Improved error messagees, implemented delete ciphers, attachments and account, implemented two factor recovery.

Known missing: - import ciphers, create ciphers types other than login and card, update ciphers - clear and put device_tokens - Equivalent domains - Organizations
2025-09-11 03:05:58 +03:00 · 2018-02-15 19:05:57 +01:00
parent 47a116bbee
commit 84a75c871b
15 changed files with 181 additions and 192 deletions
--- a/src/db/models/user.rs
+++ b/src/db/models/user.rs
@@ -3,6 +3,7 @@ use serde_json::Value as JsonValue;

 use uuid::Uuid;

+use crypto;
 use CONFIG;

 #[derive(Debug, Identifiable, Queryable, Insertable)]
@@ -38,8 +39,6 @@ impl User {
        let now = Utc::now().naive_utc();
        let email = mail.to_lowercase();

-        use crypto;
-
        let iterations = CONFIG.password_iterations;
        let salt = crypto::get_random_64();
        let password_hash = crypto::hash_password(password.as_bytes(), &salt, iterations as u32);
@@ -70,16 +69,21 @@ impl User {
    }

    pub fn check_valid_password(&self, password: &str) -> bool {
-        use crypto;
-
        crypto::verify_password_hash(password.as_bytes(),
                                     &self.salt,
                                     &self.password_hash,
                                     self.password_iterations as u32)
    }

+    pub fn check_valid_recovery_code(&self, recovery_code: &str) -> bool {
+        if let Some(ref totp_recover) = self.totp_recover {
+            recovery_code == totp_recover.to_lowercase()
+        } else {
+            false
+        }
+    }
+
    pub fn set_password(&mut self, password: &str) {
-        use crypto;
        self.password_hash = crypto::hash_password(password.as_bytes(),
                                                   &self.salt,
                                                   self.password_iterations as u32);
@@ -149,6 +153,15 @@ impl User {
        }
    }

+    pub fn delete(self, conn: &DbConn) -> bool {
+        match diesel::delete(users::table.filter(
+            users::uuid.eq(self.uuid)))
+            .execute(&**conn) {
+            Ok(1) => true, // One row deleted
+            _ => false,
+        }
+    }
+
    pub fn find_by_mail(mail: &str, conn: &DbConn) -> Option<Self> {
        let lower_mail = mail.to_lowercase();
        users::table