
|
|
pub type JsonResult = ApiResult<Json<Value>>;
|
|
|
|
pub type EmptyResult = ApiResult<()>;
|
2018-02-22 23:38:54 +00:00
|
|
|
|
2018-05-31 22:18:50 +00:00
|
|
|
type JsonUpcase<T> = Json<util::UpCase<T>>;
|
2019-01-25 16:43:51 +00:00
|
|
|
type JsonUpcaseVec<T> = Json<Vec<util::UpCase<T>>>;
|
2022-10-20 13:31:53 +00:00
|
|
|
type JsonVec<T> = Json<Vec<T>>;
|
2018-05-31 22:18:50 +00:00
|
|
|
|
2018-02-22 23:38:54 +00:00
|
|
|
// Common structs representing JSON data received
|
|
|
|
#[derive(Deserialize)]
|
|
|
|
#[allow(non_snake_case)]
|
2023-11-12 21:15:44 +00:00
|
|
|
struct PasswordOrOtpData {
|
|
|
|
MasterPasswordHash: Option<String>,
|
|
|
|
Otp: Option<String>,
|
|
|
|
}
|
|
|
|
|
|
|
|
impl PasswordOrOtpData {
|
|
|
|
/// Tokens used via this struct can be used multiple times during the process
|
|
|
|
/// First for the validation to continue, after that to enable or validate the following actions
|
|
|
|
/// This is different per caller, so it can be adjusted to delete the token or not
|
|
|
|
pub async fn validate(&self, user: &User, delete_if_valid: bool, conn: &mut DbConn) -> EmptyResult {
|
|
|
|
use crate::api::core::two_factor::protected_actions::validate_protected_action_otp;
|
|
|
|
|
|
|
|
match (self.MasterPasswordHash.as_deref(), self.Otp.as_deref()) {
|
|
|
|
(Some(pw_hash), None) => {
|
|
|
|
if !user.check_valid_password(pw_hash) {
|
|
|
|
err!("Invalid password");
|
|
|
|
}
|
|
|
|
}
|
|
|
|
(None, Some(otp)) => {
|
|
|
|
validate_protected_action_otp(otp, &user.uuid, delete_if_valid, conn).await?;
|
|
|
|
}
|
|
|
|
_ => err!("No validation provided"),
|
|
|
|
}
|
|
|
|
Ok(())
|
|
|
|
}
|
2018-02-22 23:38:54 +00:00
|
|
|
}
|