refactor: move regex code to mod.rs
This commit is contained in:
parent
0ccfa53746
commit
c76fd73179
3 changed files with 20 additions and 24 deletions
|
|
@ -4,11 +4,11 @@ use actix_web::{Error, HttpResponse, error, post, web};
|
|||
use argon2::{PasswordHash, PasswordVerifier};
|
||||
use futures::StreamExt;
|
||||
use log::error;
|
||||
use regex::Regex;
|
||||
use serde::{Deserialize, Serialize};
|
||||
|
||||
use crate::{
|
||||
Data,
|
||||
api::v1::auth::{EMAIL_REGEX, PASSWORD_REGEX, USERNAME_REGEX},
|
||||
crypto::{generate_access_token, generate_refresh_token},
|
||||
};
|
||||
|
||||
|
|
@ -44,19 +44,11 @@ pub async fn response(
|
|||
|
||||
let login_information = serde_json::from_slice::<LoginInformation>(&body)?;
|
||||
|
||||
let email_regex = Regex::new(r"[-A-Za-z0-9!#$%&'*+/=?^_`{|}~]+(?:\.[-A-Za-z0-9!#$%&'*+/=?^_`{|}~]+)*@(?:[A-Za-z0-9](?:[-A-Za-z0-9]*[A-Za-z0-9])?\.)+[A-Za-z0-9](?:[-A-Za-z0-9]*[A-Za-z0-9])?").unwrap();
|
||||
|
||||
// FIXME: This regex doesnt seem to be working
|
||||
let username_regex = Regex::new(r"[a-zA-Z0-9.-_]").unwrap();
|
||||
|
||||
// Password is expected to be hashed using SHA3-384
|
||||
let password_regex = Regex::new(r"[0-9a-f]{96}").unwrap();
|
||||
|
||||
if !password_regex.is_match(&login_information.password) {
|
||||
if !PASSWORD_REGEX.is_match(&login_information.password) {
|
||||
return Ok(HttpResponse::Forbidden().json(r#"{ "password_hashed": false }"#));
|
||||
}
|
||||
|
||||
if email_regex.is_match(&login_information.username) {
|
||||
if EMAIL_REGEX.is_match(&login_information.username) {
|
||||
if let Ok(row) =
|
||||
sqlx::query_as("SELECT CAST(uuid as VARCHAR), password FROM users WHERE email = $1")
|
||||
.bind(login_information.username)
|
||||
|
|
@ -75,7 +67,7 @@ pub async fn response(
|
|||
}
|
||||
|
||||
return Ok(HttpResponse::Unauthorized().finish());
|
||||
} else if username_regex.is_match(&login_information.username) {
|
||||
} else if USERNAME_REGEX.is_match(&login_information.username) {
|
||||
if let Ok(row) =
|
||||
sqlx::query_as("SELECT CAST(uuid as VARCHAR), password FROM users WHERE username = $1")
|
||||
.bind(login_information.username)
|
||||
|
|
|
|||
|
|
@ -1,10 +1,12 @@
|
|||
use std::{
|
||||
str::FromStr,
|
||||
sync::LazyLock,
|
||||
time::{SystemTime, UNIX_EPOCH},
|
||||
};
|
||||
|
||||
use actix_web::{HttpResponse, Scope, web};
|
||||
use log::error;
|
||||
use regex::Regex;
|
||||
use sqlx::Postgres;
|
||||
use uuid::Uuid;
|
||||
|
||||
|
|
@ -13,6 +15,16 @@ mod refresh;
|
|||
mod register;
|
||||
mod revoke;
|
||||
|
||||
static EMAIL_REGEX: LazyLock<Regex> = LazyLock::new(|| {
|
||||
Regex::new(r"[-A-Za-z0-9!#$%&'*+/=?^_`{|}~]+(?:\.[-A-Za-z0-9!#$%&'*+/=?^_`{|}~]+)*@(?:[A-Za-z0-9](?:[-A-Za-z0-9]*[A-Za-z0-9])?\.)+[A-Za-z0-9](?:[-A-Za-z0-9]*[A-Za-z0-9])?").unwrap()
|
||||
});
|
||||
|
||||
// FIXME: This regex doesnt seem to be working
|
||||
static USERNAME_REGEX: LazyLock<Regex> = LazyLock::new(|| Regex::new(r"[a-zA-Z0-9.-_]").unwrap());
|
||||
|
||||
// Password is expected to be hashed using SHA3-384
|
||||
static PASSWORD_REGEX: LazyLock<Regex> = LazyLock::new(|| Regex::new(r"[0-9a-f]{96}").unwrap());
|
||||
|
||||
pub fn web() -> Scope {
|
||||
web::scope("/auth")
|
||||
.service(register::res)
|
||||
|
|
|
|||
|
|
@ -7,13 +7,13 @@ use argon2::{
|
|||
};
|
||||
use futures::StreamExt;
|
||||
use log::error;
|
||||
use regex::Regex;
|
||||
use serde::{Deserialize, Serialize};
|
||||
use uuid::Uuid;
|
||||
|
||||
use super::login::Response;
|
||||
use crate::{
|
||||
Data,
|
||||
api::v1::auth::{EMAIL_REGEX, PASSWORD_REGEX, USERNAME_REGEX},
|
||||
crypto::{generate_access_token, generate_refresh_token},
|
||||
};
|
||||
|
||||
|
|
@ -73,19 +73,14 @@ pub async fn res(mut payload: web::Payload, data: web::Data<Data>) -> Result<Htt
|
|||
|
||||
let uuid = Uuid::now_v7();
|
||||
|
||||
let email_regex = Regex::new(r"[-A-Za-z0-9!#$%&'*+/=?^_`{|}~]+(?:\.[-A-Za-z0-9!#$%&'*+/=?^_`{|}~]+)*@(?:[A-Za-z0-9](?:[-A-Za-z0-9]*[A-Za-z0-9])?\.)+[A-Za-z0-9](?:[-A-Za-z0-9]*[A-Za-z0-9])?").unwrap();
|
||||
|
||||
if !email_regex.is_match(&account_information.email) {
|
||||
if !EMAIL_REGEX.is_match(&account_information.email) {
|
||||
return Ok(HttpResponse::Forbidden().json(ResponseError {
|
||||
email_valid: false,
|
||||
..Default::default()
|
||||
}));
|
||||
}
|
||||
|
||||
// FIXME: This regex doesnt seem to be working
|
||||
let username_regex = Regex::new(r"[a-zA-Z0-9.-_]").unwrap();
|
||||
|
||||
if !username_regex.is_match(&account_information.identifier)
|
||||
if !USERNAME_REGEX.is_match(&account_information.identifier)
|
||||
|| account_information.identifier.len() < 3
|
||||
|| account_information.identifier.len() > 32
|
||||
{
|
||||
|
|
@ -95,10 +90,7 @@ pub async fn res(mut payload: web::Payload, data: web::Data<Data>) -> Result<Htt
|
|||
}));
|
||||
}
|
||||
|
||||
// Password is expected to be hashed using SHA3-384
|
||||
let password_regex = Regex::new(r"[0-9a-f]{96}").unwrap();
|
||||
|
||||
if !password_regex.is_match(&account_information.password) {
|
||||
if !PASSWORD_REGEX.is_match(&account_information.password) {
|
||||
return Ok(HttpResponse::Forbidden().json(ResponseError {
|
||||
password_hashed: false,
|
||||
..Default::default()
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue