Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merge MFA into dev #564

Merged
merged 45 commits into from
Oct 26, 2024
Merged

Merge MFA into dev #564

Show file tree
Hide file tree
Changes from 35 commits
Commits
Show all changes
45 commits
Select commit Hold shift + click to select a range
2dcee5c
feat: add Request/Response and other necessary objects for MFA implem…
xystrive Jul 4, 2024
c3eec16
refactor: remove old Response object involved in MFA implementation
xystrive Jul 4, 2024
5387815
feat: add MFARequired error to ChorusError
xystrive Jul 4, 2024
4920c91
refactor: wrap object field type with `Option` and change `shell()` m…
xystrive Jul 4, 2024
85a2878
feat: add `complete_mfa_challenge` method to ChorusUser
xystrive Jul 4, 2024
2c4e069
refactor: remove mfa_token argument from `ChorusRequest` `new` method
xystrive Jul 4, 2024
a3aa462
feat: add handling for MFA Required response errors
xystrive Jul 4, 2024
6ef33c0
refactor: change `User` object assignements according to changes done…
xystrive Jul 4, 2024
8f995a9
refactor: change `ChorusUser` new method calls according to changes done
xystrive Jul 4, 2024
c3c506b
fix: typo in `ChorusError::MfaRequired` `Display` message
xystrive Jul 5, 2024
ee19cb7
fix: concatenate `Instance`'s api url with endpoint
xystrive Jul 5, 2024
317dbe1
fix: according to changes made to `ChorusUser` object field 4920c91e5…
xystrive Jul 5, 2024
530ed90
feat: add Request/Response objects for MFA verification endpoints
xystrive Jul 25, 2024
bf2608f
feat: add SuspendedUser error value on ChorusError
xystrive Jul 25, 2024
cd637fb
feat: add endpoints for Verify MFA Login and Send MFA SMS
xystrive Jul 25, 2024
6ef5221
feat: add skeleton structure for MFA endpoints tests
xystrive Jul 25, 2024
d188fe4
refactor: comments
xystrive Jul 25, 2024
ac8352e
Merge branch 'pr/xystrive/521-1' into mfa
bitfl0wer Jul 26, 2024
a446b55
Merge dev into mfa
kozabrada123 Oct 2, 2024
a29f354
remove Option from ChorusUser object, mildly refactor logins
kozabrada123 Oct 2, 2024
6bff940
clean up tests which still used object option
kozabrada123 Oct 2, 2024
0955026
Add a fixme
kozabrada123 Oct 2, 2024
1927ed8
feat: add api to add mfa to a request
kozabrada123 Oct 2, 2024
825e0ed
fix: feature lock entities/mfa_token
kozabrada123 Oct 2, 2024
faffb4c
fix: forgot to set token
kozabrada123 Oct 2, 2024
7583d45
chore: mock mfa tests with httptest crate, add framework for mocked t…
kozabrada123 Oct 9, 2024
ad0b5fd
chore: ah
kozabrada123 Oct 9, 2024
7a392d3
fix: httptest does not work on wasm
kozabrada123 Oct 9, 2024
ba234bd
fix: heh?
kozabrada123 Oct 9, 2024
d256bff
fix: improper serialization of authenticator type
kozabrada123 Oct 9, 2024
49a0742
fix: httptest panics
kozabrada123 Oct 9, 2024
b3a065b
Merge branch 'dev' into mfa
kozabrada123 Oct 13, 2024
7bf3b27
feat: send mfa token where needed, add some mfa routes
kozabrada123 Oct 13, 2024
2fe8fdb
feat: add mfa authenticator type, get webauthn authenticators
kozabrada123 Oct 13, 2024
3687f54
feat: add last of mfa routes, mfa events
kozabrada123 Oct 14, 2024
e00e9bd
docs: fix broken doc link
kozabrada123 Oct 14, 2024
67048f0
chore: test a lot of user mfa routes
kozabrada123 Oct 14, 2024
bfd3039
the fake ticket is too real
kozabrada123 Oct 14, 2024
619a718
fix: missing slash in endpoint url
kozabrada123 Oct 15, 2024
82bcaab
chore: add tests for backup codes routes
kozabrada123 Oct 15, 2024
dd236fe
chore: remove unused import
kozabrada123 Oct 15, 2024
f0aef03
api: improve MFA api
kozabrada123 Oct 15, 2024
ae2042f
api: easier mfa api
kozabrada123 Oct 16, 2024
090367b
fix: compile on non-default-features
kozabrada123 Oct 16, 2024
0984fc5
Merge branch 'dev' into mfa
kozabrada123 Oct 16, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
45 changes: 45 additions & 0 deletions Cargo.lock
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

3 changes: 3 additions & 0 deletions Cargo.toml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -89,5 +89,8 @@ wasm-bindgen-test = "0.3.43"
wasm-bindgen = "0.2.93"
simple_logger = { version = "5.0.0", default-features = false }

[target.'cfg(not(target_arch = "wasm32"))'.dev-dependencies]
httptest = "0.16.1"

[lints.rust]
unexpected_cfgs = { level = "allow", check-cfg = ['cfg(tarpaulin_include)'] }
86 changes: 78 additions & 8 deletions src/api/auth/login.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -11,7 +11,10 @@ use crate::errors::ChorusResult;
use crate::gateway::Gateway;
use crate::instance::{ChorusUser, Instance};
use crate::ratelimiter::ChorusRequest;
use crate::types::{GatewayIdentifyPayload, LimitType, LoginResult, LoginSchema, User};
use crate::types::{
MfaAuthenticationType, GatewayIdentifyPayload, LimitType, LoginResult, LoginSchema,
SendMfaSmsResponse, SendMfaSmsSchema, User, VerifyMFALoginResponse, VerifyMFALoginSchema,
};

impl Instance {
/// Logs into an existing account on the spacebar server.
Expand All @@ -27,6 +30,7 @@ impl Instance {
.header("Content-Type", "application/json"),
limit_type: LimitType::AuthLogin,
};

// We do not have a user yet, and the UserRateLimits will not be affected by a login
// request (since login is an instance wide limit), which is why we are just cloning the
// instances' limits to pass them on as user_rate_limits later.
Expand All @@ -35,16 +39,82 @@ impl Instance {
let login_result = chorus_request
.deserialize_response::<LoginResult>(&mut user)
.await?;
user.set_token(&login_result.token);
user.settings = login_result.settings;

let object = User::get_current(&mut user).await?;
*user.object.write().unwrap() = object;
user.update_with_login_data(login_result.token, Some(login_result.settings))
.await?;

Ok(user)
}

/// Verifies a multi-factor authentication login
///
/// # Reference
/// See <https://docs.discord.sex/authentication#verify-mfa-login>
pub async fn verify_mfa_login(
&mut self,
authenticator: MfaAuthenticationType,
schema: VerifyMFALoginSchema,
) -> ChorusResult<ChorusUser> {
let endpoint_url = self.urls.api.clone() + "/auth/mfa/" + &authenticator.to_string();

let chorus_request = ChorusRequest {
request: Client::new()
.post(endpoint_url)
.header("Content-Type", "application/json")
.json(&schema),
limit_type: LimitType::AuthLogin,
};

let mut user = ChorusUser::shell(Arc::new(RwLock::new(self.clone())), "None").await;

let mut identify = GatewayIdentifyPayload::common();
identify.token = user.token();
user.gateway.send_identify(identify).await;
match chorus_request
.deserialize_response::<VerifyMFALoginResponse>(&mut user)
.await?
{
VerifyMFALoginResponse::Success {
token,
user_settings,
} => {
user.update_with_login_data(token, Some(user_settings))
.await?;
}
VerifyMFALoginResponse::UserSuspended {
suspended_user_token,
} => {
return Err(crate::errors::ChorusError::SuspendUser {
token: suspended_user_token,
})
}
}

Ok(user)
}

/// Sends a multi-factor authentication code to the user's phone number
///
/// # Reference
/// See <https://docs.discord.sex/authentication#send-mfa-sms>
// FIXME: This uses ChorusUser::shell, when it *really* shoudln't, but
// there is no other way to send a ratelimited request
pub async fn send_mfa_sms(
&mut self,
schema: SendMfaSmsSchema,
) -> ChorusResult<SendMfaSmsResponse> {
let endpoint_url = self.urls.api.clone() + "/auth/mfa/sms/send";
let chorus_request = ChorusRequest {
request: Client::new()
.post(endpoint_url)
.header("Content-Type", "application/json")
.json(&schema),
limit_type: LimitType::Ip,
};

let mut chorus_user = ChorusUser::shell(Arc::new(RwLock::new(self.clone())), "None").await;

let send_mfa_sms_response = chorus_request
.deserialize_response::<SendMfaSmsResponse>(&mut chorus_user)
.await?;

Ok(send_mfa_sms_response)
}
}
10 changes: 1 addition & 9 deletions src/api/auth/mod.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -25,15 +25,7 @@ impl Instance {
pub async fn login_with_token(&mut self, token: &str) -> ChorusResult<ChorusUser> {
let mut user = ChorusUser::shell(Arc::new(RwLock::new(self.clone())), token).await;

let object = User::get_current(&mut user).await?;
let settings = User::get_settings(&mut user).await?;

*user.object.write().unwrap() = object;
*user.settings.write().unwrap() = settings;

let mut identify = GatewayIdentifyPayload::common();
identify.token = user.token();
user.gateway.send_identify(identify).await;
user.update_with_login_data(token.to_string(), None).await?;

Ok(user)
}
Expand Down
12 changes: 1 addition & 11 deletions src/api/auth/register.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -43,18 +43,8 @@ impl Instance {
.deserialize_response::<Token>(&mut user)
.await?
.token;

user.set_token(&token);

let object = User::get_current(&mut user).await?;
let settings = User::get_settings(&mut user).await?;

*user.object.write().unwrap() = object;
*user.settings.write().unwrap() = settings;

let mut identify = GatewayIdentifyPayload::common();
identify.token = user.token();
user.gateway.send_identify(identify).await;
user.update_with_login_data(token, None).await?;

Ok(user)
}
Expand Down
6 changes: 0 additions & 6 deletions src/api/channels/channels.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -30,7 +30,6 @@ impl Channel {
),
None,
None,
None,
Some(user),
LimitType::Channel(channel_id),
);
Expand Down Expand Up @@ -61,7 +60,6 @@ impl Channel {
&url,
None,
audit_log_reason.as_deref(),
None,
Some(user),
LimitType::Channel(self.id),
);
Expand Down Expand Up @@ -101,7 +99,6 @@ impl Channel {
&url,
Some(to_string(&modify_data).unwrap()),
audit_log_reason.as_deref(),
None,
Some(user),
LimitType::Channel(channel_id),
);
Expand Down Expand Up @@ -134,7 +131,6 @@ impl Channel {
&url,
None,
None,
None,
Some(user),
Default::default(),
);
Expand Down Expand Up @@ -196,7 +192,6 @@ impl Channel {
&url,
None,
None,
None,
Some(user),
LimitType::Channel(self.id),
);
Expand Down Expand Up @@ -225,7 +220,6 @@ impl Channel {
&url,
Some(to_string(&schema).unwrap()),
None,
None,
Some(user),
LimitType::Guild(guild_id),
);
Expand Down
11 changes: 0 additions & 11 deletions src/api/channels/messages.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -152,7 +152,6 @@ impl Message {
.as_str(),
None,
None,
None,
Some(user),
LimitType::Channel(channel_id),
);
Expand Down Expand Up @@ -183,7 +182,6 @@ impl Message {
.as_str(),
None,
audit_log_reason,
None,
Some(user),
LimitType::Channel(channel_id),
);
Expand All @@ -210,7 +208,6 @@ impl Message {
.as_str(),
None,
audit_log_reason,
None,
Some(user),
LimitType::Channel(channel_id),
);
Expand Down Expand Up @@ -259,7 +256,6 @@ impl Message {
.as_str(),
Some(to_string(&schema).unwrap()),
None,
None,
Some(user),
LimitType::Channel(channel_id),
);
Expand Down Expand Up @@ -293,7 +289,6 @@ impl Message {
.as_str(),
Some(to_string(&schema).unwrap()),
None,
None,
Some(user),
LimitType::Channel(channel_id),
);
Expand Down Expand Up @@ -322,7 +317,6 @@ impl Message {
.as_str(),
None,
None,
None,
Some(user),
LimitType::Channel(channel_id),
);
Expand All @@ -349,7 +343,6 @@ impl Message {
&url,
None,
None,
None,
Some(user),
LimitType::Channel(channel_id),
);
Expand Down Expand Up @@ -383,7 +376,6 @@ impl Message {
&url,
Some(to_string(&schema).unwrap()),
None,
None,
Some(user),
LimitType::Channel(channel_id),
);
Expand All @@ -410,7 +402,6 @@ impl Message {
&url,
None,
audit_log_reason.as_deref(),
None,
Some(user),
LimitType::Channel(channel_id),
);
Expand Down Expand Up @@ -448,7 +439,6 @@ impl Message {
.as_str(),
Some(to_string(&messages).unwrap()),
audit_log_reason.as_deref(),
None,
Some(user),
LimitType::Channel(channel_id),
);
Expand All @@ -473,7 +463,6 @@ impl Message {
.as_str(),
None,
None,
None,
Some(user),
LimitType::Channel(channel_id),
);
Expand Down
1 change: 0 additions & 1 deletion src/api/channels/permissions.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -83,7 +83,6 @@ impl types::Channel {
&url,
None,
None,
None,
Some(user),
LimitType::Channel(channel_id),
);
Expand Down
Loading