2 use actix_web::web::Data;
4 use lemmy_api_common::{
6 person::{Login, LoginResponse},
7 utils::{check_registration_application, check_user_valid},
9 use lemmy_db_views::structs::{LocalUserView, SiteView};
13 utils::validation::check_totp_2fa_valid,
17 #[async_trait::async_trait(?Send)]
18 impl Perform for Login {
19 type Response = LoginResponse;
21 #[tracing::instrument(skip(context, _websocket_id))]
24 context: &Data<LemmyContext>,
25 _websocket_id: Option<ConnectionId>,
26 ) -> Result<LoginResponse, LemmyError> {
27 let data: &Login = self;
29 let site_view = SiteView::read_local(context.pool()).await?;
31 // Fetch that username / email
32 let username_or_email = data.username_or_email.clone();
33 let local_user_view = LocalUserView::find_by_email_or_name(context.pool(), &username_or_email)
35 .map_err(|e| LemmyError::from_error_message(e, "couldnt_find_that_username_or_email"))?;
37 // Verify the password
38 let valid: bool = verify(
40 &local_user_view.local_user.password_encrypted,
44 return Err(LemmyError::from_message("password_incorrect"));
47 local_user_view.person.banned,
48 local_user_view.person.ban_expires,
49 local_user_view.person.deleted,
52 if site_view.local_site.require_email_verification && !local_user_view.local_user.email_verified
54 return Err(LemmyError::from_message("email_not_verified"));
57 check_registration_application(&local_user_view, &site_view.local_site, context.pool()).await?;
61 &local_user_view.local_user.totp_2fa_secret,
64 &local_user_view.person.name,
71 local_user_view.local_user.id.0,
72 &context.secret().jwt_secret,
73 &context.settings().hostname,
77 verify_email_sent: false,
78 registration_created: false,