matrix/authentication-service
1
0
Fork 0
mirror of https://github.com/matrix-org/matrix-authentication-service.git synced 2025-08-07 17:03:01 +03:00
Code Activity

Implement the password change form

Browse Source
This commit is contained in:
Quentin Gliech
2024-06-25 17:33:45 +02:00
parent d633d33ab2
commit 09fca9fd75
11 changed files with 425 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
crates/handlers/src/lib.rs
View File

@@ -389,6 +389,10 @@ where
mas_router::AccountRecoveryProgress::route(),
get(self::views::recovery::progress::get).post(self::views::recovery::progress::post),
)
.route(
mas_router::AccountRecoveryFinish::route(),
get(self::views::recovery::finish::get).post(self::views::recovery::finish::post),
)
.route(
mas_router::OAuth2AuthorizationEndpoint::route(),
get(self::oauth2::authorization::get),

246
crates/handlers/src/views/recovery/finish.rs Normal file
View File

@@ -0,0 +1,246 @@
// Copyright 2024 The Matrix.org Foundation C.I.C.
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
use anyhow::Context;
use axum::{
extract::{Query, State},
response::{Html, IntoResponse, Response},
Form,
};
use mas_axum_utils::{
cookies::CookieJar,
csrf::{CsrfExt, ProtectedForm},
FancyError,
};
use mas_policy::Policy;
use mas_router::UrlBuilder;
use mas_storage::{BoxClock, BoxRepository, BoxRng};
use mas_templates::{
ErrorContext, FieldError, FormState, RecoveryFinishContext, RecoveryFinishFormField,
TemplateContext, Templates,
};
use serde::{Deserialize, Serialize};
use zeroize::Zeroizing;
use crate::{passwords::PasswordManager, PreferredLanguage};
#[derive(Deserialize)]
pub(crate) struct RouteQuery {
ticket: String,
}
#[derive(Deserialize, Serialize)]
pub(crate) struct RouteForm {
new_password: String,
new_password_confirm: String,
}
pub(crate) async fn get(
mut rng: BoxRng,
clock: BoxClock,
mut repo: BoxRepository,
State(templates): State<Templates>,
PreferredLanguage(locale): PreferredLanguage,
cookie_jar: CookieJar,
Query(query): Query<RouteQuery>,
) -> Result<Response, FancyError> {
let (csrf_token, cookie_jar) = cookie_jar.csrf_token(&clock, &mut rng);
let ticket = repo
.user_recovery()
.find_ticket(&query.ticket)
.await?
.context("Unknown ticket")?;
let session = repo
.user_recovery()
.lookup_session(ticket.user_recovery_session_id)
.await?
.context("Unknown session")?;
if !ticket.active(clock.now()) || session.consumed_at.is_some() {
// TODO: render a 'link expired' page
let rendered = templates.render_error(
&ErrorContext::new()
.with_code("Link expired")
.with_language(&locale),
)?;
return Ok((cookie_jar, Html(rendered)).into_response());
}
let user_email = repo
.user_email()
.lookup(ticket.user_email_id)
.await?
// Only allow confirmed email addresses
.filter(|email| email.confirmed_at.is_some())
.context("Unknown email address")?;
let user = repo
.user()
.lookup(user_email.user_id)
.await?
.context("Invalid user")?;
if !user.is_valid() {
// TODO: render a 'account locked' page
let rendered = templates.render_error(
&ErrorContext::new()
.with_code("Account locked")
.with_language(&locale),
)?;
return Ok((cookie_jar, Html(rendered)).into_response());
}
let context = RecoveryFinishContext::new(user)
.with_csrf(csrf_token.form_value())
.with_language(locale);
let rendered = templates.render_recovery_finish(&context)?;
Ok((cookie_jar, Html(rendered)).into_response())
}
pub(crate) async fn post(
mut rng: BoxRng,
clock: BoxClock,
mut repo: BoxRepository,
mut policy: Policy,
State(password_manager): State<PasswordManager>,
State(templates): State<Templates>,
State(url_builder): State<UrlBuilder>,
PreferredLanguage(locale): PreferredLanguage,
cookie_jar: CookieJar,
Query(query): Query<RouteQuery>,
Form(form): Form<ProtectedForm<RouteForm>>,
) -> Result<Response, FancyError> {
let (csrf_token, cookie_jar) = cookie_jar.csrf_token(&clock, &mut rng);
let ticket = repo
.user_recovery()
.find_ticket(&query.ticket)
.await?
.context("Unknown ticket")?;
let session = repo
.user_recovery()
.lookup_session(ticket.user_recovery_session_id)
.await?
.context("Unknown session")?;
if !ticket.active(clock.now()) || session.consumed_at.is_some() {
// TODO: render a 'link expired' page
let rendered = templates.render_error(
&ErrorContext::new()
.with_code("Link expired")
.with_language(&locale),
)?;
return Ok((cookie_jar, Html(rendered)).into_response());
}
let user_email = repo
.user_email()
.lookup(ticket.user_email_id)
.await?
// Only allow confirmed email addresses
.filter(|email| email.confirmed_at.is_some())
.context("Unknown email address")?;
let user = repo
.user()
.lookup(user_email.user_id)
.await?
.context("Invalid user")?;
if !user.is_valid() {
// TODO: render a 'account locked' page
let rendered = templates.render_error(
&ErrorContext::new()
.with_code("Account locked")
.with_language(&locale),
)?;
return Ok((cookie_jar, Html(rendered)).into_response());
}
let form = cookie_jar.verify_form(&clock, form)?;
// Check the form
let mut form_state = FormState::from_form(&form);
if form.new_password.is_empty() {
form_state = form_state
.with_error_on_field(RecoveryFinishFormField::NewPassword, FieldError::Required);
}
if form.new_password_confirm.is_empty() {
form_state = form_state.with_error_on_field(
RecoveryFinishFormField::NewPasswordConfirm,
FieldError::Required,
);
}
if form.new_password != form.new_password_confirm {
form_state = form_state
.with_error_on_field(
RecoveryFinishFormField::NewPassword,
FieldError::Unspecified,
)
.with_error_on_field(
RecoveryFinishFormField::NewPasswordConfirm,
FieldError::PasswordMismatch,
);
}
let res = policy.evaluate_password(&form.new_password).await?;
if !res.valid() {
form_state = form_state.with_error_on_field(
RecoveryFinishFormField::NewPassword,
FieldError::Policy {
message: res.to_string(),
},
);
}
if !form_state.is_valid() {
let context = RecoveryFinishContext::new(user)
.with_form_state(form_state)
.with_csrf(csrf_token.form_value())
.with_language(locale);
let rendered = templates.render_recovery_finish(&context)?;
return Ok((cookie_jar, Html(rendered)).into_response());
}
// Form is valid, change the password
let password = Zeroizing::new(form.new_password.into_bytes());
let (version, hashed_password) = password_manager.hash(&mut rng, password).await?;
repo.user_password()
.add(&mut rng, &clock, &user, version, hashed_password, None)
.await?;
// Mark the session as consumed
repo.user_recovery()
.consume_ticket(&clock, ticket, session)
.await?;
repo.save().await?;
Ok((
cookie_jar,
url_builder.redirect(&mas_router::Login::default()),
)
.into_response())
}

1
crates/handlers/src/views/recovery/mod.rs
View File

@@ -12,5 +12,6 @@
// See the License for the specific language governing permissions and
// limitations under the License.
pub mod finish;
pub mod progress;
pub mod start;

6
crates/handlers/src/views/register.rs
View File

@@ -191,9 +191,11 @@ pub(crate) async fn post(
}
if form.password != form.password_confirm {
state.add_error_on_form(FormError::PasswordMismatch);
state.add_error_on_field(RegisterFormField::Password, FieldError::Unspecified);
state.add_error_on_field(RegisterFormField::PasswordConfirm, FieldError::Unspecified);
state.add_error_on_field(
RegisterFormField::PasswordConfirm,
FieldError::PasswordMismatch,
);
}
// If the site has terms of service, the user must accept them

70
crates/templates/src/context.rs
View File

@@ -1056,6 +1056,76 @@ impl TemplateContext for RecoveryProgressContext {
}
}
/// Fields of the account recovery finish form
#[derive(Serialize, Deserialize, Debug, Clone, Copy, Hash, PartialEq, Eq)]
#[serde(rename_all = "snake_case")]
pub enum RecoveryFinishFormField {
/// The new password
NewPassword,
/// The new password confirmation
NewPasswordConfirm,
}
impl FormField for RecoveryFinishFormField {
fn keep(&self) -> bool {
false
}
}
/// Context used by the `pages/recovery/finish.html` template
#[derive(Serialize)]
pub struct RecoveryFinishContext {
user: User,
form: FormState<RecoveryFinishFormField>,
}
impl RecoveryFinishContext {
/// Constructs a context for the recovery finish page
#[must_use]
pub fn new(user: User) -> Self {
Self {
user,
form: FormState::default(),
}
}
/// Set the form state
#[must_use]
pub fn with_form_state(mut self, form: FormState<RecoveryFinishFormField>) -> Self {
self.form = form;
self
}
}
impl TemplateContext for RecoveryFinishContext {
fn sample(now: chrono::DateTime<Utc>, rng: &mut impl Rng) -> Vec<Self>
where
Self: Sized,
{
User::samples(now, rng)
.into_iter()
.flat_map(|user| {
vec![
Self::new(user.clone()),
Self::new(user.clone()).with_form_state(
FormState::default().with_error_on_field(
RecoveryFinishFormField::NewPassword,
FieldError::Invalid,
),
),
Self::new(user.clone()).with_form_state(
FormState::default().with_error_on_field(
RecoveryFinishFormField::NewPasswordConfirm,
FieldError::Invalid,
),
),
]
})
.collect()
}
}
/// Context used by the `pages/upstream_oauth2/{link_mismatch,do_login}.html`
/// templates
#[derive(Serialize)]

3
crates/templates/src/forms.rs
View File

@@ -36,6 +36,9 @@ pub enum FieldError {
/// Invalid value for this field
Invalid,
/// The password confirmation doesn't match the password
PasswordMismatch,
/// That value already exists
Exists,

14
crates/templates/src/lib.rs
View File

@@ -46,11 +46,12 @@ pub use self::{
DeviceLinkFormField, EmailAddContext, EmailRecoveryContext, EmailVerificationContext,
EmailVerificationPageContext, EmptyContext, ErrorContext, FormPostContext, IndexContext,
LoginContext, LoginFormField, NotFoundContext, PolicyViolationContext, PostAuthContext,
PostAuthContextInner, ReauthContext, ReauthFormField, RecoveryProgressContext,
RecoveryStartContext, RecoveryStartFormField, RegisterContext, RegisterFormField,
SiteBranding, SiteConfigExt, SiteFeatures, TemplateContext, UpstreamExistingLinkContext,
UpstreamRegister, UpstreamRegisterFormField, UpstreamSuggestLink, WithCaptcha, WithCsrf,
WithLanguage, WithOptionalSession, WithSession,
PostAuthContextInner, ReauthContext, ReauthFormField, RecoveryFinishContext,
RecoveryFinishFormField, RecoveryProgressContext, RecoveryStartContext,
RecoveryStartFormField, RegisterContext, RegisterFormField, SiteBranding, SiteConfigExt,
SiteFeatures, TemplateContext, UpstreamExistingLinkContext, UpstreamRegister,
UpstreamRegisterFormField, UpstreamSuggestLink, WithCaptcha, WithCsrf, WithLanguage,
WithOptionalSession, WithSession,
},
forms::{FieldError, FormError, FormField, FormState, ToFormState},
};
@@ -353,6 +354,8 @@ register_templates! {
/// Render the account recovery start page
pub fn render_recovery_progress(WithLanguage<WithCsrf<RecoveryProgressContext>>) { "pages/recovery/progress.html" }
/// Render the account recovery finish page
pub fn render_recovery_finish(WithLanguage<WithCsrf<RecoveryFinishContext>>) { "pages/recovery/finish.html" }
/// Render the re-authentication form
pub fn render_reauth(WithLanguage<WithCsrf<WithSession<ReauthContext>>>) { "pages/reauth.html" }
@@ -421,6 +424,7 @@ impl Templates {
check::render_account_verify_email(self, now, rng)?;
check::render_recovery_start(self, now, rng)?;
check::render_recovery_progress(self, now, rng)?;
check::render_recovery_finish(self, now, rng)?;
check::render_reauth(self, now, rng)?;
check::render_form_post::<EmptyContext>(self, now, rng)?;
check::render_error(self, now, rng)?;