matrix/authentication-service
1
0
Fork 0
mirror of https://github.com/matrix-org/matrix-authentication-service.git synced 2025-07-29 22:01:14 +03:00
Code Activity

Move password change to its own page

Browse Source 
Also restructure the templates structure a bit
This commit is contained in:
Quentin Gliech
2022-01-18 11:58:42 +01:00
parent 565f5cda1b
commit 1b35f96f29
11 changed files with 143 additions and 65 deletions
Download Patch File Download Diff File Expand all files Collapse all files

85
crates/handlers/src/views/account/mod.rs Normal file
View File

@ -0,0 +1,85 @@
// Copyright 2021-2022 The Matrix.org Foundation C.I.C.
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
mod password;
use mas_config::{CookiesConfig, CsrfConfig};
use mas_data_model::BrowserSession;
use mas_storage::{
user::{count_active_sessions, get_user_emails},
PostgresqlBackend,
};
use mas_templates::{AccountContext, TemplateContext, Templates};
use mas_warp_utils::{
errors::WrapError,
filters::{
cookies::{encrypted_cookie_saver, EncryptedCookieSaver},
csrf::updated_csrf_token,
database::connection,
session::session,
with_templates, CsrfToken,
},
};
use sqlx::{pool::PoolConnection, PgPool, Postgres};
use warp::{filters::BoxedFilter, reply::html, Filter, Rejection, Reply};
use self::password::filter as password;
pub(super) fn filter(
pool: &PgPool,
templates: &Templates,
csrf_config: &CsrfConfig,
cookies_config: &CookiesConfig,
) -> BoxedFilter<(Box<dyn Reply>,)> {
let get = warp::get()
.and(with_templates(templates))
.and(encrypted_cookie_saver(cookies_config))
.and(updated_csrf_token(cookies_config, csrf_config))
.and(session(pool, cookies_config))
.and(connection(pool))
.and_then(get);
let index = warp::path::end().and(get);
let password = password(pool, templates, csrf_config, cookies_config);
let filter = index.or(password).unify();
warp::path::path("account").and(filter).boxed()
}
async fn get(
templates: Templates,
cookie_saver: EncryptedCookieSaver,
csrf_token: CsrfToken,
session: BrowserSession<PostgresqlBackend>,
mut conn: PoolConnection<Postgres>,
) -> Result<Box<dyn Reply>, Rejection> {
let active_sessions = count_active_sessions(&mut conn, &session.user)
.await
.wrap_error()?;
let emails = get_user_emails(&mut conn, &session.user)
.await
.wrap_error()?;
let ctx = AccountContext::new(active_sessions, emails)
.with_session(session)
.with_csrf(csrf_token.form_value());
let content = templates.render_account_index(&ctx).await?;
let reply = html(content);
let reply = cookie_saver.save_encrypted(&csrf_token, reply)?;
Ok(Box::new(reply))
}

36
crates/handlers/src/views/account.rs → crates/handlers/src/views/account/password.rs
View File

@ -1,4 +1,4 @@
// Copyright 2021 The Matrix.org Foundation C.I.C.
// Copyright 2022 The Matrix.org Foundation C.I.C.
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
@ -16,10 +16,10 @@ use argon2::Argon2;
use mas_config::{CookiesConfig, CsrfConfig};
use mas_data_model::BrowserSession;
use mas_storage::{
user::{authenticate_session, count_active_sessions, get_user_emails, set_password},
user::{authenticate_session, set_password},
PostgresqlBackend,
};
use mas_templates::{AccountContext, TemplateContext, Templates};
use mas_templates::{EmptyContext, TemplateContext, Templates};
use mas_warp_utils::{
errors::WrapError,
filters::{
@ -44,7 +44,6 @@ pub(super) fn filter(
.and(encrypted_cookie_saver(cookies_config))
.and(updated_csrf_token(cookies_config, csrf_config))
.and(session(pool, cookies_config))
.and(transaction(pool))
.and_then(get);
let post = with_templates(templates)
@ -55,9 +54,11 @@ pub(super) fn filter(
.and(protected_form(cookies_config))
.and_then(post);
let filter = warp::get().and(get).or(warp::post().and(post)).unify();
let get = warp::get().and(get);
let post = warp::post().and(post);
let filter = get.or(post).unify();
warp::path!("account").and(filter).boxed()
warp::path!("password").and(filter).boxed()
}
#[derive(Deserialize)]
@ -66,14 +67,14 @@ struct Form {
new_password: String,
new_password_confirm: String,
}
async fn get(
templates: Templates,
cookie_saver: EncryptedCookieSaver,
csrf_token: CsrfToken,
session: BrowserSession<PostgresqlBackend>,
txn: Transaction<'_, Postgres>,
) -> Result<Box<dyn Reply>, Rejection> {
render(templates, cookie_saver, csrf_token, session, txn).await
render(templates, cookie_saver, csrf_token, session).await
}
async fn render(
@ -81,23 +82,12 @@ async fn render(
cookie_saver: EncryptedCookieSaver,
csrf_token: CsrfToken,
session: BrowserSession<PostgresqlBackend>,
mut txn: Transaction<'_, Postgres>,
) -> Result<Box<dyn Reply>, Rejection> {
let active_sessions = count_active_sessions(&mut txn, &session.user)
.await
.wrap_error()?;
let emails = get_user_emails(&mut txn, &session.user)
.await
.wrap_error()?;
txn.commit().await.wrap_error()?;
let ctx = AccountContext::new(active_sessions, emails)
let ctx = EmptyContext
.with_session(session)
.with_csrf(csrf_token.form_value());
let content = templates.render_account(&ctx).await?;
let content = templates.render_account_password(&ctx).await?;
let reply = html(content);
let reply = cookie_saver.save_encrypted(&csrf_token, reply)?;
@ -126,7 +116,9 @@ async fn post(
.await
.wrap_error()?;
let reply = render(templates, cookie_saver, csrf_token, session, txn).await?;
let reply = render(templates, cookie_saver, csrf_token, session).await?;
txn.commit().await.wrap_error()?;
Ok(reply)
}