vikarti.anatra/polaris-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Fixed a bug where credentials were not being validated

Browse source
This commit is contained in:
Antoine Gersant 2018-11-10 23:34:31 -08:00
parent f0b360e3d0
commit e0b3ea4b98
2 changed files with 6 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
src/errors.rs
View file

@ -64,6 +64,7 @@ impl<'r> rocket::response::Responder<'r> for Error {
build build
.status(match self.0 { .status(match self.0 {
ErrorKind::FileNotFound => rocket::http::Status::NotFound, ErrorKind::FileNotFound => rocket::http::Status::NotFound,
ErrorKind::IncorrectCredentials => rocket::http::Status::Unauthorized,
_ => rocket::http::Status::InternalServerError, _ => rocket::http::Status::InternalServerError,
}) })
.ok() .ok()

6
src/rocket_api.rs
View file

@ -233,7 +233,11 @@ fn auth(
credentials: Json<AuthCredentials>, credentials: Json<AuthCredentials>,
mut cookies: Cookies, mut cookies: Cookies,
) -> Result<Json<AuthOutput>, errors::Error> { ) -> Result<Json<AuthOutput>, errors::Error> {
user::auth::<DB>(&db, &credentials.username, &credentials.password)?;
if !user::auth::<DB>(&db, &credentials.username, &credentials.password)? {
return Err(errors::Error::from(errors::ErrorKind::IncorrectCredentials))
}
cookies.add_private(get_auth_cookie(&credentials.username)); cookies.add_private(get_auth_cookie(&credentials.username));
let auth_output = AuthOutput { let auth_output = AuthOutput {