From: Bogdan Mart Date: Sat, 13 Mar 2021 18:19:55 +0000 (+0200) Subject: Merge remote-tracking branch 'origin/main' into 1462-jwt-revocation-on-pwd-change X-Git-Url: http://these/git/%22https:/join-lemmy.org/%22?a=commitdiff_plain;h=7b0a09e84ee911d2ed5a536e5724f09db4aa4e14;p=lemmy.git Merge remote-tracking branch 'origin/main' into 1462-jwt-revocation-on-pwd-change * origin/main: revert Compose file version from 3.3 to 2.2 Adding more mem limits bump memory limit of iframely Remove extra category_id s . Fixes #1429 Fixing wrong user_ and community icon and banner urls. Remove category from activitypub context Adding a password length check to other API actions. (#1474) Update test script Use URL type in most outstanding struct fields (#1468) Forbid usage of unwrap Upgrade Rust version Rewrite settings implementation. Fixes #1270 (#1433) Rename `lemmy_structs` to `lemmy_api_structs` # Conflicts: # crates/db_schema/src/source/user.rs --- 7b0a09e84ee911d2ed5a536e5724f09db4aa4e14 diff --cc crates/api/src/lib.rs index e1cc4451,d87375ca..2dbfb435 --- a/crates/api/src/lib.rs +++ b/crates/api/src/lib.rs @@@ -18,11 -27,16 +27,16 @@@ use lemmy_db_views_actor:: community_user_ban_view::CommunityUserBanView, community_view::CommunityView, }; - use lemmy_structs::{blocking, comment::*, community::*, post::*, site::*, user::*, websocket::*}; - use lemmy_utils::{claims::Claims, settings::Settings, ApiError, ConnectionId, LemmyError}; + use lemmy_utils::{ + claims::Claims, + settings::structs::Settings, + ApiError, + ConnectionId, + LemmyError, + }; use lemmy_websocket::{serialize_websocket_message, LemmyContext, UserOperation}; use serde::Deserialize; -use std::process::Command; +use std::{env, process::Command}; use url::Url; pub mod comment; @@@ -469,84 -465,18 +479,93 @@@ pub(crate) fn espeak_wav_base64(text: & Ok(base64) } + /// Checks the password length + pub(crate) fn password_length_check(pass: &str) -> Result<(), LemmyError> { + if pass.len() > 60 { + Err(ApiError::err("invalid_password").into()) + } else { + Ok(()) + } + } + #[cfg(test)] mod tests { - use crate::captcha_espeak_wav_base64; + use crate::{captcha_espeak_wav_base64, get_user_from_jwt}; + use lemmy_db_queries::{ + establish_pooled_connection, + source::user::User, + Crud, + ListingType, + SortType, + }; + use lemmy_db_schema::source::user::{UserForm, User_}; + use lemmy_utils::claims::Claims; + use std::{ + env::{current_dir, set_current_dir}, + path::PathBuf, + }; + + #[actix_rt::test] + async fn test_should_not_validate_user_token_after_password_change() { + struct CwdGuard(PathBuf); + impl Drop for CwdGuard { + fn drop(&mut self) { + let _ = set_current_dir(&self.0); + } + } + + let _dir_bkp = CwdGuard(current_dir().unwrap()); + + // so configs could be read + let _ = set_current_dir("../.."); + + let conn = establish_pooled_connection(); + + let new_user = UserForm { + name: "user_df342sgf".into(), + preferred_username: None, + password_encrypted: "nope".into(), + email: None, + matrix_user_id: None, + avatar: None, + banner: None, + admin: false, + banned: Some(false), + published: None, + updated: None, + show_nsfw: false, + theme: "browser".into(), + default_sort_type: SortType::Hot as i16, + default_listing_type: ListingType::Subscribed as i16, + lang: "browser".into(), + show_avatars: true, + send_notifications_to_email: false, + actor_id: None, + bio: None, + local: true, + private_key: None, + public_key: None, + last_refreshed_at: None, + inbox_url: None, + shared_inbox_url: None, + }; + + let inserted_user: User_ = User_::create(&conn.get().unwrap(), &new_user).unwrap(); + + let jwt_token = Claims::jwt(inserted_user.id, String::from("my-host.com")).unwrap(); + + get_user_from_jwt(&jwt_token, &conn) + .await + .expect("User should be decoded"); + + std::thread::sleep(std::time::Duration::from_secs(1)); + + User_::update_password(&conn.get().unwrap(), inserted_user.id, &"password111").unwrap(); + + let jwt_decode_res = get_user_from_jwt(&jwt_token, &conn).await; + + jwt_decode_res.expect_err("JWT decode should fail after password change"); + } #[test] fn test_espeak() { diff --cc crates/db_queries/src/lib.rs index ad3603c6,f19d3626..20b2fe76 --- a/crates/db_queries/src/lib.rs +++ b/crates/db_queries/src/lib.rs @@@ -235,36 -251,10 +251,37 @@@ pub fn establish_unpooled_connection() conn } +pub fn establish_pooled_connection( +) -> diesel::r2d2::Pool> { + use diesel::r2d2::{ConnectionManager, Pool}; + + // Set up the r2d2 connection pool + let db_url = match get_database_url_from_env() { + Ok(url) => url, + Err(e) => panic!( + "Failed to read database URL from env var LEMMY_DATABASE_URL: {}", + e + ), + }; + + let manager = ConnectionManager::::new(&db_url); + let pool = Pool::builder() + .max_size(1) + .build(manager) + .unwrap_or_else(|_| panic!("Error connecting to {}", db_url)); + + let conn = pool.get().unwrap(); + + // Run the migrations from code + embedded_migrations::run(&conn).unwrap(); + + pool +} + lazy_static! { static ref EMAIL_REGEX: Regex = - Regex::new(r"^[a-zA-Z0-9.!#$%&’*+/=?^_`{|}~-]+@[a-zA-Z0-9-]+(?:\.[a-zA-Z0-9-]+)*$").unwrap(); + Regex::new(r"^[a-zA-Z0-9.!#$%&’*+/=?^_`{|}~-]+@[a-zA-Z0-9-]+(?:\.[a-zA-Z0-9-]+)*$") + .expect("compile email regex"); } pub mod functions { diff --cc crates/db_schema/src/source/user.rs index 47c61c4f,f04b9a60..8539af2f --- a/crates/db_schema/src/source/user.rs +++ b/crates/db_schema/src/source/user.rs @@@ -31,11 -31,10 +31,11 @@@ pub struct User_ pub private_key: Option, pub public_key: Option, pub last_refreshed_at: chrono::NaiveDateTime, - pub banner: Option, + pub banner: Option, pub deleted: bool, - pub inbox_url: Url, - pub shared_inbox_url: Option, + pub inbox_url: DbUrl, + pub shared_inbox_url: Option, + pub validator_time: chrono::NaiveDateTime, } /// A safe representation of user, without the sensitive info @@@ -85,9 -84,8 +85,9 @@@ pub struct UserSafeSettings pub bio: Option, pub local: bool, pub last_refreshed_at: chrono::NaiveDateTime, - pub banner: Option, + pub banner: Option, pub deleted: bool, + pub validator_time: chrono::NaiveDateTime, } #[derive(Clone, Queryable, Identifiable, PartialEq, Debug, Serialize)]