110 lines
3.9 KiB
Rust
110 lines
3.9 KiB
Rust
use std::iter;
|
|
|
|
use crypto::{digest::Digest, sha3::Sha3};
|
|
use rand::{distributions::Alphanumeric, thread_rng, Rng};
|
|
|
|
use crate::{config_manager, error::PeachError, sbot_client};
|
|
|
|
/// Returns Ok(()) if the supplied password is correct,
|
|
/// and returns Err if the supplied password is incorrect.
|
|
pub fn verify_password(password: &str) -> Result<(), PeachError> {
|
|
let real_admin_password_hash = config_manager::get_admin_password_hash()?;
|
|
let password_hash = hash_password(&password.to_string());
|
|
if real_admin_password_hash == password_hash {
|
|
Ok(())
|
|
} else {
|
|
Err(PeachError::PasswordIncorrect)
|
|
}
|
|
}
|
|
|
|
/// Checks if the given passwords are valid, and returns Ok() if they are and
|
|
/// a PeachError otherwise.
|
|
/// Currently this just checks that the passwords are the same,
|
|
/// but could be extended to test if they are strong enough.
|
|
pub fn validate_new_passwords(new_password1: &str, new_password2: &str) -> Result<(), PeachError> {
|
|
if new_password1 == new_password2 {
|
|
Ok(())
|
|
} else {
|
|
Err(PeachError::PasswordMismatch)
|
|
}
|
|
}
|
|
|
|
/// Sets a new password for the admin user
|
|
pub fn set_new_password(new_password: &str) -> Result<(), PeachError> {
|
|
let new_password_hash = hash_password(&new_password.to_string());
|
|
config_manager::set_admin_password_hash(&new_password_hash)?;
|
|
|
|
Ok(())
|
|
}
|
|
|
|
/// Creates a hash from a password string
|
|
pub fn hash_password(password: &str) -> String {
|
|
let mut hasher = Sha3::sha3_256();
|
|
hasher.input_str(password);
|
|
hasher.result_str()
|
|
}
|
|
|
|
/// Sets a new temporary password for the admin user
|
|
/// which can be used to reset the permanent password
|
|
pub fn set_new_temporary_password(new_password: &str) -> Result<(), PeachError> {
|
|
let new_password_hash = hash_password(&new_password.to_string());
|
|
config_manager::set_temporary_password_hash(&new_password_hash)?;
|
|
|
|
Ok(())
|
|
}
|
|
|
|
/// Returns Ok(()) if the supplied temp_password is correct,
|
|
/// and returns Err if the supplied temp_password is incorrect
|
|
pub fn verify_temporary_password(password: &str) -> Result<(), PeachError> {
|
|
let temporary_admin_password_hash = config_manager::get_temporary_password_hash()?;
|
|
let password_hash = hash_password(&password.to_string());
|
|
if temporary_admin_password_hash == password_hash {
|
|
Ok(())
|
|
} else {
|
|
Err(PeachError::PasswordIncorrect)
|
|
}
|
|
}
|
|
|
|
/// Generates a temporary password and sends it via ssb dm
|
|
/// to the ssb id configured to be the admin of the peachcloud device
|
|
pub fn send_password_reset() -> Result<(), PeachError> {
|
|
// first generate a new random password of ascii characters
|
|
let mut rng = thread_rng();
|
|
let temporary_password: String = iter::repeat(())
|
|
.map(|()| rng.sample(Alphanumeric))
|
|
.map(char::from)
|
|
.take(10)
|
|
.collect();
|
|
// save this string as a new temporary password
|
|
set_new_temporary_password(&temporary_password)?;
|
|
let domain = config_manager::get_peachcloud_domain()?;
|
|
|
|
// then send temporary password as a private ssb message to admin
|
|
let mut msg = format!(
|
|
"Your new temporary password is: {}
|
|
|
|
If you are on the same WiFi network as your PeachCloud device you can reset your password \
|
|
using this link: http://peach.local/reset_password",
|
|
temporary_password
|
|
);
|
|
// if there is an external domain, then include remote link in message
|
|
// otherwise dont include it
|
|
let remote_link = match domain {
|
|
Some(domain) => {
|
|
format!(
|
|
"\n\nOr if you are on a different WiFi network, you can reset your password \
|
|
using the the following link: {}/reset_password",
|
|
domain
|
|
)
|
|
}
|
|
None => "".to_string(),
|
|
};
|
|
msg += &remote_link;
|
|
// finally send the message to the admins
|
|
let peach_config = config_manager::load_peach_config()?;
|
|
for ssb_admin_id in peach_config.ssb_admin_ids {
|
|
sbot_client::private_message(&msg, &ssb_admin_id)?;
|
|
}
|
|
Ok(())
|
|
}
|